Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dd356d95-76f0-42c1-8ab4-452983364d14.roa
File: dd356d95-76f0-42c1-8ab4-452983364d14.roa (raw, json)
Hash identifier: CKtW9JSOEKK4PWMzX5b3oc5PIqd48BlHN9NvdHyTx1M=
Subject key identifier: 38:E1:E3:5B:2F:E2:D7:B0:C9:25:08:F4:34:68:D7:91:57:09:0B:D4
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 536E640493D7A9D91DFFA6C9254855AE67AB84D2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dd356d95-76f0-42c1-8ab4-452983364d14.roa
Signing time: Mon 20 Oct 2025 05:11:33 +0000
ROA not before: Mon 20 Oct 2025 05:11:33 +0000
ROA not after: Mon 24 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.159.20.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:6e:64:04:93:d7:a9:d9:1d:ff:a6:c9:25:48:55:ae:67:ab:84:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 20 05:11:33 2025 GMT
Not After : Nov 24 23:59:59 2025 GMT
Subject: serialNumber=d7eecf78ce1b32d63732caae8c857b8e22f49a8ece68f2e2fadb3ff57cc11c98, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:91:96:31:8c:c4:8a:b4:51:76:2d:26:26:cb:
bb:ab:04:24:30:f9:c8:7a:79:f6:1b:30:5f:56:69:
05:0a:82:f0:83:f5:19:e0:7b:4b:43:48:6a:47:16:
8e:a6:2b:a0:ef:e4:69:44:ac:19:7e:e3:a3:a6:1e:
2b:99:92:6c:be:a6:e6:2e:0a:ab:11:1f:72:86:f2:
a6:5e:c8:8d:1d:21:9c:2c:54:a7:0c:81:4f:e8:a2:
ea:15:b1:f2:b1:93:89:87:27:0d:e7:96:fe:49:06:
45:77:e4:5d:99:d4:4c:39:7f:04:ed:b3:9f:a3:1f:
e5:cb:44:82:43:98:89:69:72:f9:23:bc:4e:0b:de:
05:51:a1:bd:86:ff:08:1e:5b:da:e8:53:0b:91:e0:
ee:63:52:41:7a:a6:03:b3:8b:91:c7:ea:d3:4c:48:
c3:f2:66:21:98:f9:8e:82:d2:e1:a5:82:92:20:08:
06:f5:7c:b7:e4:31:17:f1:22:a0:dc:f7:6b:a9:c3:
8a:17:21:97:86:a8:f6:4f:07:3b:56:36:ba:73:cf:
06:df:89:e2:96:60:60:d6:21:10:ba:ca:53:9a:17:
16:02:7f:a7:32:1a:53:5b:8c:1b:70:86:41:a0:69:
03:0a:e7:68:50:a9:1d:ba:8d:d0:e0:18:e5:8a:63:
ee:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:E1:E3:5B:2F:E2:D7:B0:C9:25:08:F4:34:68:D7:91:57:09:0B:D4
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dd356d95-76f0-42c1-8ab4-452983364d14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.159.20.0/22
Signature Algorithm: sha256WithRSAEncryption
30:15:6f:1d:b7:9f:9d:25:fe:55:fa:50:ff:f2:8c:84:f4:bf:
55:d5:2e:13:98:2d:a4:97:34:42:7b:c5:a7:c8:dd:07:4a:42:
63:6a:45:62:64:a4:45:f9:89:a5:19:8b:64:d2:24:81:96:a3:
f4:8e:9b:6a:21:17:21:6b:65:bd:8e:50:03:18:5d:ab:72:56:
eb:53:99:c1:b6:26:6d:0c:06:b0:25:f8:0a:d7:87:84:a6:5c:
e5:96:78:2e:9d:7d:ad:93:78:de:a4:f5:e2:bb:91:23:88:80:
48:e9:94:e4:0a:b6:a1:36:a7:15:81:f8:3c:e4:dc:e7:a0:00:
91:96:b4:0c:f3:f6:a3:ba:2c:a7:31:d7:93:f4:43:69:76:2f:
1b:69:1d:4e:61:1c:29:fa:76:23:a5:d5:e5:49:41:14:bb:d9:
33:db:99:c3:f5:05:88:41:7d:7a:4e:47:cb:48:00:5f:36:8a:
c9:fa:bd:91:66:ca:ed:42:da:ce:c7:37:4e:20:d2:44:6d:eb:
38:ec:4d:4d:2b:51:9a:90:f6:15:19:5f:cf:29:f6:38:02:23:
c5:fa:2d:a1:cc:eb:d6:91:6a:b6:d4:70:0d:ab:65:29:49:84:
7f:d2:6d:e7:9e:8f:7a:e8:66:b5:4e:f8:78:3b:3e:32:7f:fb:
f5:fe:d3:bb
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUU25kBJPXqdkd/6bJJUhVrmerhNIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIwMDUxMTMzWhcNMjUxMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BkN2VlY2Y3OGNlMWIzMmQ2MzczMmNhYWU4Yzg1N2I4ZTIy
ZjQ5YThlY2U2OGYyZTJmYWRiM2ZmNTdjYzExYzk4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCfkZYxjMSKtFF2LSYmy7urBCQw+ch6efYbMF9WaQUKgvCD
9Rnge0tDSGpHFo6mK6Dv5GlErBl+46OmHiuZkmy+puYuCqsRH3KG8qZeyI0dIZws
VKcMgU/oouoVsfKxk4mHJw3nlv5JBkV35F2Z1Ew5fwTts5+jH+XLRIJDmIlpcvkj
vE4L3gVRob2G/wgeW9roUwuR4O5jUkF6pgOzi5HH6tNMSMPyZiGY+Y6C0uGlgpIg
CAb1fLfkMRfxIqDc92upw4oXIZeGqPZPBztWNrpzzwbfieKWYGDWIRC6ylOaFxYC
f6cyGlNbjBtwhkGgaQMK52hQqR26jdDgGOWKY+4BAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUOOHjWy/i17DJJQj0NGjXkVcJC9QwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2RkMzU2ZDk1LTc2ZjAtNDJjMS04YWI0LTQ1Mjk4MzM2NGQxNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJsnxQwDQYJKoZIhvcNAQELBQADggEBADAVbx23n50l/lX6UP/yjIT0v1XV
LhOYLaSXNEJ7xafI3QdKQmNqRWJkpEX5iaUZi2TSJIGWo/SOm2ohFyFrZb2OUAMY
XatyVutTmcG2Jm0MBrAl+ArXh4SmXOWWeC6dfa2TeN6k9eK7kSOIgEjplOQKtqE2
pxWB+Dzk3OegAJGWtAzz9qO6LKcx15P0Q2l2LxtpHU5hHCn6diOl1eVJQRS72TPb
mcP1BYhBfXpOR8tIAF82isn6vZFmyu1C2s7HN04g0kRt6zjsTU0rUZqQ9hUZX88p
9jgCI8X6LaHM69aRarbUcA2rZSlJhH/Sbeeej3roZrVO+Hg7PjJ/+/X+07s=
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:48:51 2025 by rpki-client