Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1e2b1a9d-35b2-4bdf-ad3e-cb7feb02e790.roa
File: 1e2b1a9d-35b2-4bdf-ad3e-cb7feb02e790.roa (raw, json)
Hash identifier: Qxldavahimhe58Pfl4E029x3yBINtCVo8I9YFA2sUFA=
Subject key identifier: 48:34:FA:30:5F:4A:B4:5A:BF:8C:B8:A5:19:DC:4D:22:12:2C:9D:47
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 47CD7F88E0A3597016B85DE61CAD035F9A0F0C18
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1e2b1a9d-35b2-4bdf-ad3e-cb7feb02e790.roa
Signing time: Mon 20 Oct 2025 02:22:10 +0000
ROA not before: Mon 20 Oct 2025 02:22:10 +0000
ROA not after: Mon 24 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.157.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:cd:7f:88:e0:a3:59:70:16:b8:5d:e6:1c:ad:03:5f:9a:0f:0c:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 20 02:22:10 2025 GMT
Not After : Nov 24 23:59:59 2025 GMT
Subject: serialNumber=aec9c9d416f58c4558aac3b45c19d66c7f080d20c482d4f0964329f5b29be844, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:6b:4a:06:82:a7:bd:83:e9:d5:f5:8c:54:ef:
74:df:36:4d:5a:3d:b8:7a:43:ef:5a:35:20:12:da:
c2:c7:c8:98:f8:e8:65:0c:25:a2:c8:f6:15:5e:aa:
ff:93:e6:75:fd:cf:0b:4f:0f:26:04:bb:17:ab:3f:
18:e0:17:73:73:22:23:28:17:10:fd:0a:f6:69:79:
a5:54:6a:85:b3:6a:96:95:05:a9:81:f9:56:39:ea:
0c:88:5c:92:0e:12:0c:85:d5:fd:55:97:c7:0f:3b:
1e:9e:4f:ff:4a:10:d5:d0:4a:9d:a3:fb:1f:f4:31:
5a:6b:b3:cf:07:3a:2a:30:c0:9d:8d:6d:73:1c:48:
d1:61:45:69:71:07:72:31:a7:9e:e2:37:6d:2d:98:
f7:92:87:36:6f:44:7f:d3:ea:c4:90:87:a7:e2:8e:
72:8a:7a:09:bc:1e:30:bc:30:57:4e:9e:61:51:63:
fc:58:ff:47:af:be:e1:3e:ac:75:57:15:a0:8a:b7:
90:a4:0f:a8:32:49:d9:46:b6:66:c8:ab:30:e7:e9:
42:4e:4b:5c:48:5f:00:ad:1b:90:20:0a:18:bc:d6:
66:90:50:e3:3a:de:0b:e6:ab:58:2a:0d:63:44:97:
2a:08:f2:52:81:c4:db:63:2a:9f:12:24:14:56:28:
69:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:34:FA:30:5F:4A:B4:5A:BF:8C:B8:A5:19:DC:4D:22:12:2C:9D:47
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1e2b1a9d-35b2-4bdf-ad3e-cb7feb02e790.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.157.189.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:56:1f:5e:d7:9b:06:8e:23:26:3f:e5:01:5d:4f:31:e2:5e:
bd:72:95:3f:12:d9:93:ac:a1:ca:f2:34:d9:c6:c5:21:ff:46:
05:5f:40:96:5b:e7:78:18:0b:09:b0:19:6c:57:e3:de:0f:fd:
ca:10:e9:40:59:66:9f:b7:4d:ed:9e:05:2a:ee:4e:90:ee:41:
26:e3:49:cb:93:a9:ad:e5:a2:29:22:ee:19:0f:75:2f:dd:f5:
75:ce:4a:3d:0f:68:3b:8e:dc:03:ac:be:ac:f8:0b:61:83:26:
83:1d:5d:d8:34:44:08:02:98:ed:e8:02:ca:18:7c:e0:35:38:
9b:3f:47:a3:e2:89:55:f5:1a:8f:58:c9:2f:fc:3e:7a:1b:c8:
31:d3:4d:fc:4b:43:ba:ed:4c:50:38:4e:0f:fb:21:48:99:39:
63:a3:76:fb:91:63:08:df:2b:b8:da:c8:3f:7c:51:0e:f8:08:
89:23:15:13:ce:ac:27:df:6d:b3:4a:cd:70:5b:18:de:25:88:
af:bc:04:2e:91:bf:f5:60:30:41:64:b6:33:4b:32:e3:23:ec:
57:59:80:d4:aa:00:26:19:4f:38:7a:a3:8b:50:1b:71:bf:6b:
b6:7d:44:ef:bb:02:71:ad:7d:89:b0:6d:77:0b:40:7e:59:ac:
47:a3:cc:76
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUR81/iOCjWXAWuF3mHK0DX5oPDBgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIwMDIyMjEwWhcNMjUxMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BhZWM5YzlkNDE2ZjU4YzQ1NThhYWMzYjQ1YzE5ZDY2Yzdm
MDgwZDIwYzQ4MmQ0ZjA5NjQzMjlmNWIyOWJlODQ0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDMa0oGgqe9g+nV9YxU73TfNk1aPbh6Q+9aNSAS2sLHyJj4
6GUMJaLI9hVeqv+T5nX9zwtPDyYEuxerPxjgF3NzIiMoFxD9CvZpeaVUaoWzapaV
BamB+VY56gyIXJIOEgyF1f1Vl8cPOx6eT/9KENXQSp2j+x/0MVprs88HOiowwJ2N
bXMcSNFhRWlxB3Ixp57iN20tmPeShzZvRH/T6sSQh6fijnKKegm8HjC8MFdOnmFR
Y/xY/0evvuE+rHVXFaCKt5CkD6gySdlGtmbIqzDn6UJOS1xIXwCtG5AgChi81maQ
UOM63gvmq1gqDWNElyoI8lKBxNtjKp8SJBRWKGmNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUSDT6MF9KtFq/jLilGdxNIhIsnUcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzFlMmIxYTlkLTM1YjItNGJkZi1hZDNlLWNiN2ZlYjAyZTc5MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABsnb0wDQYJKoZIhvcNAQELBQADggEBAD1WH17XmwaOIyY/5QFdTzHiXr1y
lT8S2ZOsocryNNnGxSH/RgVfQJZb53gYCwmwGWxX494P/coQ6UBZZp+3Te2eBSru
TpDuQSbjScuTqa3loiki7hkPdS/d9XXOSj0PaDuO3AOsvqz4C2GDJoMdXdg0RAgC
mO3oAsoYfOA1OJs/R6PiiVX1Go9YyS/8PnobyDHTTfxLQ7rtTFA4Tg/7IUiZOWOj
dvuRYwjfK7jayD98UQ74CIkjFRPOrCffbbNKzXBbGN4liK+8BC6Rv/VgMEFktjNL
MuMj7FdZgNSqACYZTzh6o4tQG3G/a7Z9RO+7AnGtfYmwbXcLQH5ZrEejzHY=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:47:41 2025 by rpki-client