Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b5e54a86-ed38-4b92-882c-c19087637bc3.roa
File: b5e54a86-ed38-4b92-882c-c19087637bc3.roa (raw, json)
Hash identifier: WZy+qZgryIUlHPlNKYnmhOTj9pCwpVq3x4Le19uUgXs=
Subject key identifier: CB:E7:04:B2:B5:B7:7E:AA:CB:1E:38:43:32:E3:E9:31:0C:54:34:FC
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 5DAC1A17A4008024BBE034BC57ED4DA928513555
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b5e54a86-ed38-4b92-882c-c19087637bc3.roa
Signing time: Mon 29 Sep 2025 15:01:59 +0000
ROA not before: Mon 29 Sep 2025 15:01:59 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 104.153.112.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:ac:1a:17:a4:00:80:24:bb:e0:34:bc:57:ed:4d:a9:28:51:35:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Sep 29 15:01:59 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=2751244e89bede5de2fee25f66dfa8d85d5da9e7c2ae4f64c4fc609212edec24, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:3a:f7:85:23:66:d1:12:69:d0:cd:59:e7:b5:
cb:5a:cf:0b:32:94:eb:50:5d:1a:3e:a0:fa:9b:13:
a1:4a:f2:21:46:48:45:4e:6b:9a:46:fe:de:40:bb:
44:9e:65:26:85:cb:20:dd:d5:4d:bf:ae:ac:0e:be:
c5:30:c1:53:73:58:6b:25:98:ba:aa:2f:46:06:0e:
0a:d7:18:18:0d:57:89:b8:f9:ee:38:15:ad:41:65:
5b:97:e2:77:3e:2f:7a:df:12:31:60:cb:d1:5b:bc:
14:c7:7f:56:17:fa:97:ef:5d:e2:e8:ca:6f:39:9e:
a7:bd:70:51:8f:d0:b2:fd:2f:94:14:69:6f:cd:e2:
2d:f5:86:d3:02:5f:44:8b:89:f8:71:da:0e:be:b9:
96:86:d9:2c:66:ba:5d:e3:7c:42:48:76:93:81:20:
bb:ed:59:cf:8b:3d:de:b9:c7:cb:fd:2e:b3:7c:49:
d1:83:6e:a4:b0:c7:c2:67:ac:d3:bf:3b:58:d4:95:
6a:f1:69:0d:2f:af:ed:78:02:54:7f:22:06:d6:4c:
fa:c4:86:e6:66:1e:02:af:a5:71:c3:6a:29:bd:20:
33:24:96:e2:a3:52:86:45:35:fc:84:ba:bc:5b:5d:
84:40:de:ba:5a:35:e9:40:6d:44:7d:35:92:bb:f5:
33:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:E7:04:B2:B5:B7:7E:AA:CB:1E:38:43:32:E3:E9:31:0C:54:34:FC
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b5e54a86-ed38-4b92-882c-c19087637bc3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.153.112.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:ca:c2:f0:65:e7:25:29:0a:8a:84:85:5a:d3:e6:ab:87:5d:
84:b9:57:61:fd:d3:77:cc:44:ed:ca:7c:f1:9f:c8:f2:12:0d:
5a:54:21:c2:93:9b:08:f8:f4:c9:6e:84:2e:90:7a:e2:60:da:
11:a5:f3:b7:db:05:eb:5c:46:6c:bb:1d:ac:f7:9a:47:19:73:
a8:f6:f8:b1:cd:25:bf:22:aa:34:88:ce:a6:95:bc:8a:4b:d1:
11:bd:1a:4a:de:a8:6d:57:33:02:52:99:4a:95:95:0b:6f:63:
c5:94:d9:fb:14:5d:81:9a:4f:b6:b5:d5:84:47:f4:c0:19:6d:
57:54:c5:87:65:14:e7:26:ad:c2:ae:64:44:4f:8a:52:ab:fa:
7c:33:f6:ba:4f:2a:32:5c:c1:97:c8:3a:4e:d4:15:a5:88:d0:
3a:ca:c1:2a:b3:b5:44:ba:18:ee:97:f3:b8:6d:2d:eb:69:05:
ee:57:b1:f5:10:44:02:fd:13:c2:d7:6f:8f:37:5a:1a:71:ee:
b2:fc:2d:bc:5a:96:3d:c5:14:2f:80:86:a1:e7:37:16:e7:7a:
b7:68:64:88:09:3a:f8:a6:82:d2:22:36:2b:b1:b4:6f:f5:8f:
25:76:76:3d:36:c2:98:b2:57:8e:45:b6:ed:dd:5d:ec:4b:fe:
12:5c:2a:69
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXawaF6QAgCS74DS8V+1NqShRNVUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI5MTUwMTU5WhcNMjUxMTAzMjM1OTU5
WjB6MUkwRwYDVQQFE0AyNzUxMjQ0ZTg5YmVkZTVkZTJmZWUyNWY2NmRmYThkODVk
NWRhOWU3YzJhZTRmNjRjNGZjNjA5MjEyZWRlYzI0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDvOveFI2bREmnQzVnntctazwsylOtQXRo+oPqbE6FK8iFG
SEVOa5pG/t5Au0SeZSaFyyDd1U2/rqwOvsUwwVNzWGslmLqqL0YGDgrXGBgNV4m4
+e44Fa1BZVuX4nc+L3rfEjFgy9FbvBTHf1YX+pfvXeLoym85nqe9cFGP0LL9L5QU
aW/N4i31htMCX0SLifhx2g6+uZaG2Sxmul3jfEJIdpOBILvtWc+LPd65x8v9LrN8
SdGDbqSwx8JnrNO/O1jUlWrxaQ0vr+14AlR/IgbWTPrEhuZmHgKvpXHDaim9IDMk
luKjUoZFNfyEurxbXYRA3rpaNelAbUR9NZK79TO1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUy+cEsrW3fqrLHjhDMuPpMQxUNPwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I1ZTU0YTg2LWVkMzgtNGI5Mi04ODJjLWMxOTA4NzYzN2JjMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABomXAwDQYJKoZIhvcNAQELBQADggEBANTKwvBl5yUpCoqEhVrT5quHXYS5
V2H903fMRO3KfPGfyPISDVpUIcKTmwj49MluhC6QeuJg2hGl87fbBetcRmy7Haz3
mkcZc6j2+LHNJb8iqjSIzqaVvIpL0RG9GkreqG1XMwJSmUqVlQtvY8WU2fsUXYGa
T7a11YRH9MAZbVdUxYdlFOcmrcKuZERPilKr+nwz9rpPKjJcwZfIOk7UFaWI0DrK
wSqztUS6GO6X87htLetpBe5XsfUQRAL9E8LXb483Whpx7rL8Lbxalj3FFC+AhqHn
NxbnerdoZIgJOvimgtIiNiuxtG/1jyV2dj02wpiyV45Ftu3dXexL/hJcKmk=
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:44:11 2025 by rpki-client