Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f7cca801-f770-42df-a946-fbb8bdc24aea.roa
File: f7cca801-f770-42df-a946-fbb8bdc24aea.roa (raw, json)
Hash identifier: NVUaUV8+HU6QZKMa09G9/Otlah72XNTV2VUul4NbL+U=
Subject key identifier: 72:40:84:1C:F6:04:42:D5:F0:6D:EE:EA:DD:E6:87:60:CD:B9:9E:AF
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 5E94663763A18381740BBD976391A2665D0E02A0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f7cca801-f770-42df-a946-fbb8bdc24aea.roa
Signing time: Sun 19 Oct 2025 01:40:04 +0000
ROA not before: Sun 19 Oct 2025 01:40:04 +0000
ROA not after: Sun 23 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.138.241.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:94:66:37:63:a1:83:81:74:0b:bd:97:63:91:a2:66:5d:0e:02:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 19 01:40:04 2025 GMT
Not After : Nov 23 23:59:59 2025 GMT
Subject: serialNumber=d3a93c8662354780c0cc6b350f9cf9f3ffcdab460bd3051e6e8dcb705919d669, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:99:11:df:91:63:10:25:b1:ec:68:b8:06:27:
6f:07:e9:07:47:e8:c3:d2:ad:71:78:f5:a5:f8:29:
21:4b:ce:50:44:e5:5d:ec:4f:4b:5e:78:29:e6:02:
d1:c5:57:b5:87:a3:1a:17:f4:d0:12:56:f4:82:14:
7e:ee:9e:ea:58:38:7e:74:07:65:8d:ab:e7:6e:67:
e2:c3:3e:bd:75:10:c8:78:49:c4:e3:9d:f7:73:96:
cb:d7:e2:f9:5b:c0:08:48:80:ec:ba:7c:da:b1:aa:
d1:0f:55:a8:1f:43:20:f7:34:d6:57:1c:a0:43:78:
61:ea:5d:21:b8:5c:85:29:a1:8a:bd:29:4b:05:18:
08:7d:6a:22:8f:4d:5e:b1:05:0a:75:37:4d:cd:54:
1f:ff:11:65:d0:55:90:fe:37:84:dd:e0:25:7d:98:
5a:64:fe:9f:ef:0d:67:bd:9d:b4:33:d1:9c:11:ff:
d9:a4:13:28:9b:1b:df:e0:ab:56:88:da:b7:c9:40:
c9:ca:6e:3b:03:82:68:0f:a6:57:b2:54:64:a8:e1:
83:8b:ea:b5:36:82:ae:0b:2c:9c:b9:d8:1c:97:79:
e9:5e:21:a4:cb:d7:c2:92:8f:6f:ea:c6:1c:64:6c:
06:b6:20:ce:a5:32:9e:9b:78:1d:10:81:8a:4a:bb:
48:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:40:84:1C:F6:04:42:D5:F0:6D:EE:EA:DD:E6:87:60:CD:B9:9E:AF
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f7cca801-f770-42df-a946-fbb8bdc24aea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.138.241.0/24
Signature Algorithm: sha256WithRSAEncryption
19:91:4b:4f:44:4e:3a:58:42:3e:6b:e9:d0:a3:e7:51:0e:89:
1c:6b:35:6c:f8:72:74:b2:89:07:73:c4:7e:4f:29:d0:b4:a7:
12:05:57:d8:81:9e:f5:8b:a9:53:10:47:79:73:9a:32:f3:35:
e7:ff:4a:9e:11:9b:d4:24:f2:24:6a:c2:a0:1a:a2:45:db:ac:
08:b6:10:ae:99:4c:4f:72:b0:bf:12:62:44:9b:c6:9e:8f:2b:
63:84:0b:b2:46:67:91:5b:1b:80:09:b1:61:77:5e:86:06:9a:
8a:a9:22:1d:f6:db:bc:09:93:12:84:62:75:45:55:2e:7f:e5:
f1:79:68:70:76:4d:52:17:82:62:5d:b0:5b:84:a9:c9:74:62:
00:f8:d4:63:03:45:73:7a:9f:07:2a:84:10:53:4f:27:02:1b:
0f:44:d1:83:95:c6:2e:48:ae:e2:06:61:3d:a9:27:0d:9c:bf:
e7:3e:59:f6:63:42:cd:1d:19:4f:1a:71:04:4a:de:08:56:a9:
33:b0:dd:1c:aa:12:94:17:d8:90:1d:20:c8:a7:99:3b:0a:62:
c3:c4:e5:85:0f:9c:92:ac:68:75:75:30:85:48:5e:aa:ec:15:
54:fe:78:43:7c:50:24:c9:8b:88:bb:ca:1c:2d:0d:3d:95:7d:
02:bc:a7:65
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXpRmN2Ohg4F0C72XY5GiZl0OAqAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE5MDE0MDA0WhcNMjUxMTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BkM2E5M2M4NjYyMzU0NzgwYzBjYzZiMzUwZjljZjlmM2Zm
Y2RhYjQ2MGJkMzA1MWU2ZThkY2I3MDU5MTlkNjY5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1mRHfkWMQJbHsaLgGJ28H6QdH6MPSrXF49aX4KSFLzlBE
5V3sT0teeCnmAtHFV7WHoxoX9NASVvSCFH7unupYOH50B2WNq+duZ+LDPr11EMh4
ScTjnfdzlsvX4vlbwAhIgOy6fNqxqtEPVagfQyD3NNZXHKBDeGHqXSG4XIUpoYq9
KUsFGAh9aiKPTV6xBQp1N03NVB//EWXQVZD+N4Td4CV9mFpk/p/vDWe9nbQz0ZwR
/9mkEyibG9/gq1aI2rfJQMnKbjsDgmgPpleyVGSo4YOL6rU2gq4LLJy52ByXeele
IaTL18KSj2/qxhxkbAa2IM6lMp6beB0QgYpKu0jVAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUckCEHPYEQtXwbe7q3eaHYM25nq8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Y3Y2NhODAxLWY3NzAtNDJkZi1hOTQ2LWZiYjhiZGMyNGFlYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABsivEwDQYJKoZIhvcNAQELBQADggEBABmRS09ETjpYQj5r6dCj51EOiRxr
NWz4cnSyiQdzxH5PKdC0pxIFV9iBnvWLqVMQR3lzmjLzNef/Sp4Rm9Qk8iRqwqAa
okXbrAi2EK6ZTE9ysL8SYkSbxp6PK2OEC7JGZ5FbG4AJsWF3XoYGmoqpIh3227wJ
kxKEYnVFVS5/5fF5aHB2TVIXgmJdsFuEqcl0YgD41GMDRXN6nwcqhBBTTycCGw9E
0YOVxi5IruIGYT2pJw2cv+c+WfZjQs0dGU8acQRK3ghWqTOw3RyqEpQX2JAdIMin
mTsKYsPE5YUPnJKsaHV1MIVIXqrsFVT+eEN8UCTJi4i7yhwtDT2VfQK8p2U=
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:20:13 2025 by rpki-client