Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7a224909-a81b-4604-ac99-97fdd7fdf367.roa
File: 7a224909-a81b-4604-ac99-97fdd7fdf367.roa (raw, json)
Hash identifier: XeNrzWk2JtrH2K1cQnAd6iLrE+cLaKJAXl7BmZucTLY=
Subject key identifier: EF:08:53:6A:35:2C:A7:90:C8:F6:27:0F:7D:C7:2B:C3:F1:DC:7B:38
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 395C8729C8548B291970D958EC8AAEA6C54E5CBE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7a224909-a81b-4604-ac99-97fdd7fdf367.roa
Signing time: Mon 20 Oct 2025 02:01:17 +0000
ROA not before: Mon 20 Oct 2025 02:01:17 +0000
ROA not after: Mon 24 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.156.69.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:5c:87:29:c8:54:8b:29:19:70:d9:58:ec:8a:ae:a6:c5:4e:5c:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 20 02:01:17 2025 GMT
Not After : Nov 24 23:59:59 2025 GMT
Subject: serialNumber=ddd864c9b27fb053672945c4f7938eaedb04b5e82017397989cb5c96e76f480c, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ec:ba:99:a2:d0:65:94:a8:84:a5:67:fb:c7:
31:3a:d5:23:27:e6:36:31:6c:24:29:3e:21:3c:86:
bc:34:d2:57:bf:fe:00:82:77:33:1f:f6:97:bc:54:
61:8d:87:09:90:f3:65:9b:c6:b1:24:17:a8:f3:bc:
f7:e9:cc:32:ee:26:70:8a:69:d8:40:93:53:aa:d7:
ef:e0:4d:e0:b3:94:15:d5:a1:f8:f6:22:e4:3f:68:
ca:82:1f:60:5e:78:df:07:46:3a:cc:30:66:99:ea:
76:d0:a9:37:ed:b9:c1:12:ab:3e:cb:e9:0f:bd:4a:
41:1a:af:7d:01:e7:5c:a4:a4:b3:9e:f1:66:b3:3d:
79:91:41:bb:d4:b2:b0:b5:b8:2e:03:ed:8b:cf:82:
3e:21:fd:fd:0e:ac:63:8d:82:2c:c0:d0:c8:fb:12:
0d:14:fb:28:5e:50:99:b1:00:dd:fd:b8:39:5a:af:
23:7e:4f:f2:ce:0c:b5:0c:0f:08:c9:b0:36:1a:1a:
7a:ae:8a:94:5e:9e:17:5d:0b:dd:8d:a2:95:1e:63:
e2:ea:af:ae:4a:bd:f3:21:be:cb:2f:0d:42:ab:59:
a0:c1:06:a1:3a:18:b4:88:58:b5:dd:73:63:34:ef:
5e:0b:c2:27:d3:14:e8:6e:46:cc:0c:d8:95:b8:5c:
38:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:08:53:6A:35:2C:A7:90:C8:F6:27:0F:7D:C7:2B:C3:F1:DC:7B:38
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7a224909-a81b-4604-ac99-97fdd7fdf367.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.156.69.0/24
Signature Algorithm: sha256WithRSAEncryption
17:7e:34:56:3f:36:85:46:3c:84:be:63:06:35:99:6d:34:36:
1e:b3:16:3c:67:6a:d9:96:d4:43:1b:19:f4:d8:c7:29:86:17:
b1:b5:1b:e6:50:6e:5a:ef:6f:41:20:55:54:22:ad:da:7f:3f:
35:64:08:8b:48:ec:72:9a:c5:e3:59:cc:a9:26:f5:98:39:64:
3d:e9:f9:07:6a:05:e7:05:ea:d5:73:dd:e5:3d:6e:70:bb:1a:
61:91:89:3b:03:a1:a4:35:43:6b:e0:8a:22:92:bf:ec:8d:5c:
da:bb:f1:98:a4:86:6b:72:a7:a9:c1:ec:fc:24:38:e3:52:01:
e2:4c:69:fe:a3:58:8c:f3:2e:b5:36:0c:c2:5d:ca:d4:68:a6:
4d:e2:20:dd:2c:5b:72:27:89:2e:be:64:08:73:29:15:03:84:
8d:0a:78:8a:ed:78:5c:18:8c:ab:ca:01:d2:e3:55:9f:31:84:
3e:e5:14:2c:00:94:4f:51:d1:2e:9e:41:6d:db:9e:c8:2a:4d:
74:86:32:84:a2:ae:df:cb:b1:e9:d9:57:af:bf:69:5d:b2:66:
e4:96:3e:1e:8f:19:65:d1:1d:38:96:e4:0e:96:99:ac:99:8a:
95:5c:05:c0:7d:fe:43:68:e9:ae:a4:74:ed:1d:9b:f7:0a:be:
b1:78:5d:df
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOVyHKchUiykZcNlY7IqupsVOXL4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIwMDIwMTE3WhcNMjUxMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BkZGQ4NjRjOWIyN2ZiMDUzNjcyOTQ1YzRmNzkzOGVhZWRi
MDRiNWU4MjAxNzM5Nzk4OWNiNWM5NmU3NmY0ODBjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDF7LqZotBllKiEpWf7xzE61SMn5jYxbCQpPiE8hrw00le/
/gCCdzMf9pe8VGGNhwmQ82WbxrEkF6jzvPfpzDLuJnCKadhAk1Oq1+/gTeCzlBXV
ofj2IuQ/aMqCH2BeeN8HRjrMMGaZ6nbQqTftucESqz7L6Q+9SkEar30B51ykpLOe
8WazPXmRQbvUsrC1uC4D7YvPgj4h/f0OrGONgizA0Mj7Eg0U+yheUJmxAN39uDla
ryN+T/LODLUMDwjJsDYaGnquipRenhddC92NopUeY+Lqr65KvfMhvssvDUKrWaDB
BqE6GLSIWLXdc2M0714LwifTFOhuRswM2JW4XDhPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU7whTajUsp5DI9icPfccrw/HcezgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdhMjI0OTA5LWE4MWItNDYwNC1hYzk5LTk3ZmRkN2ZkZjM2Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABsnEUwDQYJKoZIhvcNAQELBQADggEBABd+NFY/NoVGPIS+YwY1mW00Nh6z
FjxnatmW1EMbGfTYxymGF7G1G+ZQblrvb0EgVVQirdp/PzVkCItI7HKaxeNZzKkm
9Zg5ZD3p+QdqBecF6tVz3eU9bnC7GmGRiTsDoaQ1Q2vgiiKSv+yNXNq78Zikhmty
p6nB7PwkOONSAeJMaf6jWIzzLrU2DMJdytRopk3iIN0sW3IniS6+ZAhzKRUDhI0K
eIrteFwYjKvKAdLjVZ8xhD7lFCwAlE9R0S6eQW3bnsgqTXSGMoSirt/LsenZV6+/
aV2yZuSWPh6PGWXRHTiW5A6WmayZipVcBcB9/kNo6a6kdO0dm/cKvrF4Xd8=
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:29:02 2025 by rpki-client