Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ee1908fc-be35-4919-b1cd-c5942b4062f8.roa
File: ee1908fc-be35-4919-b1cd-c5942b4062f8.roa (raw, json)
Hash identifier: u/1xB5AE0Trz6gcm6+x2ltsnK9XoaQehIc1R433Z0JE=
Subject key identifier: 8B:58:3A:6D:F0:59:2D:D1:A1:EC:FE:4D:40:B4:69:A0:AD:DF:03:D3
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 2590F9664D6259AFD5CC63B1573ED4CF86479A59
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ee1908fc-be35-4919-b1cd-c5942b4062f8.roa
Signing time: Mon 20 Oct 2025 02:02:06 +0000
ROA not before: Mon 20 Oct 2025 02:02:06 +0000
ROA not after: Mon 24 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.159.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:90:f9:66:4d:62:59:af:d5:cc:63:b1:57:3e:d4:cf:86:47:9a:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 20 02:02:06 2025 GMT
Not After : Nov 24 23:59:59 2025 GMT
Subject: serialNumber=9e5a3d53781328ed5fd0e2bba64f65bef5763d9c322d051ecc5105bd1a8a2625, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:48:9b:5c:d3:37:43:a9:5c:df:7e:78:f0:99:
10:fe:2c:09:11:1b:9e:34:1d:51:b9:df:78:07:d6:
ad:1a:9d:ab:f9:a9:a6:8f:5f:72:11:00:4f:a0:4e:
c0:7e:b5:0d:8b:03:90:9e:22:8b:f9:b4:3e:71:04:
60:b9:99:42:58:69:18:6d:b3:bf:f2:ba:bf:f7:bb:
80:57:91:33:5d:61:b6:c4:d0:f0:73:55:ca:0d:8e:
2f:45:97:1c:33:0c:0b:f4:5c:14:8e:34:9e:df:d5:
05:03:3c:e6:04:b2:d8:d2:42:ab:b4:b2:20:af:71:
c2:42:4a:45:42:ef:0d:16:50:b2:a4:1b:70:2c:21:
f1:2d:76:97:6f:79:04:6b:20:f9:c6:c8:b4:0d:17:
6e:ad:49:53:9b:69:51:0e:a3:66:b0:cf:2b:0e:7c:
c2:5e:cc:23:8b:09:a2:7f:5b:6a:ad:dd:18:5a:59:
3d:41:37:d4:1d:6b:98:ad:7e:f4:df:7e:8c:39:49:
43:17:94:1b:93:da:13:6d:fc:be:ce:f2:ac:a3:c6:
1f:98:79:af:45:d2:87:a9:14:18:ab:e5:09:4f:2e:
95:05:4e:fc:6b:b8:ee:41:be:86:66:d9:f2:c5:70:
2a:01:36:06:56:35:2a:ba:6d:0d:88:88:6a:42:f4:
97:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:58:3A:6D:F0:59:2D:D1:A1:EC:FE:4D:40:B4:69:A0:AD:DF:03:D3
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ee1908fc-be35-4919-b1cd-c5942b4062f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.159.120.0/24
Signature Algorithm: sha256WithRSAEncryption
39:26:7a:40:6c:bf:cb:ed:76:21:27:de:59:38:69:86:30:95:
31:2c:ad:8a:07:e2:99:88:e7:5d:6a:f0:4a:e4:e1:f3:ba:fe:
bd:d9:20:9e:01:6a:a4:c2:b0:96:1b:10:35:d3:7e:58:3a:be:
b4:ed:d6:36:66:9f:18:01:95:b8:e7:01:45:f4:4b:29:6a:ba:
e6:49:15:b5:6c:76:b0:20:ff:64:97:ab:70:8c:09:8c:07:91:
a6:21:6c:7c:fa:2a:ce:3b:66:4e:c1:ec:92:6d:56:06:91:47:
64:b6:31:13:8e:9a:16:a6:df:92:72:54:0a:31:38:0f:da:86:
63:8d:d2:8c:c6:6f:4b:a7:9e:59:a3:1f:89:f5:2d:44:2d:16:
e9:4a:7d:15:1d:8b:69:30:73:72:c1:3d:9c:e4:bf:32:e5:d9:
ef:a4:c3:0f:4b:c2:15:2c:4f:85:e0:24:0d:5e:49:2c:30:b7:
bf:37:6d:ea:de:ed:fe:c1:f0:08:84:4d:ca:ea:58:fb:1e:e2:
87:54:4f:6d:ad:14:b1:4a:a7:61:38:3a:2e:a5:39:aa:06:80:
d5:a2:91:55:5f:cc:09:19:40:47:70:de:00:50:74:f9:a8:07:
49:59:20:72:59:f7:4f:bb:8b:d3:17:5c:e9:c9:09:bb:2b:70:
db:1b:a1:da
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJZD5Zk1iWa/VzGOxVz7Uz4ZHmlkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIwMDIwMjA2WhcNMjUxMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZTVhM2Q1Mzc4MTMyOGVkNWZkMGUyYmJhNjRmNjViZWY1
NzYzZDljMzIyZDA1MWVjYzUxMDViZDFhOGEyNjI1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDASJtc0zdDqVzffnjwmRD+LAkRG540HVG533gH1q0anav5
qaaPX3IRAE+gTsB+tQ2LA5CeIov5tD5xBGC5mUJYaRhts7/yur/3u4BXkTNdYbbE
0PBzVcoNji9FlxwzDAv0XBSONJ7f1QUDPOYEstjSQqu0siCvccJCSkVC7w0WULKk
G3AsIfEtdpdveQRrIPnGyLQNF26tSVObaVEOo2awzysOfMJezCOLCaJ/W2qt3Rha
WT1BN9Qda5itfvTffow5SUMXlBuT2hNt/L7O8qyjxh+Yea9F0oepFBir5QlPLpUF
TvxruO5BvoZm2fLFcCoBNgZWNSq6bQ2IiGpC9Jd9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUi1g6bfBZLdGh7P5NQLRpoK3fA9MwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2VlMTkwOGZjLWJlMzUtNDkxOS1iMWNkLWM1OTQyYjQwNjJmOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABsn3gwDQYJKoZIhvcNAQELBQADggEBADkmekBsv8vtdiEn3lk4aYYwlTEs
rYoH4pmI511q8Erk4fO6/r3ZIJ4BaqTCsJYbEDXTflg6vrTt1jZmnxgBlbjnAUX0
SylquuZJFbVsdrAg/2SXq3CMCYwHkaYhbHz6Ks47Zk7B7JJtVgaRR2S2MROOmham
35JyVAoxOA/ahmON0ozGb0unnlmjH4n1LUQtFulKfRUdi2kwc3LBPZzkvzLl2e+k
ww9LwhUsT4XgJA1eSSwwt783bere7f7B8AiETcrqWPse4odUT22tFLFKp2E4Oi6l
OaoGgNWikVVfzAkZQEdw3gBQdPmoB0lZIHJZ90+7i9MXXOnJCbsrcNsbodo=
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:11:18 2025 by rpki-client