Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b89402ea-4c9e-479d-b104-2f6596fbda59.roa
File: b89402ea-4c9e-479d-b104-2f6596fbda59.roa (raw, json)
Hash identifier: 7V7iCmfNw28mVDWqxyTRYnPyNOCe7fipTin+U/+HSIo=
Subject key identifier: EC:28:B6:29:2D:77:FA:E6:7C:2B:43:3E:F1:E2:54:93:C1:0D:23:8C
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 448153DC44AD6E9E3091800736F17AD6AB8AF06B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b89402ea-4c9e-479d-b104-2f6596fbda59.roa
Signing time: Sun 19 Oct 2025 01:20:05 +0000
ROA not before: Sun 19 Oct 2025 01:20:05 +0000
ROA not after: Sun 23 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.138.110.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:81:53:dc:44:ad:6e:9e:30:91:80:07:36:f1:7a:d6:ab:8a:f0:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 19 01:20:05 2025 GMT
Not After : Nov 23 23:59:59 2025 GMT
Subject: serialNumber=2d772b96b343a5b88792c685304eeca3a04b9389d4ff5eafdfb5fd492b7016a0, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:25:30:89:93:3e:eb:19:3e:63:e6:6e:d7:9d:
42:28:35:02:f2:84:a8:1f:61:a7:d4:57:1e:15:67:
68:e7:37:5c:b3:d4:24:6c:8d:c0:1c:57:b3:21:43:
0c:0b:c7:92:08:a7:03:67:99:74:37:a4:b7:85:26:
b5:57:ac:e1:2c:2d:71:fb:40:7a:9c:b1:0b:a8:b5:
69:3d:9e:56:89:87:9f:29:de:87:5b:1b:8a:0e:8b:
e9:ee:e6:83:fc:87:c6:29:bd:a6:fa:90:ce:ae:a8:
4a:05:d1:e2:37:3f:9d:08:da:66:42:21:6a:fc:da:
34:f4:e7:e4:4d:a5:04:d9:fd:4a:d7:e4:80:31:ae:
bf:2a:1d:49:49:ec:56:0d:16:2d:8b:67:a4:b2:35:
20:cc:2e:82:16:e7:7f:49:7e:bd:4e:a6:bd:99:06:
f5:48:3c:9a:36:bd:60:7c:20:cd:4a:bd:71:08:48:
94:a8:ee:c2:ed:5d:a4:e2:13:86:8e:fa:0d:6e:fc:
48:dd:91:1c:f2:5f:25:d2:81:ae:1d:d8:67:11:55:
df:7b:3b:c6:9b:5c:2e:6d:95:ad:71:e7:af:0f:12:
b6:b5:6b:cd:61:70:5c:45:cc:2b:f1:35:17:c7:b3:
b2:d1:ee:ae:28:ae:d8:09:8b:91:af:2e:09:d1:a2:
29:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:28:B6:29:2D:77:FA:E6:7C:2B:43:3E:F1:E2:54:93:C1:0D:23:8C
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b89402ea-4c9e-479d-b104-2f6596fbda59.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.138.110.0/23
Signature Algorithm: sha256WithRSAEncryption
00:6b:c9:a7:a4:3c:2f:2a:5f:2a:ca:76:66:ed:3b:b7:8a:73:
54:9f:97:73:a9:bf:c1:bf:63:c6:80:8d:d7:70:f2:5f:5a:5f:
93:eb:b4:ff:71:ab:c5:dc:5a:f7:49:c7:4a:51:d2:7e:11:ef:
30:6b:83:e2:c7:3f:3d:99:c0:65:7d:83:fc:28:82:79:5e:9f:
2e:e2:98:8b:28:a3:4d:b4:3c:cc:3c:31:c4:c0:e5:b5:da:9a:
6a:d7:ed:27:7b:66:a9:1a:4a:84:c1:43:34:ac:f5:51:ed:ed:
bd:72:09:09:c0:e3:82:e9:93:6f:57:14:8f:a0:8b:99:0b:bf:
f7:e8:9f:33:ba:98:99:66:15:54:0d:31:69:73:87:d5:eb:06:
15:31:b5:e5:87:38:f5:91:ef:e3:5a:34:7d:ff:d7:c0:8a:4d:
df:f5:0e:f4:6c:04:fd:cb:a8:2c:53:42:3d:9e:06:41:f1:3d:
bd:9e:96:fc:97:66:38:7c:81:ed:e6:f2:6d:9b:29:72:42:d9:
8a:e9:88:c9:8a:70:7f:93:70:88:93:73:09:25:f2:a3:83:d7:
62:fd:5e:ce:4b:b2:4d:d1:34:b9:d2:b5:f0:81:71:94:fb:cf:
99:94:82:30:34:61:b5:2e:64:25:11:96:4c:e0:38:74:c1:5b:
29:56:54:6d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURIFT3EStbp4wkYAHNvF61quK8GswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE5MDEyMDA1WhcNMjUxMTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0AyZDc3MmI5NmIzNDNhNWI4ODc5MmM2ODUzMDRlZWNhM2Ew
NGI5Mzg5ZDRmZjVlYWZkZmI1ZmQ0OTJiNzAxNmEwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1JTCJkz7rGT5j5m7XnUIoNQLyhKgfYafUVx4VZ2jnN1yz
1CRsjcAcV7MhQwwLx5IIpwNnmXQ3pLeFJrVXrOEsLXH7QHqcsQuotWk9nlaJh58p
3odbG4oOi+nu5oP8h8Ypvab6kM6uqEoF0eI3P50I2mZCIWr82jT05+RNpQTZ/UrX
5IAxrr8qHUlJ7FYNFi2LZ6SyNSDMLoIW539Jfr1Opr2ZBvVIPJo2vWB8IM1KvXEI
SJSo7sLtXaTiE4aO+g1u/EjdkRzyXyXSga4d2GcRVd97O8abXC5tla1x568PEra1
a81hcFxFzCvxNRfHs7LR7q4ortgJi5GvLgnRoilhAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU7Ci2KS13+uZ8K0M+8eJUk8ENI4wwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I4OTQwMmVhLTRjOWUtNDc5ZC1iMTA0LTJmNjU5NmZiZGE1OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFsim4wDQYJKoZIhvcNAQELBQADggEBAABryaekPC8qXyrKdmbtO7eKc1Sf
l3Opv8G/Y8aAjddw8l9aX5PrtP9xq8XcWvdJx0pR0n4R7zBrg+LHPz2ZwGV9g/wo
gnleny7imIsoo020PMw8McTA5bXammrX7Sd7ZqkaSoTBQzSs9VHt7b1yCQnA44Lp
k29XFI+gi5kLv/fonzO6mJlmFVQNMWlzh9XrBhUxteWHOPWR7+NaNH3/18CKTd/1
DvRsBP3LqCxTQj2eBkHxPb2elvyXZjh8ge3m8m2bKXJC2YrpiMmKcH+TcIiTcwkl
8qOD12L9Xs5Lsk3RNLnStfCBcZT7z5mUgjA0YbUuZCURlkzgOHTBWylWVG0=
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:02:33 2025 by rpki-client