Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/659190fd-a8d5-4920-a4ac-354da14429c5.roa
File: 659190fd-a8d5-4920-a4ac-354da14429c5.roa (raw, json)
Hash identifier: R+SrWl9g81Bb6lVxuy5+CsCCOm1xLp/p5ip3II8is1E=
Subject key identifier: 38:4D:D1:CF:0D:1F:EE:BB:F5:18:D6:BA:93:A8:E6:C6:F1:0A:8E:20
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 3A7EEE863435C5FB593E542347C5932C261F3D85
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/659190fd-a8d5-4920-a4ac-354da14429c5.roa
Signing time: Sun 19 Oct 2025 00:40:06 +0000
ROA not before: Sun 19 Oct 2025 00:40:06 +0000
ROA not after: Sun 23 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.138.145.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:7e:ee:86:34:35:c5:fb:59:3e:54:23:47:c5:93:2c:26:1f:3d:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 19 00:40:06 2025 GMT
Not After : Nov 23 23:59:59 2025 GMT
Subject: serialNumber=0fd86eedcb9c1e903476dd2b62372862a81213cb77650c8025502dbb744c9a1c, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:96:62:11:ab:61:0d:78:75:65:16:91:a3:1b:
e4:28:9c:ea:56:4d:5e:b1:04:05:26:61:e6:09:ae:
0b:48:2a:fd:7a:a9:2d:0f:c8:bb:ad:20:13:87:8b:
e7:8f:26:92:8f:7f:64:9c:2b:04:10:6c:41:f4:37:
05:4f:a6:3e:13:1b:c2:38:60:74:e0:f3:c2:95:e8:
b1:1e:ec:b7:46:72:db:54:8b:84:5d:81:50:cd:67:
bc:e1:71:6f:d1:26:d8:ea:07:cd:13:e2:69:59:a1:
d4:9a:53:70:48:19:e5:37:b9:08:ae:83:7a:73:c6:
cd:fc:19:92:fe:22:c5:ba:df:ce:b8:76:95:f4:df:
7f:b1:4d:ad:b0:89:93:02:21:5e:75:89:1d:1f:e7:
66:a0:7c:f1:90:82:f3:3b:39:7a:ef:2e:1c:5e:3e:
a6:71:c8:dc:1a:de:d3:5b:a0:dc:86:90:53:de:18:
7c:e2:e4:1f:28:02:1e:14:33:5d:b3:fe:b2:02:2f:
de:fe:48:ec:16:b2:56:3f:87:82:96:4d:b2:3a:e2:
bf:6b:7c:e0:50:90:49:52:4f:51:59:1e:44:11:20:
d5:7e:78:7b:bf:9e:f0:8e:1a:cd:18:f5:b4:f3:d1:
b5:04:5a:a9:0a:f1:4f:dc:b4:71:34:35:58:4c:4d:
82:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:4D:D1:CF:0D:1F:EE:BB:F5:18:D6:BA:93:A8:E6:C6:F1:0A:8E:20
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/659190fd-a8d5-4920-a4ac-354da14429c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.138.145.0/24
Signature Algorithm: sha256WithRSAEncryption
65:f7:3a:bc:68:bd:eb:e4:a8:24:3d:6a:d6:8e:ad:fc:54:70:
96:7e:f5:2a:bc:d5:e6:0a:8e:40:89:21:2b:0b:a4:f0:60:9f:
d7:90:32:b9:49:5a:8d:24:9b:58:71:c6:1c:ea:fc:69:14:c1:
de:30:f2:ad:de:aa:84:96:b7:b8:0d:12:69:86:9a:45:48:47:
44:19:83:61:f8:2c:da:fa:14:d7:a7:40:02:42:a7:d6:c4:f8:
0f:25:20:d3:d1:81:ea:6b:b5:d3:d8:9d:7c:bf:24:ce:ec:cf:
03:ad:c3:bd:93:80:9f:0b:50:47:b9:35:ba:60:1c:e4:77:68:
cf:59:ef:ab:1e:9d:4d:82:87:bf:7e:f3:9a:68:ec:65:ae:09:
f3:ac:ea:c9:68:74:39:29:5a:d0:80:8d:8f:7c:6d:4e:b7:b6:
23:99:fa:36:00:e2:a0:51:1e:c4:a3:27:ee:82:f5:24:66:53:
17:13:34:20:3f:db:4a:db:ca:27:c9:32:3a:24:03:63:66:60:
5c:d4:28:ee:e2:bb:e6:3a:3f:47:12:c0:91:ce:9f:f1:b0:bc:
1f:7a:6a:2a:36:70:66:4c:ff:33:51:3b:bc:2c:9d:67:e1:01:
a6:48:d6:0b:38:c5:e2:c8:c8:1f:40:88:86:f6:fb:04:af:c6:
09:91:c5:57
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOn7uhjQ1xftZPlQjR8WTLCYfPYUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE5MDA0MDA2WhcNMjUxMTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0AwZmQ4NmVlZGNiOWMxZTkwMzQ3NmRkMmI2MjM3Mjg2MmE4
MTIxM2NiNzc2NTBjODAyNTUwMmRiYjc0NGM5YTFjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQColmIRq2ENeHVlFpGjG+QonOpWTV6xBAUmYeYJrgtIKv16
qS0PyLutIBOHi+ePJpKPf2ScKwQQbEH0NwVPpj4TG8I4YHTg88KV6LEe7LdGcttU
i4RdgVDNZ7zhcW/RJtjqB80T4mlZodSaU3BIGeU3uQiug3pzxs38GZL+IsW63864
dpX033+xTa2wiZMCIV51iR0f52agfPGQgvM7OXrvLhxePqZxyNwa3tNboNyGkFPe
GHzi5B8oAh4UM12z/rICL97+SOwWslY/h4KWTbI64r9rfOBQkElST1FZHkQRINV+
eHu/nvCOGs0Y9bTz0bUEWqkK8U/ctHE0NVhMTYIhAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUOE3Rzw0f7rv1GNa6k6jmxvEKjiAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY1OTE5MGZkLWE4ZDUtNDkyMC1hNGFjLTM1NGRhMTQ0MjljNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABsipEwDQYJKoZIhvcNAQELBQADggEBAGX3OrxovevkqCQ9ataOrfxUcJZ+
9Sq81eYKjkCJISsLpPBgn9eQMrlJWo0km1hxxhzq/GkUwd4w8q3eqoSWt7gNEmmG
mkVIR0QZg2H4LNr6FNenQAJCp9bE+A8lINPRgeprtdPYnXy/JM7szwOtw72TgJ8L
UEe5NbpgHOR3aM9Z76senU2Ch79+85po7GWuCfOs6slodDkpWtCAjY98bU63tiOZ
+jYA4qBRHsSjJ+6C9SRmUxcTNCA/20rbyifJMjokA2NmYFzUKO7iu+Y6P0cSwJHO
n/GwvB96aio2cGZM/zNRO7wsnWfhAaZI1gs4xeLIyB9AiIb2+wSvxgmRxVc=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:47:27 2025 by rpki-client