Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d4be02dc-a9d5-4810-9c0b-98cc34b3de3d.roa
File: d4be02dc-a9d5-4810-9c0b-98cc34b3de3d.roa (raw, json)
Hash identifier: MpZpyR8eWzoNdtg401oSArdcvTg7GVoCGp8Ktr17UHI=
Subject key identifier: 8A:D2:35:C9:56:AD:65:1B:A5:E2:87:C0:95:F1:84:1F:49:57:13:E4
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 20531898D37F2C457F663BEB49906178D76032B7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d4be02dc-a9d5-4810-9c0b-98cc34b3de3d.roa
Signing time: Mon 20 Oct 2025 05:31:29 +0000
ROA not before: Mon 20 Oct 2025 05:31:29 +0000
ROA not after: Mon 24 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.139.16.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:53:18:98:d3:7f:2c:45:7f:66:3b:eb:49:90:61:78:d7:60:32:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 20 05:31:29 2025 GMT
Not After : Nov 24 23:59:59 2025 GMT
Subject: serialNumber=c1850f0fc2c965dd1fd488b06dcd88ac97cc152aec5543250fc703e5ab626990, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:34:75:17:f3:c5:22:16:72:26:ea:d6:da:aa:
5b:99:66:e6:98:68:1c:20:87:de:8a:b6:a3:08:be:
cc:f3:01:0c:d7:25:a0:6a:bf:f4:88:e6:47:0d:0a:
ca:99:d1:da:1b:e7:d9:5a:c8:00:37:8c:c5:db:18:
21:16:e4:00:9c:b5:db:fb:f9:8f:d1:cd:5c:11:3f:
88:28:df:5c:7f:d3:ba:ca:8a:54:01:a8:52:0d:52:
e6:4f:9b:2c:3b:1d:94:59:6e:84:5b:f4:e3:11:7f:
c9:d7:8d:69:e7:f0:82:4c:dd:01:96:cf:16:e9:92:
de:62:f0:3f:30:92:57:f5:74:75:ea:db:71:35:47:
f3:e4:7d:6d:86:8d:30:4f:22:b6:d9:b6:cb:2f:21:
01:56:f3:80:a2:d2:dc:29:a7:50:fc:9a:83:52:0a:
d7:01:38:96:d3:9c:15:7e:26:d9:ad:fd:fa:61:41:
10:c6:dd:b4:7e:2f:12:ff:07:a5:14:ea:c8:9b:2b:
51:2c:45:5b:ca:9a:6c:a2:5b:ad:a8:dc:d8:d5:f8:
7c:25:25:d3:fd:d9:fa:3f:2a:65:85:0c:19:59:54:
b8:70:9e:39:98:c9:3d:96:bb:fc:a8:61:88:0f:7c:
72:23:2f:66:04:81:5d:c8:e8:18:06:a1:79:0c:1a:
ff:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:D2:35:C9:56:AD:65:1B:A5:E2:87:C0:95:F1:84:1F:49:57:13:E4
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d4be02dc-a9d5-4810-9c0b-98cc34b3de3d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.139.16.0/21
Signature Algorithm: sha256WithRSAEncryption
9a:7c:7f:50:1b:c8:64:97:47:b8:de:f1:fc:4a:4e:c5:8b:33:
58:7b:c8:9b:77:f3:ae:f5:f3:5d:6e:5a:3c:69:c9:2b:89:22:
04:11:ed:c0:f3:2b:21:1e:42:99:99:fa:d5:93:27:89:93:4e:
6f:ff:36:74:ab:85:a0:32:49:21:92:ee:c7:53:f5:6e:c0:6a:
79:9e:9a:c6:b3:ce:fc:7a:90:6f:0a:9d:b6:4d:44:43:b4:df:
30:b4:40:2c:ba:a3:a5:48:f6:7b:26:b5:43:e5:f1:99:91:60:
68:dd:8c:bc:bc:d5:4b:29:eb:61:3c:ba:ed:ea:f5:d8:42:3e:
89:9e:36:87:6c:01:e0:bd:d8:13:1f:0a:9e:55:30:25:5e:bb:
84:63:10:3e:98:6d:b9:ef:bc:87:20:e6:6c:b6:db:61:64:f6:
c2:25:ac:7d:f4:02:93:d6:8b:3b:03:e5:49:97:ab:ef:80:84:
d3:67:8c:f0:f0:11:ee:71:5c:d2:16:10:de:e2:43:7f:95:a5:
11:b6:3a:96:3d:a3:db:15:cf:03:2e:f1:d5:64:90:aa:05:c1:
1c:b3:90:f2:cf:6f:67:a5:f2:ed:69:1a:fd:5a:27:97:9e:13:
4a:6a:2c:b6:47:55:dc:52:e3:28:15:5f:22:aa:52:e1:b5:3e:
df:ce:6a:73
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIFMYmNN/LEV/ZjvrSZBheNdgMrcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIwMDUzMTI5WhcNMjUxMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BjMTg1MGYwZmMyYzk2NWRkMWZkNDg4YjA2ZGNkODhhYzk3
Y2MxNTJhZWM1NTQzMjUwZmM3MDNlNWFiNjI2OTkwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCsNHUX88UiFnIm6tbaqluZZuaYaBwgh96KtqMIvszzAQzX
JaBqv/SI5kcNCsqZ0dob59layAA3jMXbGCEW5ACctdv7+Y/RzVwRP4go31x/07rK
ilQBqFINUuZPmyw7HZRZboRb9OMRf8nXjWnn8IJM3QGWzxbpkt5i8D8wklf1dHXq
23E1R/PkfW2GjTBPIrbZtssvIQFW84Ci0twpp1D8moNSCtcBOJbTnBV+Jtmt/fph
QRDG3bR+LxL/B6UU6sibK1EsRVvKmmyiW62o3NjV+HwlJdP92fo/KmWFDBlZVLhw
njmYyT2Wu/yoYYgPfHIjL2YEgV3I6BgGoXkMGv+fAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUitI1yVatZRul4ofAlfGEH0lXE+QwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Q0YmUwMmRjLWE5ZDUtNDgxMC05YzBiLTk4Y2MzNGIzZGUzZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANsixAwDQYJKoZIhvcNAQELBQADggEBAJp8f1AbyGSXR7je8fxKTsWLM1h7
yJt38671811uWjxpySuJIgQR7cDzKyEeQpmZ+tWTJ4mTTm//NnSrhaAySSGS7sdT
9W7Aanmemsazzvx6kG8KnbZNREO03zC0QCy6o6VI9nsmtUPl8ZmRYGjdjLy81Usp
62E8uu3q9dhCPomeNodsAeC92BMfCp5VMCVeu4RjED6YbbnvvIcg5my222Fk9sIl
rH30ApPWizsD5UmXq++AhNNnjPDwEe5xXNIWEN7iQ3+VpRG2OpY9o9sVzwMu8dVk
kKoFwRyzkPLPb2el8u1pGv1aJ5eeE0pqLLZHVdxS4ygVXyKqUuG1Pt/OanM=
-----END CERTIFICATE-----
Generated at Mon Oct 20 22:49:43 2025 by rpki-client