Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9341a64d-773c-41e7-9c19-c7b7844748d8.roa
File: 9341a64d-773c-41e7-9c19-c7b7844748d8.roa (raw, json)
Hash identifier: M0H7TvUsvX56CoeuBI7XSORv20NgK61wPvtgb9EKV0Y=
Subject key identifier: 38:6D:9C:C2:21:69:F1:6B:EE:A3:09:5D:CF:75:57:30:6E:14:42:B6
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 65F1B4642E82B85C92B3A51B917C6D193AD6355E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9341a64d-773c-41e7-9c19-c7b7844748d8.roa
Signing time: Mon 20 Oct 2025 06:10:10 +0000
ROA not before: Mon 20 Oct 2025 06:10:10 +0000
ROA not after: Mon 24 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.159.0.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:f1:b4:64:2e:82:b8:5c:92:b3:a5:1b:91:7c:6d:19:3a:d6:35:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 20 06:10:10 2025 GMT
Not After : Nov 24 23:59:59 2025 GMT
Subject: serialNumber=215416a0e5a270717b7b4bc0b5cce5b86cd6e31de941b7195d0dff9e5d6364b9, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:35:e2:0d:a4:4f:1f:ad:ae:0f:8d:40:88:ff:
05:d5:18:bd:27:5f:92:4b:0f:07:b6:1c:ea:69:7a:
2e:36:c6:c5:c0:5c:0b:a7:27:9e:08:1c:3f:8f:6d:
94:37:5e:0a:2c:24:25:ac:80:c0:d9:b9:16:7a:25:
42:4c:8e:d7:cd:e2:97:ee:93:d9:32:42:c6:cd:17:
f7:1f:38:38:6e:78:2d:89:8b:d9:e7:60:9c:0d:0b:
0d:09:41:27:7d:0c:91:51:f5:63:90:5b:77:52:f3:
80:ea:12:51:4a:82:4e:0d:ce:43:c9:bf:9e:e4:4c:
42:cb:a7:29:af:ba:a7:3e:c3:ff:3f:ba:de:a7:40:
77:28:e4:19:78:b3:3b:a0:36:62:a4:35:6f:ff:14:
aa:a2:7f:55:36:5f:34:d7:6a:47:d1:7e:d9:a5:ec:
97:15:26:df:5a:9d:ec:c5:bd:3d:89:51:15:cb:f0:
07:79:3d:32:02:ce:42:34:4a:bc:b2:70:c6:d3:4c:
5b:d6:af:de:fc:ec:ad:db:24:de:4c:45:45:c9:24:
4d:7e:8a:82:6a:52:7f:cd:e5:9c:20:cf:3e:50:3e:
3d:25:d0:87:62:1f:f4:40:69:2d:b2:bb:a1:9d:a3:
b6:d2:ef:7d:29:4f:63:aa:37:66:b3:ef:b2:ff:0b:
1b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:6D:9C:C2:21:69:F1:6B:EE:A3:09:5D:CF:75:57:30:6E:14:42:B6
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9341a64d-773c-41e7-9c19-c7b7844748d8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.159.0.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:e5:06:22:05:17:15:0f:79:46:99:ac:c8:06:df:35:e4:20:
0b:f1:19:89:66:ea:fa:29:3b:03:3f:d9:d6:9b:8b:47:79:13:
6d:72:88:c6:eb:13:09:42:2f:24:b8:83:15:a4:1d:0e:f4:7b:
a0:c7:30:ff:ab:74:c9:e2:8a:ff:ae:bc:4f:a0:85:2e:89:fe:
84:b4:63:10:f8:df:ff:c4:90:7d:0c:23:c8:f9:2d:e0:3e:83:
65:99:d5:c4:17:fa:86:c9:79:96:bf:46:c1:9d:d7:37:f7:d4:
21:76:1c:74:8d:80:25:24:b9:40:5c:33:1f:d2:30:43:fc:54:
a0:a5:6c:ca:66:b8:f2:1e:8b:6a:34:43:e9:f8:80:47:87:9c:
a7:dc:55:dd:d9:ac:0a:19:34:15:2c:80:c3:4c:a4:61:a3:b4:
3a:a2:55:f0:85:d9:db:5c:a0:60:bf:ea:36:d6:50:47:6d:a2:
87:4d:d4:40:1c:bb:d6:94:56:cb:0b:39:86:eb:dc:af:49:f0:
5a:83:cb:17:41:32:ff:1c:35:1c:c8:92:32:0b:27:0c:6c:b5:
dc:e5:45:ab:74:a7:4b:b8:bd:3f:f2:c2:01:61:fb:c2:ac:d4:
d2:b5:0a:c3:d3:20:3e:4a:bb:c6:75:55:d9:42:7c:77:b2:0c:
49:8e:f6:50
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUZfG0ZC6CuFySs6UbkXxtGTrWNV4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIwMDYxMDEwWhcNMjUxMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0AyMTU0MTZhMGU1YTI3MDcxN2I3YjRiYzBiNWNjZTViODZj
ZDZlMzFkZTk0MWI3MTk1ZDBkZmY5ZTVkNjM2NGI5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD2NeINpE8fra4PjUCI/wXVGL0nX5JLDwe2HOppei42xsXA
XAunJ54IHD+PbZQ3XgosJCWsgMDZuRZ6JUJMjtfN4pfuk9kyQsbNF/cfODhueC2J
i9nnYJwNCw0JQSd9DJFR9WOQW3dS84DqElFKgk4NzkPJv57kTELLpymvuqc+w/8/
ut6nQHco5Bl4szugNmKkNW//FKqif1U2XzTXakfRftml7JcVJt9anezFvT2JURXL
8Ad5PTICzkI0SryycMbTTFvWr9787K3bJN5MRUXJJE1+ioJqUn/N5Zwgzz5QPj0l
0IdiH/RAaS2yu6Gdo7bS730pT2OqN2az77L/CxtnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUOG2cwiFp8Wvuowldz3VXMG4UQrYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzkzNDFhNjRkLTc3M2MtNDFlNy05YzE5LWM3Yjc4NDQ3NDhkOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJsnwAwDQYJKoZIhvcNAQELBQADggEBAKPlBiIFFxUPeUaZrMgG3zXkIAvx
GYlm6vopOwM/2dabi0d5E21yiMbrEwlCLyS4gxWkHQ70e6DHMP+rdMniiv+uvE+g
hS6J/oS0YxD43//EkH0MI8j5LeA+g2WZ1cQX+obJeZa/RsGd1zf31CF2HHSNgCUk
uUBcMx/SMEP8VKClbMpmuPIei2o0Q+n4gEeHnKfcVd3ZrAoZNBUsgMNMpGGjtDqi
VfCF2dtcoGC/6jbWUEdtoodN1EAcu9aUVssLOYbr3K9J8FqDyxdBMv8cNRzIkjIL
JwxstdzlRat0p0u4vT/ywgFh+8Ks1NK1CsPTID5Ku8Z1VdlCfHeyDEmO9lA=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:49:09 2025 by rpki-client