Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c93a8808-8a1b-4e64-aa46-1a0e96891ce1.roa
File: c93a8808-8a1b-4e64-aa46-1a0e96891ce1.roa (raw, json)
Hash identifier: oQYTr5BBut5Uk+SZFvEMkMrfD3Y4s887t8B+d9x9LXg=
Subject key identifier: 11:84:24:E4:B5:73:78:FE:40:18:58:40:93:E7:B3:CA:6F:20:82:8C
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: C27CFFAC501FA501EBF8A445823ABD9528BBF3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c93a8808-8a1b-4e64-aa46-1a0e96891ce1.roa
Signing time: Mon 20 Oct 2025 01:12:02 +0000
ROA not before: Mon 20 Oct 2025 01:12:02 +0000
ROA not after: Mon 24 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.159.50.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
c2:7c:ff:ac:50:1f:a5:01:eb:f8:a4:45:82:3a:bd:95:28:bb:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 20 01:12:02 2025 GMT
Not After : Nov 24 23:59:59 2025 GMT
Subject: serialNumber=7017b39b0d316a5224afe48a5270fc815f03c9f891507d8218729b5f473e914a, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5d:2a:5a:d1:20:42:b3:fe:ef:ea:3a:57:76:
81:c2:80:fb:4f:ed:1c:4d:60:f5:27:68:5c:4b:2d:
cd:a8:49:ed:b1:ea:70:38:9f:4b:62:c4:45:7a:f0:
3a:4c:2e:6f:36:fa:68:3e:7e:25:07:ce:3d:73:32:
29:54:ce:e6:2e:82:ae:7d:8b:00:ff:0a:18:7c:1c:
ef:46:69:26:69:07:da:19:8a:19:76:63:d4:ea:2d:
31:84:40:12:f9:af:fd:08:ad:b6:92:b0:88:a3:3a:
7d:c2:cc:8a:9f:b8:df:e0:0e:66:db:e7:f7:3a:19:
68:d2:46:21:bf:94:07:67:fa:9e:37:9e:2c:88:cd:
35:15:d4:e5:13:92:52:6b:d3:f4:ed:f1:64:9e:22:
2c:e9:ca:aa:40:3f:86:6e:5e:c4:ef:30:f9:94:77:
72:f1:21:ef:02:e7:2c:44:f7:6f:5b:39:5e:bc:78:
90:54:5d:31:43:83:c6:db:02:3c:fd:c6:9d:3f:6f:
b4:28:c7:ee:6d:6c:3a:25:4c:d4:19:6c:e2:a5:aa:
a2:97:ff:f1:37:4f:6d:1b:98:02:c2:10:81:74:19:
69:19:bb:71:fa:11:d4:19:9c:34:47:a1:88:d3:5a:
15:ab:2a:fd:cb:3d:c4:99:35:c5:35:cb:8b:5a:2a:
d9:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:84:24:E4:B5:73:78:FE:40:18:58:40:93:E7:B3:CA:6F:20:82:8C
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c93a8808-8a1b-4e64-aa46-1a0e96891ce1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.159.50.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:a3:16:e9:c4:0c:2e:9a:f9:ef:ad:47:15:7d:93:fe:99:e9:
aa:ae:23:b8:8c:da:d9:8d:a5:6c:cb:c5:20:1d:f4:de:44:83:
8d:d2:a0:19:f7:3a:f3:74:76:ba:f0:61:e4:52:10:6d:57:c3:
3e:90:c5:79:50:5e:6f:00:b7:62:40:87:91:2f:0f:eb:be:3a:
68:95:83:fb:af:61:da:fd:59:c2:33:ec:dd:8c:1c:83:4c:bf:
dc:59:88:b0:31:82:02:26:e3:fd:73:dd:82:af:b1:4d:b1:cc:
5a:b2:05:35:db:62:3a:22:c6:46:14:62:81:a9:45:ea:35:f5:
b3:20:35:cc:36:62:5e:f2:df:5b:cb:a6:b7:86:52:d2:34:2a:
c7:ab:06:72:30:58:db:67:fc:98:5a:31:b0:39:f8:f4:e3:e9:
1b:35:61:f9:ee:c8:33:f4:76:4d:a0:de:c2:16:68:fd:d5:b0:
61:33:ff:fa:2c:de:f3:06:a0:19:82:54:ea:8d:bb:42:84:14:
c5:8b:60:31:30:45:6b:a6:6e:48:92:92:56:04:63:99:28:a0:
e0:2a:aa:58:10:ee:be:aa:f8:e4:5f:fa:2c:6c:66:84:84:e8:
60:2e:20:55:b8:90:76:ad:84:13:fc:4e:8e:c7:02:f1:87:3f:
a5:1d:0c:83
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAMJ8/6xQH6UB6/ikRYI6vZUou/MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIwMDExMjAyWhcNMjUxMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A3MDE3YjM5YjBkMzE2YTUyMjRhZmU0OGE1MjcwZmM4MTVm
MDNjOWY4OTE1MDdkODIxODcyOWI1ZjQ3M2U5MTRhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCsXSpa0SBCs/7v6jpXdoHCgPtP7RxNYPUnaFxLLc2oSe2x
6nA4n0tixEV68DpMLm82+mg+fiUHzj1zMilUzuYugq59iwD/Chh8HO9GaSZpB9oZ
ihl2Y9TqLTGEQBL5r/0IrbaSsIijOn3CzIqfuN/gDmbb5/c6GWjSRiG/lAdn+p43
niyIzTUV1OUTklJr0/Tt8WSeIizpyqpAP4ZuXsTvMPmUd3LxIe8C5yxE929bOV68
eJBUXTFDg8bbAjz9xp0/b7Qox+5tbDolTNQZbOKlqqKX//E3T20bmALCEIF0GWkZ
u3H6EdQZnDRHoYjTWhWrKv3LPcSZNcU1y4taKtl9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUEYQk5LVzeP5AGFhAk+ezym8ggowwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M5M2E4ODA4LThhMWItNGU2NC1hYTQ2LTFhMGU5Njg5MWNlMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABsnzIwDQYJKoZIhvcNAQELBQADggEBANSjFunEDC6a+e+tRxV9k/6Z6aqu
I7iM2tmNpWzLxSAd9N5Eg43SoBn3OvN0drrwYeRSEG1Xwz6QxXlQXm8At2JAh5Ev
D+u+OmiVg/uvYdr9WcIz7N2MHINMv9xZiLAxggIm4/1z3YKvsU2xzFqyBTXbYjoi
xkYUYoGpReo19bMgNcw2Yl7y31vLpreGUtI0KserBnIwWNtn/JhaMbA5+PTj6Rs1
YfnuyDP0dk2g3sIWaP3VsGEz//os3vMGoBmCVOqNu0KEFMWLYDEwRWumbkiSklYE
Y5kooOAqqlgQ7r6q+ORf+ixsZoSE6GAuIFW4kHathBP8To7HAvGHP6UdDIM=
-----END CERTIFICATE-----
Generated at Mon Oct 20 22:49:12 2025 by rpki-client