Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f389823e-c1d2-40fa-80b8-48e50d269a07.roa
File: f389823e-c1d2-40fa-80b8-48e50d269a07.roa (raw, json)
Hash identifier: dEqZpXV5SF2fMas7xxe8S24zjloWTQaE+rHeME2X7oA=
Subject key identifier: 30:32:22:2D:5C:60:6F:BF:0F:13:D8:DE:0C:79:14:CE:A0:E4:F5:E6
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 39BC7CECAEFCB8D39FE2FBA9C0C4DE437BE4838A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f389823e-c1d2-40fa-80b8-48e50d269a07.roa
Signing time: Mon 20 Oct 2025 01:21:30 +0000
ROA not before: Mon 20 Oct 2025 01:21:30 +0000
ROA not after: Mon 24 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.158.222.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:bc:7c:ec:ae:fc:b8:d3:9f:e2:fb:a9:c0:c4:de:43:7b:e4:83:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 20 01:21:30 2025 GMT
Not After : Nov 24 23:59:59 2025 GMT
Subject: serialNumber=c6c45fd43639624ab5c226c6f7b9330c0543f98b5be6878071a7b2f543cf0eee, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:70:97:61:31:a5:db:75:6f:9b:8f:0a:43:be:
6d:7c:12:a3:e7:d8:e5:5e:74:bb:f3:92:dc:40:f2:
2d:db:6b:48:a1:9f:0f:3b:e9:8b:ea:2a:c1:d0:b1:
b2:9b:a4:b4:4f:0a:27:2e:7d:a9:84:cb:12:b4:d8:
98:d1:91:96:99:6e:9b:7e:e8:39:26:84:23:aa:ef:
32:16:14:8e:90:1a:cc:dc:80:f9:51:07:42:c7:72:
a1:13:60:61:e3:02:78:46:4b:6b:27:b9:50:5a:12:
41:fb:a2:27:1d:0f:76:7c:40:ef:24:6a:7c:e7:a8:
5b:c4:ce:ad:c2:7f:c0:c8:35:cb:50:ba:2e:9f:e1:
eb:a4:e2:18:49:d2:aa:5c:e5:cd:89:99:09:45:ad:
64:1f:5e:ab:b1:e3:3b:f5:5c:80:5a:27:20:4e:cc:
91:57:56:ae:97:63:c5:f2:21:ad:af:d7:bd:11:cf:
0a:a9:9b:f0:a2:76:9e:2e:a3:77:30:63:4b:24:e5:
d2:06:3d:c3:d1:68:b6:d4:2a:ab:24:82:37:18:a5:
3e:14:dc:c3:49:dc:f8:c4:bc:d2:e6:90:e0:e0:81:
85:d0:ce:d7:94:16:48:e3:50:80:62:e7:d5:1e:66:
2b:2b:0b:5d:8c:a5:c0:31:66:ab:54:c3:c7:85:6f:
36:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:32:22:2D:5C:60:6F:BF:0F:13:D8:DE:0C:79:14:CE:A0:E4:F5:E6
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f389823e-c1d2-40fa-80b8-48e50d269a07.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.158.222.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:a6:ae:98:e0:84:ff:53:a0:46:3b:c7:48:d2:fa:a2:6f:98:
db:80:4b:d9:e2:de:69:0c:62:6b:8e:7d:7d:d8:f8:8f:3c:b2:
fd:be:41:e3:41:6f:17:9b:7d:79:98:82:7e:b6:27:55:39:f1:
f1:7c:74:d4:d9:ce:f6:af:c3:15:65:8e:1e:cf:7d:b3:fd:fa:
53:9b:a2:c8:ed:06:ae:88:50:30:c4:62:76:f0:21:45:31:9f:
00:8f:ac:c3:39:49:d2:1c:9a:b8:31:e5:0a:19:8b:87:eb:35:
86:a1:7c:45:b7:33:fa:47:7d:82:82:e4:3e:2f:c3:f6:8e:f3:
9b:58:20:02:4f:3c:68:46:e7:97:f0:70:fe:11:f0:b7:6a:be:
dc:21:7d:38:94:31:12:8f:51:fc:26:95:42:20:5e:b1:f7:f5:
5a:a5:77:70:eb:bd:dd:3a:25:a0:b3:6e:54:97:e3:a0:42:b3:
a4:b3:b5:e1:c4:ae:f0:1d:51:b8:f7:e2:be:90:9f:5d:58:39:
e3:54:72:bd:22:00:75:f7:77:5e:69:eb:ad:c2:32:35:a6:5c:
db:86:70:00:53:43:4a:30:cc:88:e9:f1:0e:cd:d3:8d:20:83:
40:1f:d2:00:b6:a7:9b:8e:cb:5d:c4:29:6f:b5:00:3b:1b:ab:
3f:03:67:49
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUObx87K78uNOf4vupwMTeQ3vkg4owDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIwMDEyMTMwWhcNMjUxMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BjNmM0NWZkNDM2Mzk2MjRhYjVjMjI2YzZmN2I5MzMwYzA1
NDNmOThiNWJlNjg3ODA3MWE3YjJmNTQzY2YwZWVlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDKcJdhMaXbdW+bjwpDvm18EqPn2OVedLvzktxA8i3ba0ih
nw876YvqKsHQsbKbpLRPCicufamEyxK02JjRkZaZbpt+6DkmhCOq7zIWFI6QGszc
gPlRB0LHcqETYGHjAnhGS2snuVBaEkH7oicdD3Z8QO8kanznqFvEzq3Cf8DINctQ
ui6f4euk4hhJ0qpc5c2JmQlFrWQfXqux4zv1XIBaJyBOzJFXVq6XY8XyIa2v170R
zwqpm/Cidp4uo3cwY0sk5dIGPcPRaLbUKqskgjcYpT4U3MNJ3PjEvNLmkODggYXQ
zteUFkjjUIBi59UeZisrC12MpcAxZqtUw8eFbzadAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUMDIiLVxgb78PE9jeDHkUzqDk9eYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2YzODk4MjNlLWMxZDItNDBmYS04MGI4LTQ4ZTUwZDI2OWEwNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABsnt4wDQYJKoZIhvcNAQELBQADggEBAMGmrpjghP9ToEY7x0jS+qJvmNuA
S9ni3mkMYmuOfX3Y+I88sv2+QeNBbxebfXmYgn62J1U58fF8dNTZzvavwxVljh7P
fbP9+lObosjtBq6IUDDEYnbwIUUxnwCPrMM5SdIcmrgx5QoZi4frNYahfEW3M/pH
fYKC5D4vw/aO85tYIAJPPGhG55fwcP4R8LdqvtwhfTiUMRKPUfwmlUIgXrH39Vql
d3Drvd06JaCzblSX46BCs6SzteHErvAdUbj34r6Qn11YOeNUcr0iAHX3d15p663C
MjWmXNuGcABTQ0owzIjp8Q7N040gg0Af0gC2p5uOy13EKW+1ADsbqz8DZ0k=
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:44:17 2025 by rpki-client