Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6afbc590-df1e-48a1-a935-f33db4eeaedf.roa
File: 6afbc590-df1e-48a1-a935-f33db4eeaedf.roa (raw, json)
Hash identifier: g0yzpnCB8e9L7l78h1KRPwphVtFSHKZlaOdEhdS3xO8=
Subject key identifier: 8A:C8:1B:3C:23:19:E7:9C:C2:F2:0A:7C:9D:2B:BC:6C:03:1F:71:4F
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 27E239930AD9BADF9B360D0F68951A5D482E1FE1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6afbc590-df1e-48a1-a935-f33db4eeaedf.roa
Signing time: Mon 20 Oct 2025 05:01:04 +0000
ROA not before: Mon 20 Oct 2025 05:01:04 +0000
ROA not after: Mon 24 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.159.74.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:e2:39:93:0a:d9:ba:df:9b:36:0d:0f:68:95:1a:5d:48:2e:1f:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 20 05:01:04 2025 GMT
Not After : Nov 24 23:59:59 2025 GMT
Subject: serialNumber=ceaf8a5f58401486283d148bf0640a6538fcd105d0d2b2ea41735af7cb3551af, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:cf:16:d7:2b:67:c8:4e:12:a4:d0:da:57:41:
92:af:32:bc:b8:36:5a:62:3b:7d:f5:e2:71:9e:5d:
87:28:94:3d:52:a6:78:75:d8:6c:33:46:83:28:c4:
b4:3c:87:d2:e8:61:6e:87:08:38:2f:25:31:95:e1:
a8:ad:28:b4:68:e2:86:61:9f:91:53:86:aa:3a:63:
79:5e:56:4d:9b:bf:61:a3:87:bf:47:af:b3:af:37:
23:93:7c:4b:96:cb:f2:f3:33:1e:77:b4:24:9b:3a:
98:81:a7:2a:4c:21:31:21:ea:de:5c:f2:51:4d:02:
d8:44:e7:96:f3:a2:6f:b0:e3:8e:36:41:72:98:7c:
cc:32:0e:71:57:06:f8:cc:77:bf:f9:3c:19:57:5c:
ac:7b:37:0e:40:5e:01:92:38:80:f5:60:1d:c3:1e:
56:b8:6f:2c:ef:37:7b:92:2a:7f:b3:70:0e:f6:f6:
71:55:ae:68:e0:48:05:54:47:53:82:57:6a:f0:01:
0e:cf:16:0f:d9:d6:77:ae:10:43:3d:80:79:6f:e6:
b2:55:dc:9c:a4:50:37:cf:2d:fc:ce:a6:1f:dc:77:
e1:39:bc:60:bd:97:65:7a:61:a1:28:81:22:fb:f6:
50:9c:5f:73:bd:38:fd:5e:a1:1d:e1:fd:3b:77:72:
fe:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:C8:1B:3C:23:19:E7:9C:C2:F2:0A:7C:9D:2B:BC:6C:03:1F:71:4F
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6afbc590-df1e-48a1-a935-f33db4eeaedf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.159.74.0/23
Signature Algorithm: sha256WithRSAEncryption
d4:79:d1:c3:06:4f:ab:0d:c1:7c:ea:ab:4d:a4:14:8d:07:40:
2d:ce:81:f5:3b:8f:1c:b2:a7:57:ff:65:92:6e:9e:48:0c:cb:
9b:5c:9b:81:4d:34:7f:34:59:0f:19:5c:b7:b2:67:2b:e1:90:
62:49:ae:dd:52:dd:6b:57:0e:42:e2:6c:d9:48:c8:8b:b5:55:
e5:4d:f0:7b:f9:af:77:89:35:6a:5c:21:18:2b:39:d1:81:b4:
1e:55:2c:72:6a:a6:3e:a1:0c:e3:44:89:cb:ca:93:4a:66:a4:
48:b6:3a:8b:da:93:52:26:4c:24:e2:31:11:ff:6c:c3:90:31:
4c:d3:79:5d:01:0f:99:c0:99:2a:5f:eb:a1:38:7a:74:27:00:
71:b1:d9:2f:78:23:36:cb:18:18:b6:e5:f6:7b:d0:50:bc:0c:
03:99:e8:30:03:14:2e:3f:f3:d0:4e:a6:92:0a:dc:31:e9:c0:
cd:9e:40:04:e8:b1:3a:3f:e9:0f:14:24:d4:db:36:2f:df:73:
d9:4d:98:b0:ac:0d:6c:c9:4c:a0:57:7f:52:93:d5:8b:94:c1:
1f:b2:70:57:94:4a:92:d0:a7:0e:7f:dd:e3:bf:44:24:68:24:
b9:bc:0d:a7:4e:01:a2:ec:31:13:ee:9a:2e:dd:16:d7:bd:92:
be:c3:44:3d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJ+I5kwrZut+bNg0PaJUaXUguH+EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIwMDUwMTA0WhcNMjUxMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BjZWFmOGE1ZjU4NDAxNDg2MjgzZDE0OGJmMDY0MGE2NTM4
ZmNkMTA1ZDBkMmIyZWE0MTczNWFmN2NiMzU1MWFmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpzxbXK2fIThKk0NpXQZKvMry4NlpiO3314nGeXYcolD1S
pnh12GwzRoMoxLQ8h9LoYW6HCDgvJTGV4aitKLRo4oZhn5FThqo6Y3leVk2bv2Gj
h79Hr7OvNyOTfEuWy/LzMx53tCSbOpiBpypMITEh6t5c8lFNAthE55bzom+w4442
QXKYfMwyDnFXBvjMd7/5PBlXXKx7Nw5AXgGSOID1YB3DHla4byzvN3uSKn+zcA72
9nFVrmjgSAVUR1OCV2rwAQ7PFg/Z1neuEEM9gHlv5rJV3JykUDfPLfzOph/cd+E5
vGC9l2V6YaEogSL79lCcX3O9OP1eoR3h/Tt3cv4vAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUisgbPCMZ55zC8gp8nSu8bAMfcU8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZhZmJjNTkwLWRmMWUtNDhhMS1hOTM1LWYzM2RiNGVlYWVkZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFsn0owDQYJKoZIhvcNAQELBQADggEBANR50cMGT6sNwXzqq02kFI0HQC3O
gfU7jxyyp1f/ZZJunkgMy5tcm4FNNH80WQ8ZXLeyZyvhkGJJrt1S3WtXDkLibNlI
yIu1VeVN8Hv5r3eJNWpcIRgrOdGBtB5VLHJqpj6hDONEicvKk0pmpEi2Oovak1Im
TCTiMRH/bMOQMUzTeV0BD5nAmSpf66E4enQnAHGx2S94IzbLGBi25fZ70FC8DAOZ
6DADFC4/89BOppIK3DHpwM2eQATosTo/6Q8UJNTbNi/fc9lNmLCsDWzJTKBXf1KT
1YuUwR+ycFeUSpLQpw5/3eO/RCRoJLm8DadOAaLsMRPumi7dFte9kr7DRD0=
-----END CERTIFICATE-----
Generated at Mon Oct 20 20:25:56 2025 by rpki-client