Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/768cef3a-0415-48df-b1c6-9b5b0200d68b.roa
File: 768cef3a-0415-48df-b1c6-9b5b0200d68b.roa (raw, json)
Hash identifier: T6EVTBOSd5+8qFLE4mB+ZijPaUNNwclzyhEoqvfnfDc=
Subject key identifier: 7E:25:EC:2E:32:1B:87:77:B2:45:47:C8:93:B9:46:09:74:10:7D:DA
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 5B11C9D5A3FD210A34D986A4F82853D37276997F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/768cef3a-0415-48df-b1c6-9b5b0200d68b.roa
Signing time: Mon 20 Oct 2025 04:40:40 +0000
ROA not before: Mon 20 Oct 2025 04:40:40 +0000
ROA not after: Mon 24 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.138.212.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:11:c9:d5:a3:fd:21:0a:34:d9:86:a4:f8:28:53:d3:72:76:99:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 20 04:40:40 2025 GMT
Not After : Nov 24 23:59:59 2025 GMT
Subject: serialNumber=59c8b25afe13fc24ac43fbf04f55cb46a9d57263c604ee3aeaf270e6fcb22f7e, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:0f:ed:22:df:ff:76:d4:40:02:fe:6f:10:c6:
f7:35:e0:ae:6d:b5:a1:ab:b1:dd:b2:bd:78:af:20:
d6:b3:c5:80:fd:31:69:cd:13:af:7d:eb:2e:d0:a1:
c4:e5:af:c5:98:53:f4:d3:17:19:cd:a3:59:ce:1e:
67:50:50:f9:87:2a:50:6c:93:5b:26:81:ab:08:21:
86:f8:e0:c3:02:7b:18:b5:37:18:8f:7f:ce:93:5d:
7e:b4:3e:29:e7:17:b1:67:25:90:a5:14:44:a9:56:
d6:ae:25:31:dd:76:53:50:0b:27:d7:b5:c4:bb:ed:
9c:2e:64:09:72:18:9f:0f:04:c9:40:ce:95:dc:92:
b6:7d:48:d2:8c:a8:b5:58:4c:9a:96:c6:cd:84:ce:
e4:aa:71:a3:54:b9:36:d1:27:02:41:e5:df:e5:56:
0f:72:2c:ed:ba:8e:09:ac:a5:6d:20:fe:83:07:51:
3e:d3:74:e3:0b:51:c6:7d:84:ff:32:05:65:17:42:
7f:21:4e:36:11:68:2a:dc:44:b9:cb:f0:99:05:6b:
17:09:0e:16:cc:22:74:1f:dc:e8:80:e4:d8:23:0e:
19:ff:4b:6c:b5:f7:06:99:32:43:2a:d5:6e:47:73:
dc:a1:fe:f3:ff:24:15:eb:39:41:e3:ff:7c:20:7d:
75:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:25:EC:2E:32:1B:87:77:B2:45:47:C8:93:B9:46:09:74:10:7D:DA
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/768cef3a-0415-48df-b1c6-9b5b0200d68b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.138.212.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:d9:33:9e:8d:fb:5e:be:81:87:f6:7c:43:29:de:30:48:91:
f1:a8:e3:ab:3d:0f:c7:f5:79:0a:64:6a:49:96:89:f6:4b:19:
b3:49:8f:b1:0c:17:eb:e0:3f:53:27:12:b1:71:23:4b:02:a9:
19:41:23:9a:5d:d0:04:8a:0d:9f:0e:b3:e1:2f:cb:1d:bf:90:
1c:94:f4:1a:0a:50:4b:98:65:33:c6:8a:3f:16:e6:37:cf:a7:
91:07:87:2e:e5:09:95:14:3e:21:f0:ab:b4:a5:b6:1b:61:28:
9b:8b:ff:e4:d8:86:3e:8c:40:17:23:5b:8a:72:06:1e:2f:90:
97:9f:97:9f:91:ff:f8:49:1e:74:66:da:ed:cc:72:be:92:bd:
58:5f:5c:05:09:b5:b4:14:99:52:8f:95:b2:de:a7:d3:1e:6f:
0a:25:35:5a:dc:52:ba:3c:10:57:14:99:a5:02:ff:4a:71:06:
24:ab:12:9d:d1:94:ce:16:35:16:d9:37:58:8c:f7:bf:d5:4c:
5a:61:fd:3e:bf:52:5d:03:0d:6d:ee:c9:b3:a1:b9:14:3a:13:
cd:c4:6e:d1:de:df:a0:2e:e9:26:9d:d9:10:2b:96:d6:74:f4:
52:47:ca:cd:0b:33:30:7e:50:35:ff:79:d4:50:d2:c7:38:7e:
46:96:8b:24
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUWxHJ1aP9IQo02Yak+ChT03J2mX8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIwMDQ0MDQwWhcNMjUxMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A1OWM4YjI1YWZlMTNmYzI0YWM0M2ZiZjA0ZjU1Y2I0NmE5
ZDU3MjYzYzYwNGVlM2FlYWYyNzBlNmZjYjIyZjdlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDnD+0i3/921EAC/m8Qxvc14K5ttaGrsd2yvXivINazxYD9
MWnNE6996y7QocTlr8WYU/TTFxnNo1nOHmdQUPmHKlBsk1smgasIIYb44MMCexi1
NxiPf86TXX60PinnF7FnJZClFESpVtauJTHddlNQCyfXtcS77ZwuZAlyGJ8PBMlA
zpXckrZ9SNKMqLVYTJqWxs2EzuSqcaNUuTbRJwJB5d/lVg9yLO26jgmspW0g/oMH
UT7TdOMLUcZ9hP8yBWUXQn8hTjYRaCrcRLnL8JkFaxcJDhbMInQf3OiA5NgjDhn/
S2y19waZMkMq1W5Hc9yh/vP/JBXrOUHj/3wgfXUfAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUfiXsLjIbh3eyRUfIk7lGCXQQfdowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc2OGNlZjNhLTA0MTUtNDhkZi1iMWM2LTliNWIwMjAwZDY4Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJsitQwDQYJKoZIhvcNAQELBQADggEBAJvZM56N+16+gYf2fEMp3jBIkfGo
46s9D8f1eQpkakmWifZLGbNJj7EMF+vgP1MnErFxI0sCqRlBI5pd0ASKDZ8Os+Ev
yx2/kByU9BoKUEuYZTPGij8W5jfPp5EHhy7lCZUUPiHwq7SlththKJuL/+TYhj6M
QBcjW4pyBh4vkJefl5+R//hJHnRm2u3Mcr6SvVhfXAUJtbQUmVKPlbLep9Mebwol
NVrcUro8EFcUmaUC/0pxBiSrEp3RlM4WNRbZN1iM97/VTFph/T6/Ul0DDW3uybOh
uRQ6E83EbtHe36Au6Sad2RArltZ09FJHys0LMzB+UDX/edRQ0sc4fkaWiyQ=
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:19:38 2025 by rpki-client