Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ed0f0988-397d-403e-a990-a9011b692f27.roa
File: ed0f0988-397d-403e-a990-a9011b692f27.roa (raw, json)
Hash identifier: YXA+BCW1cxPuKO6aX4Ttlb/sAehYwcuqYtzuf21ITpg=
Subject key identifier: FA:A5:7C:AA:3D:FD:9E:8A:32:9D:5D:55:26:C6:8C:2E:BF:65:3D:69
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 66D8C082A2B567411B7EBF7E2E6AB8A829C94AC5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ed0f0988-397d-403e-a990-a9011b692f27.roa
Signing time: Mon 20 Oct 2025 00:01:38 +0000
ROA not before: Mon 20 Oct 2025 00:01:38 +0000
ROA not after: Mon 24 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.157.136.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:d8:c0:82:a2:b5:67:41:1b:7e:bf:7e:2e:6a:b8:a8:29:c9:4a:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 20 00:01:38 2025 GMT
Not After : Nov 24 23:59:59 2025 GMT
Subject: serialNumber=bdba8ee489031ec506fea87f840cda2819c30849e536025ff2fa0a5f8851b84a, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:9b:b2:79:86:37:5f:a4:99:58:7d:ff:dc:51:
5b:ae:3a:46:7b:f4:4f:d7:d2:19:ff:39:e8:b6:68:
83:da:27:ad:6d:01:c7:e8:33:93:ad:61:ae:34:b5:
67:f1:54:41:aa:a8:18:0e:f2:02:f8:03:c6:32:42:
c6:26:ea:9b:cf:18:4d:7f:9a:bf:56:ca:7e:30:86:
d4:18:36:5a:b7:00:d2:7e:35:a6:1e:31:18:0d:46:
3e:02:16:1a:23:bb:d7:ff:04:3d:ca:92:ab:f6:fd:
dc:c0:60:61:82:35:2c:d8:09:1a:8a:ab:d9:0c:f2:
b2:b9:70:1d:b0:ed:bf:60:fd:d6:e4:bf:d2:ab:4c:
8f:a4:92:18:01:fa:b1:b5:1d:80:f0:ae:7c:1e:1a:
83:92:33:85:00:a9:f6:ba:5f:7b:b1:83:21:fc:7a:
7c:cb:f3:a9:72:c4:ad:d2:ca:1f:e1:9a:06:40:1b:
04:80:42:3e:9c:29:54:7f:e1:96:5f:a6:84:dc:df:
43:d3:55:20:a5:b3:46:8f:d7:55:39:78:69:6c:6c:
bb:9c:11:9e:88:e7:a4:56:05:e1:17:7d:eb:34:0d:
0e:cc:74:37:82:27:2a:cb:46:87:6b:a4:eb:e3:6a:
74:8e:bd:ae:8a:29:a6:3b:d7:a2:b4:7e:1d:29:70:
19:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:A5:7C:AA:3D:FD:9E:8A:32:9D:5D:55:26:C6:8C:2E:BF:65:3D:69
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ed0f0988-397d-403e-a990-a9011b692f27.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.157.136.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:f2:9a:b8:7d:43:d0:98:7c:12:c4:94:ce:a5:ce:3b:9b:e2:
49:dc:e6:88:30:47:fd:07:49:2a:4c:4e:ed:b6:09:36:aa:7d:
1d:0a:a2:b5:64:94:a7:56:2e:62:14:8f:8c:c5:c7:fd:f0:2e:
69:a8:8d:1b:1c:3b:56:0e:d6:8c:89:5c:4b:7f:4e:a6:ce:68:
3d:6b:9a:c1:35:93:04:59:08:0c:57:1d:d7:79:a2:ed:d0:c8:
0c:34:f2:93:cf:30:d9:47:e2:9c:10:df:b4:05:51:0c:7c:95:
4b:68:18:05:10:e0:94:fb:a0:8c:e6:73:a2:41:68:b5:f3:b1:
c5:e9:14:15:e4:a0:a2:59:8d:bf:8a:aa:32:35:fe:53:c8:8b:
cd:0a:a1:2b:99:61:89:4a:70:7a:e5:f7:ad:1d:3a:79:16:37:
b5:81:94:1a:2d:11:a5:df:cf:6a:fd:37:4c:1c:81:f9:20:ac:
2a:2b:69:43:44:99:bb:99:c0:43:b3:57:bf:f2:28:ac:f0:ca:
d4:71:f7:87:6a:7e:c6:41:14:b3:dc:e5:d2:f0:ef:87:e1:7a:
06:3d:ca:69:14:37:cb:f9:31:cc:e0:63:a3:89:a5:d1:36:09:
c4:6c:43:47:9c:87:44:af:14:0c:9b:04:be:bc:55:64:37:96:
34:12:46:a9
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUZtjAgqK1Z0Ebfr9+Lmq4qCnJSsUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIwMDAwMTM4WhcNMjUxMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BiZGJhOGVlNDg5MDMxZWM1MDZmZWE4N2Y4NDBjZGEyODE5
YzMwODQ5ZTUzNjAyNWZmMmZhMGE1Zjg4NTFiODRhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFm7J5hjdfpJlYff/cUVuuOkZ79E/X0hn/Oei2aIPaJ61t
AcfoM5OtYa40tWfxVEGqqBgO8gL4A8YyQsYm6pvPGE1/mr9Wyn4whtQYNlq3ANJ+
NaYeMRgNRj4CFhoju9f/BD3Kkqv2/dzAYGGCNSzYCRqKq9kM8rK5cB2w7b9g/dbk
v9KrTI+kkhgB+rG1HYDwrnweGoOSM4UAqfa6X3uxgyH8enzL86lyxK3Syh/hmgZA
GwSAQj6cKVR/4ZZfpoTc30PTVSCls0aP11U5eGlsbLucEZ6I56RWBeEXfes0DQ7M
dDeCJyrLRodrpOvjanSOva6KKaY716K0fh0pcBmVAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU+qV8qj39nooynV1VJsaMLr9lPWkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2VkMGYwOTg4LTM5N2QtNDAzZS1hOTkwLWE5MDExYjY5MmYyNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJsnYgwDQYJKoZIhvcNAQELBQADggEBAJvymrh9Q9CYfBLElM6lzjub4knc
5ogwR/0HSSpMTu22CTaqfR0KorVklKdWLmIUj4zFx/3wLmmojRscO1YO1oyJXEt/
TqbOaD1rmsE1kwRZCAxXHdd5ou3QyAw08pPPMNlH4pwQ37QFUQx8lUtoGAUQ4JT7
oIzmc6JBaLXzscXpFBXkoKJZjb+KqjI1/lPIi80KoSuZYYlKcHrl960dOnkWN7WB
lBotEaXfz2r9N0wcgfkgrCoraUNEmbuZwEOzV7/yKKzwytRx94dqfsZBFLPc5dLw
74fhegY9ymkUN8v5MczgY6OJpdE2CcRsQ0ech0SvFAybBL68VWQ3ljQSRqk=
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:05:35 2025 by rpki-client