Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3e111cab-b373-424b-a3a9-8c8fc7f71e17.roa
File: 3e111cab-b373-424b-a3a9-8c8fc7f71e17.roa (raw, json)
Hash identifier: 7FTHwJxpVfNyvWNTM8rmuu97j95+PdseqFJmrFEVtEA=
Subject key identifier: BB:48:6E:4B:24:62:68:FB:C6:CC:CF:A1:C2:13:80:BD:36:98:99:E8
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 40C1F8095D905DF55C8BE134155CEA4EA371C919
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3e111cab-b373-424b-a3a9-8c8fc7f71e17.roa
Signing time: Mon 06 Oct 2025 16:11:53 +0000
ROA not before: Mon 06 Oct 2025 16:11:53 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 37.203.157.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:c1:f8:09:5d:90:5d:f5:5c:8b:e1:34:15:5c:ea:4e:a3:71:c9:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 6 16:11:53 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=d4fca2f6cef77a83dc596baf716db70a4ee21ca5bbb46a11a77b254973c0d74e, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:2a:72:12:08:55:a7:50:2b:b3:fc:ef:d0:2a:
e2:5d:50:cb:dd:e8:42:0c:7d:72:08:52:10:c6:d9:
95:89:eb:ea:c4:f1:aa:b7:24:f3:da:56:a1:bb:2f:
c6:0f:2e:42:28:fe:66:15:55:7e:b7:3f:12:ff:30:
90:d3:92:36:65:dc:d5:0e:8b:fb:1b:0c:34:cb:81:
38:8c:cf:b2:87:8d:1f:26:26:13:fd:ac:38:9b:ba:
66:4b:44:56:1d:5e:18:ce:3f:9d:2a:5f:eb:e2:9a:
06:11:b4:fe:35:6a:0b:2d:2e:cd:64:82:4e:9c:a1:
85:4d:dc:3c:d3:7b:b4:2b:bf:c4:01:23:0a:eb:bd:
fc:70:66:c5:92:7c:0a:b8:cd:66:2a:99:66:d0:fd:
e6:fe:6f:de:ca:6e:e4:aa:f9:4a:29:63:3b:f6:39:
e1:d7:23:d3:da:f7:89:13:04:e2:ae:44:ae:a9:27:
77:c0:95:98:8d:bb:9a:a4:85:01:aa:3c:e3:8b:bc:
08:bd:b9:1c:f0:50:56:50:fd:88:73:f6:ea:40:32:
ea:7e:54:67:cc:b5:b7:72:ee:ad:39:86:5a:0e:bf:
c0:aa:4f:52:74:0d:ce:65:cc:ae:c1:6e:4b:3c:70:
c5:62:dc:82:64:a9:27:87:01:12:ae:e7:02:d0:6f:
b3:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:48:6E:4B:24:62:68:FB:C6:CC:CF:A1:C2:13:80:BD:36:98:99:E8
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3e111cab-b373-424b-a3a9-8c8fc7f71e17.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.203.157.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:b6:bd:b3:87:28:a9:6b:15:c3:95:45:b5:d3:09:bb:bb:7a:
0f:ae:d0:58:d7:50:49:6a:1f:ad:54:d8:89:1c:31:2f:cb:2a:
02:de:1e:29:ac:ba:a6:63:0c:ab:f4:7a:02:e2:46:2d:2e:88:
87:e0:07:4a:57:d1:6c:e2:85:1c:65:45:80:92:ca:62:34:00:
4c:d7:fc:42:81:dd:f7:49:89:9a:b0:f0:f3:53:35:fb:5f:97:
12:f0:a3:f8:b3:79:76:ed:56:61:44:6d:d8:50:f3:f1:d8:85:
1e:01:84:0d:c0:fb:08:a3:41:b4:ec:8d:9c:c3:2a:10:e9:b7:
02:c0:e1:19:f6:9a:61:3b:c2:a4:57:1d:82:5b:de:bd:06:f3:
50:e7:24:8c:14:af:fc:f7:66:a7:a0:18:e0:8e:ca:bb:99:44:
9c:f2:f6:c3:73:e6:93:06:21:43:12:89:ec:b5:0e:2e:46:9c:
33:17:1f:b2:ec:ba:15:24:99:73:4a:a9:99:ba:37:cd:c8:76:
1c:c1:fc:d9:fa:8c:50:95:53:ea:5d:19:da:09:c4:1a:78:7f:
22:22:38:f6:ba:c0:f0:c7:36:cc:4e:95:73:57:d4:a5:a7:90:
7f:6e:1c:63:b4:01:20:dc:7e:aa:0b:ad:2a:9b:46:57:a9:5d:
0d:7a:1e:b4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQMH4CV2QXfVci+E0FVzqTqNxyRkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA2MTYxMTUzWhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BkNGZjYTJmNmNlZjc3YTgzZGM1OTZiYWY3MTZkYjcwYTRl
ZTIxY2E1YmJiNDZhMTFhNzdiMjU0OTczYzBkNzRlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDHKnISCFWnUCuz/O/QKuJdUMvd6EIMfXIIUhDG2ZWJ6+rE
8aq3JPPaVqG7L8YPLkIo/mYVVX63PxL/MJDTkjZl3NUOi/sbDDTLgTiMz7KHjR8m
JhP9rDibumZLRFYdXhjOP50qX+vimgYRtP41agstLs1kgk6coYVN3DzTe7Qrv8QB
IwrrvfxwZsWSfAq4zWYqmWbQ/eb+b97KbuSq+UopYzv2OeHXI9Pa94kTBOKuRK6p
J3fAlZiNu5qkhQGqPOOLvAi9uRzwUFZQ/Yhz9upAMup+VGfMtbdy7q05hloOv8Cq
T1J0Dc5lzK7Bbks8cMVi3IJkqSeHARKu5wLQb7NrAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUu0huSyRiaPvGzM+hwhOAvTaYmegwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNlMTExY2FiLWIzNzMtNDI0Yi1hM2E5LThjOGZjN2Y3MWUxNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAly50wDQYJKoZIhvcNAQELBQADggEBAL22vbOHKKlrFcOVRbXTCbu7eg+u
0FjXUElqH61U2IkcMS/LKgLeHimsuqZjDKv0egLiRi0uiIfgB0pX0WzihRxlRYCS
ymI0AEzX/EKB3fdJiZqw8PNTNftflxLwo/izeXbtVmFEbdhQ8/HYhR4BhA3A+wij
QbTsjZzDKhDptwLA4Rn2mmE7wqRXHYJb3r0G81DnJIwUr/z3ZqegGOCOyruZRJzy
9sNz5pMGIUMSiey1Di5GnDMXH7LsuhUkmXNKqZm6N83IdhzB/Nn6jFCVU+pdGdoJ
xBp4fyIiOPa6wPDHNsxOlXNX1KWnkH9uHGO0ASDcfqoLrSqbRlepXQ16HrQ=
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:45:34 2025 by rpki-client