Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bcfb3767-8147-4196-8266-b44c0f4c119a.roa
File: bcfb3767-8147-4196-8266-b44c0f4c119a.roa (raw, json)
Hash identifier: LP3K/GpLrdXKLfQAhELxdYeTZL35ntxILgNBiINBUH8=
Subject key identifier: 5E:82:93:9B:9C:A0:0D:12:2C:24:B7:DE:4C:B0:B7:33:28:5E:85:6F
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 4F65F4F189611BE9568B45597189CF114BE0FAF7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bcfb3767-8147-4196-8266-b44c0f4c119a.roa
Signing time: Mon 20 Oct 2025 03:40:09 +0000
ROA not before: Mon 20 Oct 2025 03:40:09 +0000
ROA not after: Mon 24 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.159.198.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:65:f4:f1:89:61:1b:e9:56:8b:45:59:71:89:cf:11:4b:e0:fa:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 20 03:40:09 2025 GMT
Not After : Nov 24 23:59:59 2025 GMT
Subject: serialNumber=0058a5ba2742be626083e9da179e932258359262da9d80c5d0a7464d6b4b7d26, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:db:77:75:20:40:78:e2:78:1a:b5:bf:71:00:
fd:d7:36:18:ec:92:c9:56:64:54:83:e4:b3:02:35:
73:54:e7:84:32:32:0c:5e:b2:a7:03:6b:19:fc:39:
14:28:32:48:bd:cb:de:97:91:1b:b8:cd:bc:50:30:
17:33:39:05:9d:0f:3a:7a:65:0a:9a:3f:79:b2:c6:
ec:e3:87:d2:5e:7d:dc:d4:f9:ad:8b:81:3f:46:3c:
0b:d5:94:e3:02:e8:f0:5f:7e:e9:b1:d1:8d:b3:b7:
7b:fd:d3:49:c5:29:28:c4:11:63:78:88:13:ac:88:
91:97:3c:64:cb:fe:01:2b:70:de:e0:ca:a5:76:3c:
9f:b0:53:cb:e4:2b:4f:f1:fc:60:89:67:84:c5:1b:
90:b6:1c:06:df:43:91:c0:f6:30:25:e0:f5:94:1f:
d2:ef:e0:1f:49:d2:4c:f4:1a:be:2c:34:de:94:a5:
16:d1:3e:4c:4b:aa:b4:cb:d4:61:93:fc:49:21:d6:
f0:73:72:3b:f4:3a:06:93:91:28:89:b1:96:14:96:
fd:8b:f5:b3:66:16:77:c4:d2:43:35:8a:4c:7c:30:
bb:99:0e:a8:be:fe:e3:e8:c0:60:f6:ce:3f:af:48:
75:08:f9:aa:cd:b2:28:f3:a1:ed:31:c6:75:88:ab:
70:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:82:93:9B:9C:A0:0D:12:2C:24:B7:DE:4C:B0:B7:33:28:5E:85:6F
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bcfb3767-8147-4196-8266-b44c0f4c119a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.159.198.0/24
Signature Algorithm: sha256WithRSAEncryption
12:d4:7e:8e:67:5e:de:13:6c:31:ff:be:88:e7:b2:47:02:04:
b6:0b:1e:43:38:e6:5c:1a:5e:bf:8a:8e:ab:96:b0:64:a0:64:
01:78:4d:29:62:fc:88:f9:4a:d4:e7:af:32:0a:b5:64:c7:c9:
43:25:b6:2e:a0:03:bc:7e:16:e8:26:66:50:34:8a:c1:46:21:
b6:c3:3b:db:24:66:fa:77:95:50:62:24:0f:d1:17:2f:f3:ae:
af:55:93:ab:e9:56:15:80:3b:6c:f4:39:e5:8a:d7:78:13:11:
59:0f:21:a5:cb:6b:51:76:bd:8a:9b:46:83:42:8a:01:dd:6b:
a3:8c:1f:82:bd:f9:17:24:a4:17:cf:4e:43:85:a1:0a:97:0a:
dd:2a:86:db:60:87:09:e2:eb:ae:4e:4a:7c:fc:a9:7e:0d:df:
4b:69:c1:b5:b5:19:34:0e:42:9c:3a:3f:aa:3a:8b:dc:44:7d:
66:d9:a3:40:93:04:02:d6:d7:cc:70:f1:8d:63:bf:ae:2b:70:
a0:42:7f:97:2e:73:b5:dd:ab:ee:9c:09:83:5a:6d:e6:8d:38:
be:02:7b:32:96:d6:23:dc:dd:c3:fc:44:b9:41:39:94:9d:7c:
f1:f4:05:0a:e0:33:14:8f:58:03:6c:6f:1a:8e:c8:1d:6e:e1:
cd:f9:b6:72
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUT2X08YlhG+lWi0VZcYnPEUvg+vcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIwMDM0MDA5WhcNMjUxMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0AwMDU4YTViYTI3NDJiZTYyNjA4M2U5ZGExNzllOTMyMjU4
MzU5MjYyZGE5ZDgwYzVkMGE3NDY0ZDZiNGI3ZDI2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCn23d1IEB44ngatb9xAP3XNhjskslWZFSD5LMCNXNU54Qy
MgxesqcDaxn8ORQoMki9y96XkRu4zbxQMBczOQWdDzp6ZQqaP3myxuzjh9JefdzU
+a2LgT9GPAvVlOMC6PBffumx0Y2zt3v900nFKSjEEWN4iBOsiJGXPGTL/gErcN7g
yqV2PJ+wU8vkK0/x/GCJZ4TFG5C2HAbfQ5HA9jAl4PWUH9Lv4B9J0kz0Gr4sNN6U
pRbRPkxLqrTL1GGT/Ekh1vBzcjv0OgaTkSiJsZYUlv2L9bNmFnfE0kM1ikx8MLuZ
Dqi+/uPowGD2zj+vSHUI+arNsijzoe0xxnWIq3BDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUXoKTm5ygDRIsJLfeTLC3MyhehW8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JjZmIzNzY3LTgxNDctNDE5Ni04MjY2LWI0NGMwZjRjMTE5YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABsn8YwDQYJKoZIhvcNAQELBQADggEBABLUfo5nXt4TbDH/vojnskcCBLYL
HkM45lwaXr+KjquWsGSgZAF4TSli/Ij5StTnrzIKtWTHyUMlti6gA7x+FugmZlA0
isFGIbbDO9skZvp3lVBiJA/RFy/zrq9Vk6vpVhWAO2z0OeWK13gTEVkPIaXLa1F2
vYqbRoNCigHda6OMH4K9+RckpBfPTkOFoQqXCt0qhttghwni665OSnz8qX4N30tp
wbW1GTQOQpw6P6o6i9xEfWbZo0CTBALW18xw8Y1jv64rcKBCf5cuc7Xdq+6cCYNa
beaNOL4CezKW1iPc3cP8RLlBOZSdfPH0BQrgMxSPWANsbxqOyB1u4c35tnI=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:47:14 2025 by rpki-client