Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bc04aee7-328f-4153-a9ca-1f22d832b146.roa
File: bc04aee7-328f-4153-a9ca-1f22d832b146.roa (raw, json)
Hash identifier: +GDFoX0TX4Urg5aiislk3HDncZMUeUAKqYdTYbRegX4=
Subject key identifier: 84:54:A6:58:1A:C8:95:FB:2D:58:CB:FA:2E:B3:2D:4A:D8:26:DD:FF
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 2A1EC213D760FAF23C1DD6F9FF3CE53C38CF6D2F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bc04aee7-328f-4153-a9ca-1f22d832b146.roa
Signing time: Mon 20 Oct 2025 03:12:10 +0000
ROA not before: Mon 20 Oct 2025 03:12:10 +0000
ROA not after: Mon 24 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.157.128.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:1e:c2:13:d7:60:fa:f2:3c:1d:d6:f9:ff:3c:e5:3c:38:cf:6d:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 20 03:12:10 2025 GMT
Not After : Nov 24 23:59:59 2025 GMT
Subject: serialNumber=c71f9ddfe61f36f0638de7e1fd566f7e5f384fcede80e17c8741bdfb0439d0a3, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b0:e1:ca:39:2a:44:d6:e1:66:90:e9:8f:bb:
87:16:2b:95:17:e9:98:cf:9b:e5:09:8b:eb:33:5e:
c0:a0:29:c3:41:65:bb:70:c9:95:74:a1:e8:4d:6e:
67:93:d2:17:b4:5d:5e:df:66:f3:03:c6:28:d2:9f:
13:a3:ea:67:50:c5:a8:f9:ae:06:20:96:30:7e:94:
8d:05:b6:af:d5:76:5a:78:24:e8:c6:14:18:52:b6:
57:e6:05:0f:5f:ae:2b:62:18:7f:97:ca:ec:51:35:
ca:71:bb:3f:5f:74:9a:ed:83:a1:e4:f8:38:f6:65:
21:d2:7c:89:28:e4:8e:e0:43:fd:75:a3:a5:a4:ed:
02:b3:22:6c:eb:de:d6:ca:e0:ac:b1:4c:b2:0e:91:
88:f1:85:0b:22:81:03:ef:19:f0:a6:91:8b:18:a9:
e5:7e:47:22:57:ef:db:b8:56:08:3c:0c:cb:33:bf:
db:cd:d9:68:48:0d:c9:40:d0:1c:0a:c1:a2:69:5c:
db:54:db:ac:d6:47:38:39:39:fa:8f:bf:17:ce:fb:
b5:3f:57:48:50:4a:18:20:c8:72:77:e2:2f:33:20:
22:fd:ab:1b:0f:92:f0:be:ff:77:65:48:9c:79:fb:
38:52:81:f4:50:8c:71:d4:79:11:a5:b4:51:c8:5f:
2f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:54:A6:58:1A:C8:95:FB:2D:58:CB:FA:2E:B3:2D:4A:D8:26:DD:FF
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bc04aee7-328f-4153-a9ca-1f22d832b146.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.157.128.0/19
Signature Algorithm: sha256WithRSAEncryption
a9:ab:73:a6:71:6a:8c:00:2e:e7:c2:b2:c0:1a:f6:d0:e8:18:
2d:f9:1c:e5:e8:e4:b4:48:5c:dd:b7:34:4e:24:23:a0:d6:d4:
ef:c4:0c:cc:17:f3:f5:70:44:2e:7c:d5:fa:29:a8:ea:94:72:
27:08:ad:ba:af:49:5f:0c:ad:6e:2e:51:d2:da:2a:79:ac:25:
03:2a:9b:93:49:db:0c:4f:3d:a5:e6:78:f2:20:db:89:44:0d:
cd:11:02:ef:df:3e:f3:95:ed:a1:47:d6:83:63:9b:9d:fe:8a:
d4:4f:f1:e1:80:be:2c:7c:46:9b:d5:93:48:c8:3c:a8:64:c1:
e5:e0:6c:01:19:21:3d:39:f0:8d:a3:9b:51:de:2f:67:9c:3d:
54:3d:61:4d:43:08:82:b2:6f:1b:15:46:f4:34:74:51:3a:54:
7e:67:3d:7b:60:cc:29:cc:42:b9:43:76:22:63:74:85:cc:98:
a3:af:10:a0:7d:90:ff:3d:a3:8c:3a:01:cb:8b:8a:c0:c4:a3:
ed:d6:79:04:91:04:fb:eb:77:30:53:25:b9:bc:a1:61:a9:13:
93:9d:a4:fd:a3:be:ae:0c:4e:15:12:55:c0:da:22:b2:1b:d9:
58:2d:e6:ba:aa:c2:3f:57:fb:33:35:b8:30:84:72:d9:a2:bc:
f6:45:20:ae
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKh7CE9dg+vI8Hdb5/zzlPDjPbS8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIwMDMxMjEwWhcNMjUxMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BjNzFmOWRkZmU2MWYzNmYwNjM4ZGU3ZTFmZDU2NmY3ZTVm
Mzg0ZmNlZGU4MGUxN2M4NzQxYmRmYjA0MzlkMGEzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCYsOHKOSpE1uFmkOmPu4cWK5UX6ZjPm+UJi+szXsCgKcNB
ZbtwyZV0oehNbmeT0he0XV7fZvMDxijSnxOj6mdQxaj5rgYgljB+lI0Ftq/Vdlp4
JOjGFBhStlfmBQ9fritiGH+XyuxRNcpxuz9fdJrtg6Hk+Dj2ZSHSfIko5I7gQ/11
o6Wk7QKzImzr3tbK4KyxTLIOkYjxhQsigQPvGfCmkYsYqeV+RyJX79u4Vgg8DMsz
v9vN2WhIDclA0BwKwaJpXNtU26zWRzg5OfqPvxfO+7U/V0hQShggyHJ34i8zICL9
qxsPkvC+/3dlSJx5+zhSgfRQjHHUeRGltFHIXy9zAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUhFSmWBrIlfstWMv6LrMtStgm3f8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JjMDRhZWU3LTMyOGYtNDE1My1hOWNhLTFmMjJkODMyYjE0Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAVsnYAwDQYJKoZIhvcNAQELBQADggEBAKmrc6ZxaowALufCssAa9tDoGC35
HOXo5LRIXN23NE4kI6DW1O/EDMwX8/VwRC581fopqOqUcicIrbqvSV8MrW4uUdLa
KnmsJQMqm5NJ2wxPPaXmePIg24lEDc0RAu/fPvOV7aFH1oNjm53+itRP8eGAvix8
RpvVk0jIPKhkweXgbAEZIT058I2jm1HeL2ecPVQ9YU1DCIKybxsVRvQ0dFE6VH5n
PXtgzCnMQrlDdiJjdIXMmKOvEKB9kP89o4w6AcuLisDEo+3WeQSRBPvrdzBTJbm8
oWGpE5OdpP2jvq4MThUSVcDaIrIb2Vgt5rqqwj9X+zM1uDCEctmivPZFIK4=
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:10:58 2025 by rpki-client