Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/58b42984-22be-4af1-8da5-6fa235d1029c.roa
File: 58b42984-22be-4af1-8da5-6fa235d1029c.roa (raw, json)
Hash identifier: 4fSZp+UXWVzWfWWpfwPAjusLSsD21wZlGF9okDitxcc=
Subject key identifier: B5:99:B3:4A:07:02:3B:2E:15:1E:FD:09:96:E9:E4:52:66:8A:07:90
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 11EFC6E56027075AD0EC2E6C27E1D5FA6A31269F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/58b42984-22be-4af1-8da5-6fa235d1029c.roa
Signing time: Mon 29 Sep 2025 15:01:56 +0000
ROA not before: Mon 29 Sep 2025 15:01:56 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 104.153.118.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:ef:c6:e5:60:27:07:5a:d0:ec:2e:6c:27:e1:d5:fa:6a:31:26:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Sep 29 15:01:56 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=e2b58d3078a2beaf5df1faebdb3992c8766423de4158f3041c601f2599b18e67, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:40:43:25:98:7c:02:0a:39:74:bd:db:47:03:
39:42:ad:49:39:3c:93:10:22:08:99:20:9a:3a:77:
3c:e3:cd:64:f0:2e:6c:58:b6:8d:a0:3d:14:72:0a:
83:8f:51:a7:ca:a1:8c:40:e4:94:09:56:40:e9:9f:
58:24:60:8f:81:74:a8:e8:72:c6:d4:be:72:1e:27:
1e:92:35:f7:0f:3c:53:40:53:c9:d8:d3:3f:64:8d:
ec:28:1f:29:5c:0a:07:01:8f:88:a9:70:72:aa:70:
dc:8f:71:ca:37:a8:5f:51:1f:64:dc:35:c8:d3:27:
f8:42:a2:c3:0a:96:cc:57:0f:24:1d:a2:77:90:59:
de:86:97:12:a1:5d:73:95:ce:5a:64:14:40:59:23:
a5:70:e5:25:6a:77:7e:99:8f:12:88:c0:4c:a0:ef:
42:04:55:f0:8c:aa:3d:06:cc:a0:26:02:d9:f0:f8:
0a:b0:28:8c:7c:c2:21:60:b1:90:bb:a2:31:5e:3f:
31:e2:44:3c:d6:2c:6a:c9:fe:34:48:9e:3f:75:62:
41:cd:dc:6e:5c:d4:58:c3:d8:21:9f:57:08:8d:dc:
ec:da:46:e6:5d:f0:2c:12:86:a1:f7:2d:a2:d3:97:
0f:83:0d:28:e9:16:c6:e1:b7:4b:ca:92:6b:af:d7:
a0:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:99:B3:4A:07:02:3B:2E:15:1E:FD:09:96:E9:E4:52:66:8A:07:90
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/58b42984-22be-4af1-8da5-6fa235d1029c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.153.118.0/24
Signature Algorithm: sha256WithRSAEncryption
92:68:b6:f2:f1:bc:05:dc:1d:86:d9:e7:ca:fb:ea:74:e4:8b:
f7:05:47:4a:9a:08:8f:a3:ea:1c:99:d2:07:32:d3:ac:7c:b0:
cf:65:a5:89:f7:db:98:47:25:a4:e4:f3:a1:30:60:af:97:3f:
c9:58:23:e0:8d:46:df:8e:77:ba:54:79:6b:80:a4:1c:05:d6:
d5:05:6a:a4:1e:ed:96:e6:86:b9:09:72:df:75:3f:40:82:d0:
c5:32:56:31:26:5b:eb:ac:f6:31:8d:59:4f:22:3d:ed:bf:ee:
25:13:4d:67:3a:2f:8f:82:96:5c:04:52:28:f5:55:02:a1:d4:
31:38:0b:eb:66:13:8d:bd:b9:6e:a9:00:74:95:48:b0:01:2e:
ae:39:52:65:01:26:51:5e:65:d9:90:90:ca:9f:ca:74:f6:82:
40:0a:3f:88:fa:d7:ed:a8:05:e0:cc:68:f4:b4:19:c5:45:2e:
14:ac:ac:45:df:4f:d3:82:16:f4:2f:41:cd:55:14:e5:cd:1d:
70:cc:3e:29:49:ae:ad:6f:b6:cc:5a:42:bb:ac:9d:f5:af:60:
68:56:bf:b2:19:45:f6:7d:2a:a1:7e:d6:08:8c:d6:e9:0e:2d:
cd:9c:d7:d4:00:70:10:66:55:10:66:17:3b:97:d0:62:26:db:
31:9a:1e:77
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUEe/G5WAnB1rQ7C5sJ+HV+moxJp8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI5MTUwMTU2WhcNMjUxMTAzMjM1OTU5
WjB6MUkwRwYDVQQFE0BlMmI1OGQzMDc4YTJiZWFmNWRmMWZhZWJkYjM5OTJjODc2
NjQyM2RlNDE1OGYzMDQxYzYwMWYyNTk5YjE4ZTY3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCaQEMlmHwCCjl0vdtHAzlCrUk5PJMQIgiZIJo6dzzjzWTw
LmxYto2gPRRyCoOPUafKoYxA5JQJVkDpn1gkYI+BdKjocsbUvnIeJx6SNfcPPFNA
U8nY0z9kjewoHylcCgcBj4ipcHKqcNyPcco3qF9RH2TcNcjTJ/hCosMKlsxXDyQd
oneQWd6GlxKhXXOVzlpkFEBZI6Vw5SVqd36ZjxKIwEyg70IEVfCMqj0GzKAmAtnw
+AqwKIx8wiFgsZC7ojFePzHiRDzWLGrJ/jRInj91YkHN3G5c1FjD2CGfVwiN3Oza
RuZd8CwShqH3LaLTlw+DDSjpFsbht0vKkmuv16CFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUtZmzSgcCOy4VHv0JlunkUmaKB5AwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzU4YjQyOTg0LTIyYmUtNGFmMS04ZGE1LTZmYTIzNWQxMDI5Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABomXYwDQYJKoZIhvcNAQELBQADggEBAJJotvLxvAXcHYbZ58r76nTki/cF
R0qaCI+j6hyZ0gcy06x8sM9lpYn325hHJaTk86EwYK+XP8lYI+CNRt+Od7pUeWuA
pBwF1tUFaqQe7ZbmhrkJct91P0CC0MUyVjEmW+us9jGNWU8iPe2/7iUTTWc6L4+C
llwEUij1VQKh1DE4C+tmE429uW6pAHSVSLABLq45UmUBJlFeZdmQkMqfynT2gkAK
P4j61+2oBeDMaPS0GcVFLhSsrEXfT9OCFvQvQc1VFOXNHXDMPilJrq1vtsxaQrus
nfWvYGhWv7IZRfZ9KqF+1giM1ukOLc2c19QAcBBmVRBmFzuX0GIm2zGaHnc=
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:17:29 2025 by rpki-client