Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5689c760-478a-4153-b127-527a144538fe.roa
File: 5689c760-478a-4153-b127-527a144538fe.roa (raw, json)
Hash identifier: ghxoGYAaCEMkwA5qcUyFvUAHLNERWKDWUeH6aDKcVGA=
Subject key identifier: D4:BC:90:4F:27:4C:07:A6:F8:B2:C2:0B:09:2D:6C:08:98:90:98:E4
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 4629B4ABD7A591AC9833A772732691087D80899F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5689c760-478a-4153-b127-527a144538fe.roa
Signing time: Mon 20 Oct 2025 00:41:52 +0000
ROA not before: Mon 20 Oct 2025 00:41:52 +0000
ROA not after: Mon 24 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.156.88.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:29:b4:ab:d7:a5:91:ac:98:33:a7:72:73:26:91:08:7d:80:89:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 20 00:41:52 2025 GMT
Not After : Nov 24 23:59:59 2025 GMT
Subject: serialNumber=9f5fab5b7bda001b6a49979b41f6d741da799cef47b2e7e3a13232d151eb597a, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c5:7d:7d:5f:7a:02:88:a2:6b:41:22:99:e0:
56:b7:f3:73:58:cd:4e:8d:82:2e:bf:b6:61:5f:50:
b4:5b:1a:86:08:1e:67:58:93:66:0c:b0:c3:dd:37:
9f:c4:66:a0:3f:4b:2e:b5:48:81:7a:29:ea:d6:e8:
07:99:64:94:ea:dd:2b:98:7f:21:09:7b:2f:30:b2:
6d:44:c1:75:be:8e:45:90:e8:7c:bb:b0:dd:f5:5b:
3a:66:bc:d7:c1:0d:cd:cf:32:55:b6:e6:ae:54:0a:
a6:ab:46:c1:9b:c7:3d:02:d8:f9:dc:b9:dd:88:16:
ee:1d:6c:c5:28:39:92:99:72:4d:b8:2b:eb:e8:58:
04:65:8f:9d:bc:2d:0f:d9:2b:69:cd:fb:bb:34:b2:
6c:69:68:ad:e9:44:d4:6c:ec:36:61:2f:ff:c1:ad:
ca:90:c6:fc:39:c2:e7:f1:84:30:0f:cb:64:59:1e:
c7:32:a7:b1:6f:dc:4a:9d:95:a2:e1:76:65:c0:a0:
fd:8d:d4:25:6a:4a:ef:61:bd:6f:40:93:9e:98:d2:
c9:4a:c0:b4:16:a0:12:0c:4d:2e:c2:35:56:d5:5c:
d2:fb:97:29:8d:4f:9c:9a:b9:52:da:71:4b:0b:3e:
3c:92:43:76:8f:b7:ec:96:a5:bf:1b:bd:ae:af:46:
ef:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:BC:90:4F:27:4C:07:A6:F8:B2:C2:0B:09:2D:6C:08:98:90:98:E4
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5689c760-478a-4153-b127-527a144538fe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.156.88.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:35:78:73:17:a3:b4:1e:b7:9b:89:75:74:81:4c:bb:4e:00:
25:ed:e4:33:a6:d2:74:42:7c:91:7c:20:01:5d:04:d1:b9:58:
32:15:40:8b:22:8b:bb:f6:87:f8:e5:73:0b:4b:b5:75:29:bf:
96:dc:f7:5e:73:06:75:5f:f0:3a:69:bb:7d:c7:23:bf:4f:43:
70:25:0c:1a:f5:18:6f:b1:88:a2:6d:48:01:6e:ee:0f:c1:dd:
9c:31:e5:fa:e9:60:62:e9:ba:ed:fe:3f:7f:5c:7a:39:44:92:
c3:d0:96:90:39:78:a0:da:96:89:54:3b:a9:b7:84:71:df:06:
cf:1f:b9:19:80:a3:38:94:29:d0:dd:ce:b8:d3:ef:f9:fe:61:
52:2b:86:af:fa:7a:a4:30:66:41:09:ea:db:d9:36:41:df:9d:
fa:45:01:a5:cf:fa:4c:79:ca:4d:bf:c1:00:26:98:d0:9f:b8:
f8:c5:3a:a3:13:46:da:16:76:41:5d:fc:79:e2:dd:18:96:45:
19:2f:e0:a4:17:9f:7d:fe:57:e1:a6:fb:d7:c2:20:2b:e1:d6:
8f:47:65:51:37:67:ad:26:f6:90:52:0d:81:14:bb:f8:67:15:
b3:32:33:7a:59:ae:4f:c4:48:39:53:82:21:71:ca:f3:a3:8a:
24:34:a5:88
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURim0q9elkayYM6dycyaRCH2AiZ8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIwMDA0MTUyWhcNMjUxMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZjVmYWI1YjdiZGEwMDFiNmE0OTk3OWI0MWY2ZDc0MWRh
Nzk5Y2VmNDdiMmU3ZTNhMTMyMzJkMTUxZWI1OTdhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDIxX19X3oCiKJrQSKZ4Fa383NYzU6Ngi6/tmFfULRbGoYI
HmdYk2YMsMPdN5/EZqA/Sy61SIF6KerW6AeZZJTq3SuYfyEJey8wsm1EwXW+jkWQ
6Hy7sN31WzpmvNfBDc3PMlW25q5UCqarRsGbxz0C2Pncud2IFu4dbMUoOZKZck24
K+voWARlj528LQ/ZK2nN+7s0smxpaK3pRNRs7DZhL//BrcqQxvw5wufxhDAPy2RZ
Hscyp7Fv3EqdlaLhdmXAoP2N1CVqSu9hvW9Ak56Y0slKwLQWoBIMTS7CNVbVXNL7
lymNT5yauVLacUsLPjySQ3aPt+yWpb8bva6vRu+xAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU1LyQTydMB6b4ssILCS1sCJiQmOQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzU2ODljNzYwLTQ3OGEtNDE1My1iMTI3LTUyN2ExNDQ1MzhmZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABsnFgwDQYJKoZIhvcNAQELBQADggEBALY1eHMXo7Qet5uJdXSBTLtOACXt
5DOm0nRCfJF8IAFdBNG5WDIVQIsii7v2h/jlcwtLtXUpv5bc915zBnVf8Dppu33H
I79PQ3AlDBr1GG+xiKJtSAFu7g/B3Zwx5frpYGLpuu3+P39cejlEksPQlpA5eKDa
lolUO6m3hHHfBs8fuRmAoziUKdDdzrjT7/n+YVIrhq/6eqQwZkEJ6tvZNkHfnfpF
AaXP+kx5yk2/wQAmmNCfuPjFOqMTRtoWdkFd/Hni3RiWRRkv4KQXn33+V+Gm+9fC
ICvh1o9HZVE3Z60m9pBSDYEUu/hnFbMyM3pZrk/ESDlTgiFxyvOjiiQ0pYg=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:51:22 2025 by rpki-client