Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5c1e2fce-7553-4d05-b80a-aad2ed3652fe.roa
File: 5c1e2fce-7553-4d05-b80a-aad2ed3652fe.roa (raw, json)
Hash identifier: EQt/9rELPms7+7hAbUOwqDkivcvReEK+aTrs8jNkIxs=
Subject key identifier: BE:35:6A:5F:70:C5:B2:17:07:64:FB:18:28:8B:58:3E:9D:99:3F:AA
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 6B1B6C5CF26CB06FF70C5FBC8E9ED7DB86EDE0EC
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5c1e2fce-7553-4d05-b80a-aad2ed3652fe.roa
Signing time: Sun 19 Oct 2025 01:20:10 +0000
ROA not before: Sun 19 Oct 2025 01:20:10 +0000
ROA not after: Sun 23 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.138.72.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:1b:6c:5c:f2:6c:b0:6f:f7:0c:5f:bc:8e:9e:d7:db:86:ed:e0:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 19 01:20:10 2025 GMT
Not After : Nov 23 23:59:59 2025 GMT
Subject: serialNumber=49655054f78d2c1664523e92308d8886fe58be282eb4d2061093150092e35d62, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1f:2b:b2:60:3a:25:f7:51:a1:d0:c2:ba:14:
44:a1:74:04:24:af:bc:75:58:58:ae:49:40:8a:37:
ed:da:01:bd:cb:fd:2a:94:9b:af:0b:d7:56:6b:e9:
ed:82:d6:ec:a4:6f:4d:b9:36:10:55:ea:ac:8f:93:
5a:c0:20:f1:97:5b:3e:d6:64:5a:36:c8:56:05:ce:
b3:ca:cd:8a:04:71:0d:30:3c:6e:d8:c8:55:e8:0a:
2d:6c:e1:11:5f:4c:7f:6f:63:9e:cd:ff:ee:b2:98:
08:b6:0e:61:ce:05:52:4a:3c:18:75:35:c8:1e:5b:
95:58:03:1b:8a:0f:51:7b:bd:4d:c7:35:35:9c:d1:
ec:89:0b:f8:e1:5d:91:ed:89:b6:99:9e:e2:8c:06:
7d:8b:15:7e:14:2f:30:28:3e:89:85:25:77:e6:00:
68:3c:77:cc:21:3a:17:e9:5c:18:dd:20:9f:fe:d5:
33:24:2d:3c:4f:c6:9c:e1:44:5c:1b:b6:d3:3a:26:
43:77:6c:bd:f0:cf:e5:67:a4:fa:fa:fd:49:71:78:
95:72:c5:af:ef:28:f2:82:37:99:54:a8:81:32:c6:
9a:21:a5:4b:bb:75:4e:e3:d8:bb:dc:4b:53:63:db:
dc:dd:a5:9b:17:49:8d:fe:b9:97:b0:d0:a5:ef:35:
eb:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:35:6A:5F:70:C5:B2:17:07:64:FB:18:28:8B:58:3E:9D:99:3F:AA
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5c1e2fce-7553-4d05-b80a-aad2ed3652fe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.138.72.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:34:8b:89:3d:3c:99:f0:ed:4d:66:23:f4:9a:32:06:93:9c:
ea:ad:1e:4e:89:9a:60:b9:37:5e:a9:bf:57:41:82:5e:50:50:
70:d6:6c:4b:d1:a4:1e:63:7a:89:c6:6e:dd:bf:11:a2:f8:6c:
c3:41:42:a4:34:89:92:ef:d9:af:56:d3:1e:a5:ef:d1:69:98:
a8:29:72:96:f3:18:42:81:a0:19:15:d0:8c:f5:38:d4:25:e7:
90:c0:5d:d5:9d:c5:01:c6:c0:5c:9d:cb:d3:3c:25:1b:09:7e:
35:32:81:db:b7:fa:42:d6:27:80:34:38:f6:ad:e8:a6:83:e0:
05:d8:c6:a2:d0:94:11:3a:89:cd:40:f3:2e:6c:82:41:7e:52:
98:d1:52:c2:65:9d:c6:d1:af:1d:33:e9:af:20:40:e2:2b:7c:
3e:b7:0d:d9:f2:32:d1:48:02:76:95:d9:70:13:05:7c:83:78:
ff:10:2a:3d:4d:96:30:89:a0:dd:ce:ec:e8:5d:3c:c6:b8:17:
ad:9e:f6:35:b2:ab:20:3d:7c:2a:19:09:d0:61:c8:e1:3d:eb:
01:ce:e2:4a:91:19:41:20:5f:18:61:24:0c:82:25:e2:dc:ff:
d1:12:22:ef:90:73:63:27:ee:65:8d:ca:38:7f:50:0d:49:5f:
f5:95:5f:a6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUaxtsXPJssG/3DF+8jp7X24bt4OwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE5MDEyMDEwWhcNMjUxMTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A0OTY1NTA1NGY3OGQyYzE2NjQ1MjNlOTIzMDhkODg4NmZl
NThiZTI4MmViNGQyMDYxMDkzMTUwMDkyZTM1ZDYyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3HyuyYDol91Gh0MK6FEShdAQkr7x1WFiuSUCKN+3aAb3L
/SqUm68L11Zr6e2C1uykb025NhBV6qyPk1rAIPGXWz7WZFo2yFYFzrPKzYoEcQ0w
PG7YyFXoCi1s4RFfTH9vY57N/+6ymAi2DmHOBVJKPBh1NcgeW5VYAxuKD1F7vU3H
NTWc0eyJC/jhXZHtibaZnuKMBn2LFX4ULzAoPomFJXfmAGg8d8whOhfpXBjdIJ/+
1TMkLTxPxpzhRFwbttM6JkN3bL3wz+VnpPr6/UlxeJVyxa/vKPKCN5lUqIEyxpoh
pUu7dU7j2LvcS1Nj29zdpZsXSY3+uZew0KXvNesfAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUvjVqX3DFshcHZPsYKItYPp2ZP6owHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzVjMWUyZmNlLTc1NTMtNGQwNS1iODBhLWFhZDJlZDM2NTJmZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABsikgwDQYJKoZIhvcNAQELBQADggEBALo0i4k9PJnw7U1mI/SaMgaTnOqt
Hk6JmmC5N16pv1dBgl5QUHDWbEvRpB5jeonGbt2/EaL4bMNBQqQ0iZLv2a9W0x6l
79FpmKgpcpbzGEKBoBkV0Iz1ONQl55DAXdWdxQHGwFydy9M8JRsJfjUygdu3+kLW
J4A0OPat6KaD4AXYxqLQlBE6ic1A8y5sgkF+UpjRUsJlncbRrx0z6a8gQOIrfD63
DdnyMtFIAnaV2XATBXyDeP8QKj1NljCJoN3O7OhdPMa4F62e9jWyqyA9fCoZCdBh
yOE96wHO4kqRGUEgXxhhJAyCJeLc/9ESIu+Qc2Mn7mWNyjh/UA1JX/WVX6Y=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:48:10 2025 by rpki-client