Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cf4c0d6a-87e1-4500-994c-6d67c6dffa61.roa
File: cf4c0d6a-87e1-4500-994c-6d67c6dffa61.roa (raw, json)
Hash identifier: jzBVLYdkfT6bAqNnKDHxJGbf2F6SBqAH/ZAphuD3p9s=
Subject key identifier: 8C:9E:D8:02:B7:FD:9E:70:97:81:B4:1D:A0:65:B3:90:0E:99:3F:5E
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 58D28C035665E2B8F87D3AFC1C244790687790EA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cf4c0d6a-87e1-4500-994c-6d67c6dffa61.roa
Signing time: Tue 07 Oct 2025 00:12:33 +0000
ROA not before: Tue 07 Oct 2025 00:12:33 +0000
ROA not after: Tue 11 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.171.240.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:d2:8c:03:56:65:e2:b8:f8:7d:3a:fc:1c:24:47:90:68:77:90:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 7 00:12:33 2025 GMT
Not After : Nov 11 23:59:59 2025 GMT
Subject: serialNumber=3126139addcfa3cad45b8ed31168d2fa79d66077ad8e903cf3b4b2b832a83d8f, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:47:c5:85:24:a4:2c:d9:d3:0f:1d:ca:f8:45:
1d:d8:25:83:12:ce:be:5d:66:88:ae:24:79:3b:49:
89:26:0e:05:cd:4f:91:35:59:ee:2b:66:b4:ed:be:
52:c0:4c:cd:28:5e:88:a6:ed:cd:40:e6:d5:c8:23:
06:12:a8:62:13:96:e2:c0:3e:a4:02:be:0b:5f:64:
a5:24:53:f3:f2:df:3f:79:b1:0c:20:af:67:d9:04:
d9:e1:2e:95:20:09:46:68:8d:80:4a:4d:b8:92:13:
74:8c:e9:cb:57:6e:fe:8d:45:d0:4e:d4:9b:cf:cb:
7e:14:10:e9:c1:7b:81:d4:92:8c:1d:3f:19:97:ef:
fa:0b:65:2c:7f:1e:14:19:81:c7:6c:db:1b:9f:c7:
8b:ab:ab:d9:5a:bc:a4:11:79:07:fa:98:4f:8d:b0:
46:16:8a:9d:e0:89:dd:ba:7e:b8:a6:88:56:7f:2c:
83:1d:1b:9c:7d:c5:ac:d9:cd:8a:00:c1:34:36:a8:
a0:27:96:d1:d8:e4:09:a7:0f:8b:f6:59:7e:68:00:
b7:d3:ea:b4:57:e4:28:39:0e:18:04:e1:39:6a:73:
c2:33:62:00:19:19:2e:13:32:b9:ad:23:2a:15:b8:
97:d5:6d:08:e7:9e:6a:cf:7c:d7:da:b3:fc:ad:be:
f2:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:9E:D8:02:B7:FD:9E:70:97:81:B4:1D:A0:65:B3:90:0E:99:3F:5E
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cf4c0d6a-87e1-4500-994c-6d67c6dffa61.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.171.240.0/20
Signature Algorithm: sha256WithRSAEncryption
b3:ee:22:87:cb:24:35:97:89:6a:ce:f4:fa:fe:30:44:ba:5a:
de:68:68:99:98:1a:7f:44:40:66:4e:d5:c5:f6:db:13:10:29:
53:a8:28:70:73:04:00:e1:d7:6a:fc:8f:4e:4e:e9:db:c0:68:
01:9d:5c:ec:8e:ab:47:17:21:93:c5:cc:31:a2:bc:78:da:10:
77:aa:ea:9f:ef:07:86:49:bf:9a:fe:4e:6c:22:bc:0e:01:a6:
23:3e:43:ad:77:43:f5:f2:82:65:9b:f1:86:d0:90:d4:5c:e4:
e7:25:e2:14:a9:ad:33:0b:11:41:13:fb:f8:46:5c:6a:14:f1:
c5:86:86:91:e5:ac:7b:a3:00:b6:0e:42:ed:a3:6c:db:b5:c3:
82:67:99:2e:c9:dc:bf:9c:c7:d6:fd:27:7f:51:ca:30:2d:51:
fd:6a:95:1d:ea:ad:9f:5e:0b:ff:d7:a8:ce:5a:ea:15:c3:8c:
da:2c:1b:9e:fa:45:11:ea:0c:61:c4:b2:64:ec:0a:db:16:2a:
a7:14:ea:5d:ba:25:89:e4:1f:8a:fa:56:e4:88:04:af:91:e7:
3e:f8:e7:d8:66:8f:1e:fa:94:45:d5:96:5f:3f:31:da:96:2b:
38:25:68:4b:5e:6b:42:5e:0d:1b:69:8c:fa:60:7e:15:c1:48:
04:b2:a8:ea
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUWNKMA1Zl4rj4fTr8HCRHkGh3kOowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA3MDAxMjMzWhcNMjUxMTExMjM1OTU5
WjB6MUkwRwYDVQQFE0AzMTI2MTM5YWRkY2ZhM2NhZDQ1YjhlZDMxMTY4ZDJmYTc5
ZDY2MDc3YWQ4ZTkwM2NmM2I0YjJiODMyYTgzZDhmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDYR8WFJKQs2dMPHcr4RR3YJYMSzr5dZoiuJHk7SYkmDgXN
T5E1We4rZrTtvlLATM0oXoim7c1A5tXIIwYSqGITluLAPqQCvgtfZKUkU/Py3z95
sQwgr2fZBNnhLpUgCUZojYBKTbiSE3SM6ctXbv6NRdBO1JvPy34UEOnBe4HUkowd
PxmX7/oLZSx/HhQZgcds2xufx4urq9lavKQReQf6mE+NsEYWip3gid26frimiFZ/
LIMdG5x9xazZzYoAwTQ2qKAnltHY5AmnD4v2WX5oALfT6rRX5Cg5DhgE4Tlqc8Iz
YgAZGS4TMrmtIyoVuJfVbQjnnmrPfNfas/ytvvJhAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUjJ7YArf9nnCXgbQdoGWzkA6ZP14wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NmNGMwZDZhLTg3ZTEtNDUwMC05OTRjLTZkNjdjNmRmZmE2MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBARsq/AwDQYJKoZIhvcNAQELBQADggEBALPuIofLJDWXiWrO9Pr+MES6Wt5o
aJmYGn9EQGZO1cX22xMQKVOoKHBzBADh12r8j05O6dvAaAGdXOyOq0cXIZPFzDGi
vHjaEHeq6p/vB4ZJv5r+TmwivA4BpiM+Q613Q/XygmWb8YbQkNRc5Ocl4hSprTML
EUET+/hGXGoU8cWGhpHlrHujALYOQu2jbNu1w4JnmS7J3L+cx9b9J39RyjAtUf1q
lR3qrZ9eC//XqM5a6hXDjNosG576RRHqDGHEsmTsCtsWKqcU6l26JYnkH4r6VuSI
BK+R5z7459hmjx76lEXVll8/MdqWKzglaEtea0JeDRtpjPpgfhXBSASyqOo=
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:03:23 2025 by rpki-client