Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/65d18e0e-d6e4-4132-9d63-3be5f7e8a52c.roa
File: 65d18e0e-d6e4-4132-9d63-3be5f7e8a52c.roa (raw, json)
Hash identifier: y+IkpelTJUebizK0MTJXN6CjmcaukqiXvs6LIJhC2eA=
Subject key identifier: BE:AE:BC:98:E7:A1:AF:D6:28:26:13:C6:27:1F:03:A0:6B:7D:76:9F
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 39CAFE5643BE2221C6634570583064A351B94701
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/65d18e0e-d6e4-4132-9d63-3be5f7e8a52c.roa
Signing time: Mon 20 Oct 2025 01:42:12 +0000
ROA not before: Mon 20 Oct 2025 01:42:12 +0000
ROA not after: Mon 24 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.159.212.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:ca:fe:56:43:be:22:21:c6:63:45:70:58:30:64:a3:51:b9:47:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 20 01:42:12 2025 GMT
Not After : Nov 24 23:59:59 2025 GMT
Subject: serialNumber=96247cb4ce2d9e3a7fd431880bdf5248b86d29bb5fd2e007bf2b3119a29ce380, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0d:4a:1c:d7:65:69:f0:06:82:30:51:b6:25:
81:c1:a3:ea:e1:8b:75:6f:d4:5b:b4:89:d9:05:d3:
60:44:db:27:e4:d6:a1:4d:60:2a:32:76:8f:1a:e8:
f0:8f:83:dd:cd:9e:9f:c8:47:fd:10:b4:40:7a:33:
14:ea:a5:73:e1:13:c1:72:64:d6:a2:64:4b:32:31:
73:9f:f8:f1:1b:e1:41:4a:3f:28:f5:74:98:5e:19:
7d:2d:b6:e9:aa:ed:d7:43:32:46:1a:80:14:b9:7a:
12:60:c8:57:9c:a0:ef:98:8b:bf:f7:a2:ed:d9:69:
c3:4a:dd:1c:3a:62:fc:0d:0d:02:77:d7:3b:89:91:
bc:12:77:cf:51:6c:17:7f:3a:d3:8b:5a:18:f6:2f:
df:79:24:d4:4e:70:72:f6:e5:85:48:94:b9:3a:ff:
7a:27:50:55:90:2a:f4:84:b3:99:6a:b5:43:3d:16:
9a:e3:3a:8c:93:f4:db:9d:87:56:d1:54:09:81:7d:
b5:fe:b0:b5:51:92:df:3b:8a:2f:82:21:68:e7:1a:
d7:46:3a:7a:54:35:af:63:04:4b:fd:fa:88:6d:3b:
3e:14:f6:a0:2e:9e:bc:83:05:82:cb:28:15:a2:c1:
74:7a:23:74:f8:5c:ab:ca:ae:6a:06:0b:64:b1:0d:
71:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:AE:BC:98:E7:A1:AF:D6:28:26:13:C6:27:1F:03:A0:6B:7D:76:9F
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/65d18e0e-d6e4-4132-9d63-3be5f7e8a52c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.159.212.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:ec:2d:49:28:4e:7f:85:0f:76:82:28:be:13:30:d9:d7:f6:
ba:58:38:25:76:ea:f5:10:0c:1d:fa:d3:4a:96:71:24:b2:db:
97:17:49:8b:96:42:a9:ec:8d:33:83:c6:31:5c:8e:d9:77:2d:
c4:d2:47:4f:22:0e:29:48:49:a3:3f:58:39:2a:89:64:f9:d9:
e9:ba:fd:fa:5a:34:bc:3b:49:32:68:34:97:bb:13:c6:19:4f:
bd:8f:c7:7a:77:bb:18:73:2c:2e:ad:74:91:f5:91:eb:0f:b7:
92:22:af:56:ae:db:5c:bc:81:73:38:06:10:4f:64:a0:48:00:
10:b0:62:b8:df:56:9c:9d:4b:6b:99:0e:40:ad:36:df:d0:fb:
9b:a9:ea:dd:b1:6a:06:c4:59:f8:c6:0a:24:d4:6f:2b:72:3b:
1b:af:4d:8d:45:56:35:5d:a9:ef:7f:ab:cd:5f:fe:37:05:48:
04:0e:22:c3:d0:96:99:4c:bb:99:5a:71:e5:7b:76:39:2c:a1:
4d:4b:16:93:c5:a4:12:62:8b:bb:1e:e2:22:0e:4b:4c:14:2f:
79:b8:47:95:27:19:87:ce:89:14:eb:3f:fd:12:3c:6d:83:53:
71:79:e1:ff:38:af:f1:6d:cb:3b:69:52:a8:2e:88:fb:a7:14:
b1:76:7e:7c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOcr+VkO+IiHGY0VwWDBko1G5RwEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIwMDE0MjEyWhcNMjUxMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A5NjI0N2NiNGNlMmQ5ZTNhN2ZkNDMxODgwYmRmNTI0OGI4
NmQyOWJiNWZkMmUwMDdiZjJiMzExOWEyOWNlMzgwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCwDUoc12Vp8AaCMFG2JYHBo+rhi3Vv1Fu0idkF02BE2yfk
1qFNYCoydo8a6PCPg93Nnp/IR/0QtEB6MxTqpXPhE8FyZNaiZEsyMXOf+PEb4UFK
Pyj1dJheGX0ttumq7ddDMkYagBS5ehJgyFecoO+Yi7/3ou3ZacNK3Rw6YvwNDQJ3
1zuJkbwSd89RbBd/OtOLWhj2L995JNROcHL25YVIlLk6/3onUFWQKvSEs5lqtUM9
FprjOoyT9Nudh1bRVAmBfbX+sLVRkt87ii+CIWjnGtdGOnpUNa9jBEv9+ohtOz4U
9qAunryDBYLLKBWiwXR6I3T4XKvKrmoGC2SxDXE3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUvq68mOehr9YoJhPGJx8DoGt9dp8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY1ZDE4ZTBlLWQ2ZTQtNDEzMi05ZDYzLTNiZTVmN2U4YTUyYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFsn9QwDQYJKoZIhvcNAQELBQADggEBAKfsLUkoTn+FD3aCKL4TMNnX9rpY
OCV26vUQDB3600qWcSSy25cXSYuWQqnsjTODxjFcjtl3LcTSR08iDilISaM/WDkq
iWT52em6/fpaNLw7STJoNJe7E8YZT72Px3p3uxhzLC6tdJH1kesPt5Iir1au21y8
gXM4BhBPZKBIABCwYrjfVpydS2uZDkCtNt/Q+5up6t2xagbEWfjGCiTUbytyOxuv
TY1FVjVdqe9/q81f/jcFSAQOIsPQlplMu5laceV7djksoU1LFpPFpBJii7se4iIO
S0wUL3m4R5UnGYfOiRTrP/0SPG2DU3F54f84r/FtyztpUqguiPunFLF2fnw=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:47:02 2025 by rpki-client