Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cba7e7b5-2391-47bb-8012-4c65721894b6.roa
File: cba7e7b5-2391-47bb-8012-4c65721894b6.roa (raw, json)
Hash identifier: K6RHWscCEaYiOwHyWHxwmyGyZIZ5EPs7JfeSlIXEV8g=
Subject key identifier: 87:35:5D:00:B8:16:40:55:59:4E:CD:5E:4A:63:6C:E4:06:07:D2:D3
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 32ADF36565DA8D7C805EF6F7CAF5B68214AC4E60
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cba7e7b5-2391-47bb-8012-4c65721894b6.roa
Signing time: Mon 20 Oct 2025 02:20:54 +0000
ROA not before: Mon 20 Oct 2025 02:20:54 +0000
ROA not after: Mon 24 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.159.32.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:ad:f3:65:65:da:8d:7c:80:5e:f6:f7:ca:f5:b6:82:14:ac:4e:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 20 02:20:54 2025 GMT
Not After : Nov 24 23:59:59 2025 GMT
Subject: serialNumber=a3c003edcfe41924a156e43059e1c65699762d8c54f96e6a09aeddf14d563d42, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:32:f3:a5:b7:db:7a:6b:b4:fd:ea:f8:28:2b:
54:36:37:34:9b:de:a7:5b:28:10:e4:53:48:db:4f:
db:f9:66:0b:27:4c:22:44:8d:9e:8e:a2:59:43:14:
7b:25:b9:bf:d3:14:0d:2d:dc:02:6f:f8:8d:dd:03:
78:58:d1:c6:74:e3:aa:90:48:40:11:64:88:60:29:
13:3e:60:54:62:58:1a:f6:9c:6a:76:b3:c0:cd:7f:
10:30:ba:be:3b:ea:a0:cf:15:71:5f:54:e9:36:1c:
c3:55:b0:ea:c8:67:89:f9:83:ac:c4:dd:99:6f:67:
dd:06:48:9a:e6:b3:e1:9b:f3:66:fa:08:b1:42:9f:
44:48:24:ea:ae:5b:b8:c2:23:5c:04:c0:bc:f1:d8:
0a:6c:e3:6e:eb:b5:e5:72:e3:22:17:f5:d3:94:83:
00:3a:48:b5:05:39:35:df:44:af:32:55:9e:99:e4:
05:4a:df:f6:9c:c5:53:a8:5a:9b:f4:5b:3f:28:e4:
59:9b:04:1c:32:d6:65:07:49:6a:ed:4d:2a:6f:8b:
d0:51:bc:1b:29:37:98:19:65:fc:3d:12:85:8a:53:
15:32:a9:96:ed:39:8d:ba:1c:21:9c:01:62:7d:83:
b5:af:cf:ef:ad:da:64:d6:00:26:07:2a:37:3e:36:
54:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:35:5D:00:B8:16:40:55:59:4E:CD:5E:4A:63:6C:E4:06:07:D2:D3
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cba7e7b5-2391-47bb-8012-4c65721894b6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.159.32.0/23
Signature Algorithm: sha256WithRSAEncryption
34:38:7d:79:eb:35:f6:0f:a5:09:60:88:9c:4c:55:2d:90:43:
f7:7d:4e:de:ea:14:10:2e:ce:e8:51:9a:6f:22:cb:b7:8f:05:
85:50:67:99:fd:50:4c:7e:bc:93:00:88:ac:9e:05:62:21:e2:
55:e2:e3:81:c8:d3:13:33:6d:b7:e7:f6:cf:55:38:63:e5:0e:
c4:4f:6b:5e:41:b4:97:9e:4f:5f:68:b4:0d:f5:3f:2a:aa:d0:
60:87:76:cd:ca:3d:30:4b:62:8a:42:e9:99:ee:06:6e:d9:55:
b5:47:73:d0:cc:a2:5c:2a:4e:cf:4b:ca:a8:44:25:ae:b6:51:
6b:22:12:96:c4:62:08:54:c0:05:f4:2a:c5:8e:60:84:cf:a4:
4c:f3:c8:47:3b:ec:68:da:16:76:be:5c:46:8d:e8:e6:17:0b:
4c:8c:ac:34:18:42:7d:5b:f9:fb:3b:8f:8a:7c:a7:0c:4f:72:
d4:9e:04:3b:c8:d8:35:9c:4a:26:91:ed:68:39:2c:89:38:8b:
e5:c2:b9:42:42:04:e5:12:83:43:48:03:30:f3:42:95:93:5d:
89:37:1b:21:b5:ea:ea:d0:35:23:72:19:e2:66:26:a5:64:e6:
25:e5:69:b0:0e:1a:e1:9a:ad:f8:fa:62:dc:2d:6d:f5:c8:c4:
e3:d3:bc:ce
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMq3zZWXajXyAXvb3yvW2ghSsTmAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIwMDIyMDU0WhcNMjUxMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BhM2MwMDNlZGNmZTQxOTI0YTE1NmU0MzA1OWUxYzY1Njk5
NzYyZDhjNTRmOTZlNmEwOWFlZGRmMTRkNTYzZDQyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7MvOlt9t6a7T96vgoK1Q2NzSb3qdbKBDkU0jbT9v5Zgsn
TCJEjZ6OollDFHslub/TFA0t3AJv+I3dA3hY0cZ046qQSEARZIhgKRM+YFRiWBr2
nGp2s8DNfxAwur476qDPFXFfVOk2HMNVsOrIZ4n5g6zE3ZlvZ90GSJrms+Gb82b6
CLFCn0RIJOquW7jCI1wEwLzx2Aps427rteVy4yIX9dOUgwA6SLUFOTXfRK8yVZ6Z
5AVK3/acxVOoWpv0Wz8o5FmbBBwy1mUHSWrtTSpvi9BRvBspN5gZZfw9EoWKUxUy
qZbtOY26HCGcAWJ9g7Wvz++t2mTWACYHKjc+NlQBAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUhzVdALgWQFVZTs1eSmNs5AYH0tMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NiYTdlN2I1LTIzOTEtNDdiYi04MDEyLTRjNjU3MjE4OTRiNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFsnyAwDQYJKoZIhvcNAQELBQADggEBADQ4fXnrNfYPpQlgiJxMVS2QQ/d9
Tt7qFBAuzuhRmm8iy7ePBYVQZ5n9UEx+vJMAiKyeBWIh4lXi44HI0xMzbbfn9s9V
OGPlDsRPa15BtJeeT19otA31Pyqq0GCHds3KPTBLYopC6ZnuBm7ZVbVHc9DMolwq
Ts9LyqhEJa62UWsiEpbEYghUwAX0KsWOYITPpEzzyEc77GjaFna+XEaN6OYXC0yM
rDQYQn1b+fs7j4p8pwxPctSeBDvI2DWcSiaR7Wg5LIk4i+XCuUJCBOUSg0NIAzDz
QpWTXYk3GyG16urQNSNyGeJmJqVk5iXlabAOGuGarfj6YtwtbfXIxOPTvM4=
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:11:02 2025 by rpki-client