Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c8b449f3-99e1-4493-b954-c9c33e5e8a98.roa
File: c8b449f3-99e1-4493-b954-c9c33e5e8a98.roa (raw, json)
Hash identifier: tbEimIDXcHCxtG4foRPky4pY5YEcXfAQIbuI9oMWBxU=
Subject key identifier: 87:71:07:FB:4F:26:4B:13:72:9B:30:55:42:FE:B0:62:DD:74:FB:8E
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 5A21E6964178134E96B592CE348FE4C4DB363E67
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c8b449f3-99e1-4493-b954-c9c33e5e8a98.roa
Signing time: Mon 20 Oct 2025 00:11:21 +0000
ROA not before: Mon 20 Oct 2025 00:11:21 +0000
ROA not after: Mon 24 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.157.152.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:21:e6:96:41:78:13:4e:96:b5:92:ce:34:8f:e4:c4:db:36:3e:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 20 00:11:21 2025 GMT
Not After : Nov 24 23:59:59 2025 GMT
Subject: serialNumber=62d471da6342ae233fc4b393d9d3ace7a6ac87287263dfd7aa80155a77051e17, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:06:cf:7b:2b:10:c1:c2:97:a9:08:fa:4e:c9:
16:a5:31:06:7d:99:b3:69:99:f3:2b:63:1a:e6:e0:
83:a9:c0:39:5b:9b:0b:4b:49:3e:93:91:5b:bf:aa:
eb:d2:63:94:16:20:f1:a5:1b:9f:36:e9:06:03:11:
7a:5a:f0:f5:0d:47:bb:58:ae:43:e8:ba:f3:a7:16:
b9:83:33:bd:20:32:76:ef:59:01:5e:46:6f:fd:28:
52:93:f7:3f:4d:fd:bc:d6:db:e5:31:e3:c3:a3:5b:
93:bb:21:49:54:8a:ab:62:c4:66:70:26:5b:54:89:
56:f9:0c:ff:89:11:97:48:ea:74:50:53:56:bf:b0:
3f:70:7c:e7:ba:02:f6:f0:1e:a3:56:f0:45:d4:61:
1f:46:78:12:be:c8:c8:a6:eb:66:c4:36:c2:17:de:
f1:16:d3:7c:0f:b4:9e:06:da:97:af:17:3d:64:6a:
6b:71:17:03:b9:7b:09:69:e4:d4:fa:c3:8d:77:e5:
db:e2:39:e7:5a:69:ad:01:3c:42:35:a0:f5:18:f3:
e0:53:8f:bc:a5:c3:79:ea:26:84:c4:26:08:92:71:
1d:dc:c5:20:32:35:a0:54:6b:41:b8:0f:3a:36:32:
05:2c:46:9f:81:8e:d3:1c:6d:b3:25:41:30:d6:51:
4f:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:71:07:FB:4F:26:4B:13:72:9B:30:55:42:FE:B0:62:DD:74:FB:8E
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c8b449f3-99e1-4493-b954-c9c33e5e8a98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.157.152.0/21
Signature Algorithm: sha256WithRSAEncryption
ba:e8:8c:ce:fa:e2:12:b3:eb:da:76:5e:dd:91:d3:74:03:eb:
8a:d5:2a:40:d4:df:e3:e5:1d:af:05:18:95:91:bb:ab:41:eb:
16:b3:5b:d5:89:1c:0f:41:41:d1:21:23:d5:c9:a0:89:75:cd:
2e:d6:e4:4d:ab:42:e2:9c:1c:a6:a2:12:6f:57:ba:65:34:df:
9d:ee:f2:f5:30:ba:da:cb:b6:69:e8:15:a0:e1:73:b7:ef:55:
01:34:01:09:2d:c2:37:02:86:40:46:5c:dd:db:21:f3:0b:c0:
99:ea:9c:f0:3f:73:c4:4f:0b:9e:0a:d0:7e:e4:fb:ac:54:6e:
50:81:04:b4:5a:47:71:25:3a:58:03:56:b1:24:c5:b0:7b:48:
7e:cf:33:30:ed:51:e3:f1:91:53:ba:e2:62:51:a1:0f:18:b6:
1a:a5:70:fa:69:d5:fd:a0:6a:e8:b8:57:c4:ea:51:58:3b:45:
42:3c:12:11:85:f7:36:14:70:da:b1:95:67:2a:e8:b1:e0:cf:
91:61:b3:bf:9a:78:4c:d7:86:94:1b:c2:d9:82:62:29:9e:d1:
fc:1c:1d:f2:d9:42:f0:2b:b3:1a:e3:b3:76:79:77:40:87:9c:
d8:41:79:8b:92:ac:c9:fb:2a:93:17:65:37:4f:b7:49:fa:fe:
5c:0b:ef:b5
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUWiHmlkF4E06WtZLONI/kxNs2PmcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIwMDAxMTIxWhcNMjUxMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A2MmQ0NzFkYTYzNDJhZTIzM2ZjNGIzOTNkOWQzYWNlN2E2
YWM4NzI4NzI2M2RmZDdhYTgwMTU1YTc3MDUxZTE3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDkBs97KxDBwpepCPpOyRalMQZ9mbNpmfMrYxrm4IOpwDlb
mwtLST6TkVu/quvSY5QWIPGlG5826QYDEXpa8PUNR7tYrkPouvOnFrmDM70gMnbv
WQFeRm/9KFKT9z9N/bzW2+Ux48OjW5O7IUlUiqtixGZwJltUiVb5DP+JEZdI6nRQ
U1a/sD9wfOe6AvbwHqNW8EXUYR9GeBK+yMim62bENsIX3vEW03wPtJ4G2pevFz1k
amtxFwO5ewlp5NT6w4135dviOedaaa0BPEI1oPUY8+BTj7ylw3nqJoTEJgiScR3c
xSAyNaBUa0G4Dzo2MgUsRp+BjtMcbbMlQTDWUU/VAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUh3EH+08mSxNymzBVQv6wYt10+44wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M4YjQ0OWYzLTk5ZTEtNDQ5My1iOTU0LWM5YzMzZTVlOGE5OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANsnZgwDQYJKoZIhvcNAQELBQADggEBALrojM764hKz69p2Xt2R03QD64rV
KkDU3+PlHa8FGJWRu6tB6xazW9WJHA9BQdEhI9XJoIl1zS7W5E2rQuKcHKaiEm9X
umU0353u8vUwutrLtmnoFaDhc7fvVQE0AQktwjcChkBGXN3bIfMLwJnqnPA/c8RP
C54K0H7k+6xUblCBBLRaR3ElOlgDVrEkxbB7SH7PMzDtUePxkVO64mJRoQ8Ythql
cPpp1f2gaui4V8TqUVg7RUI8EhGF9zYUcNqxlWcq6LHgz5Fhs7+aeEzXhpQbwtmC
Yime0fwcHfLZQvArsxrjs3Z5d0CHnNhBeYuSrMn7KpMXZTdPt0n6/lwL77U=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:49:21 2025 by rpki-client