Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3e678d98-04d7-40ad-82f8-ba93887683fa.roa
File: 3e678d98-04d7-40ad-82f8-ba93887683fa.roa (raw, json)
Hash identifier: fNLcua5lym4BUlZMqnVXTbJ9dGVLPPZg78qW535BsNs=
Subject key identifier: 80:6D:33:56:1D:D7:07:FA:84:3D:AC:6F:A4:C5:88:24:21:2C:19:15
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 7944C06054D0EB4A046A52ADF574D322B94CCC96
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3e678d98-04d7-40ad-82f8-ba93887683fa.roa
Signing time: Mon 20 Oct 2025 01:01:24 +0000
ROA not before: Mon 20 Oct 2025 01:01:24 +0000
ROA not after: Mon 24 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.139.136.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:44:c0:60:54:d0:eb:4a:04:6a:52:ad:f5:74:d3:22:b9:4c:cc:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 20 01:01:24 2025 GMT
Not After : Nov 24 23:59:59 2025 GMT
Subject: serialNumber=c0f86afe66a121ad17c178876da0265fff87efc39c476a54e69cc8a2f654b333, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b4:ab:91:87:f8:a0:be:bb:bc:b9:8f:5e:04:
1b:ae:4a:80:80:39:5d:ee:ea:5e:23:a2:27:2c:b0:
fe:74:a9:24:db:f7:39:46:03:89:64:77:cf:16:be:
1b:17:63:08:af:cc:58:5a:82:fa:aa:ba:21:d9:25:
b4:54:08:74:f0:8f:89:ee:ce:35:11:41:56:bf:af:
fe:81:b7:e2:a4:5c:8e:9a:6d:0b:b8:90:7f:96:5d:
07:6a:6c:80:96:f1:4c:64:c3:32:e2:c0:c2:c4:f0:
ab:a9:14:f3:5f:11:29:7d:6d:83:7d:f3:80:5e:85:
e1:6e:48:dc:ae:c4:e6:83:44:9f:7f:95:3d:13:cc:
d0:c6:4a:62:a8:23:08:37:fe:5e:30:e1:2d:08:49:
9a:36:b7:b2:47:0a:01:5a:19:e3:f8:31:80:29:d0:
f4:02:7e:b0:9c:bd:61:3d:6d:c2:f6:63:1c:2c:41:
54:56:c1:4b:0e:60:f9:cc:d4:cf:9e:2f:2b:77:8f:
70:9c:68:9c:9a:f1:44:98:ce:81:91:31:f1:79:55:
6f:f0:d7:e9:bb:cd:57:5f:fd:15:e9:a4:a4:a4:90:
76:3b:72:16:d5:73:12:d5:ab:6e:e7:02:fa:b1:14:
5f:42:85:b9:6e:78:8f:6e:f9:45:e6:53:e9:54:55:
f7:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:6D:33:56:1D:D7:07:FA:84:3D:AC:6F:A4:C5:88:24:21:2C:19:15
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3e678d98-04d7-40ad-82f8-ba93887683fa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.139.136.0/21
Signature Algorithm: sha256WithRSAEncryption
ab:cb:c3:9e:40:a4:4b:a6:f9:e2:f4:2f:08:9e:c6:97:3a:6e:
dc:da:85:e8:db:65:da:f3:ec:9a:c6:b0:d1:e5:89:29:ed:6a:
d3:15:6c:88:f4:cf:e5:b4:4a:65:ae:b2:89:b4:24:5d:1f:e9:
58:81:64:3c:0a:6b:0d:ca:4b:0f:2c:18:95:07:b5:7b:cb:2c:
37:94:56:73:b0:d9:d9:80:60:eb:21:86:e1:8f:e2:1c:78:6a:
16:d0:fe:2c:63:94:fc:a5:09:81:6f:e4:19:3c:07:0d:20:cc:
6e:3e:bc:b4:53:12:02:85:4d:75:e7:f5:88:e9:c7:6b:55:47:
e7:0b:2f:09:13:b7:ba:30:8c:92:58:e4:4f:2d:e6:87:87:a7:
b8:2f:dc:b2:b6:bf:fa:7b:e6:f5:39:07:ba:dd:f8:71:82:88:
cd:d3:b0:86:8a:da:f8:ef:55:d5:9b:5f:f8:d0:97:95:25:15:
c7:79:48:ef:36:eb:e8:1b:4a:34:a0:9b:38:04:a9:98:b7:f8:
b6:99:2f:84:f2:b7:cd:84:33:75:9a:8a:ec:09:ae:d1:fc:94:
f5:5c:84:b3:4f:e2:58:74:2a:9b:86:ac:9a:30:0d:3a:a9:91:
61:8a:af:41:77:9e:f4:c4:77:9f:99:e2:82:ea:e2:58:10:0f:
a2:b5:f3:a5
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUeUTAYFTQ60oEalKt9XTTIrlMzJYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIwMDEwMTI0WhcNMjUxMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BjMGY4NmFmZTY2YTEyMWFkMTdjMTc4ODc2ZGEwMjY1ZmZm
ODdlZmMzOWM0NzZhNTRlNjljYzhhMmY2NTRiMzMzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCytKuRh/igvru8uY9eBBuuSoCAOV3u6l4joicssP50qSTb
9zlGA4lkd88WvhsXYwivzFhagvqquiHZJbRUCHTwj4nuzjURQVa/r/6Bt+KkXI6a
bQu4kH+WXQdqbICW8UxkwzLiwMLE8KupFPNfESl9bYN984BeheFuSNyuxOaDRJ9/
lT0TzNDGSmKoIwg3/l4w4S0ISZo2t7JHCgFaGeP4MYAp0PQCfrCcvWE9bcL2Yxws
QVRWwUsOYPnM1M+eLyt3j3CcaJya8USYzoGRMfF5VW/w1+m7zVdf/RXppKSkkHY7
chbVcxLVq27nAvqxFF9ChblueI9u+UXmU+lUVfenAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUgG0zVh3XB/qEPaxvpMWIJCEsGRUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNlNjc4ZDk4LTA0ZDctNDBhZC04MmY4LWJhOTM4ODc2ODNmYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANsi4gwDQYJKoZIhvcNAQELBQADggEBAKvLw55ApEum+eL0Lwiexpc6btza
hejbZdrz7JrGsNHliSntatMVbIj0z+W0SmWusom0JF0f6ViBZDwKaw3KSw8sGJUH
tXvLLDeUVnOw2dmAYOshhuGP4hx4ahbQ/ixjlPylCYFv5Bk8Bw0gzG4+vLRTEgKF
TXXn9Yjpx2tVR+cLLwkTt7owjJJY5E8t5oeHp7gv3LK2v/p75vU5B7rd+HGCiM3T
sIaK2vjvVdWbX/jQl5UlFcd5SO826+gbSjSgmzgEqZi3+LaZL4Tyt82EM3WaiuwJ
rtH8lPVchLNP4lh0KpuGrJowDTqpkWGKr0F3nvTEd5+Z4oLq4lgQD6K186U=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:51:15 2025 by rpki-client