Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d81a1fd3-9fa0-4378-9cc1-1842c47c185c.roa
File: d81a1fd3-9fa0-4378-9cc1-1842c47c185c.roa (raw, json)
Hash identifier: 5cFAxj0aqKnhgJplnI0LKobnAsYOLf5Kfb/2T7/qAP0=
Subject key identifier: 37:F6:19:DF:4D:31:1D:4C:CB:FD:16:09:0E:34:01:17:F6:5D:95:EA
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 3C8BFA0EF6A220668859992E3932B2BE3622A863
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d81a1fd3-9fa0-4378-9cc1-1842c47c185c.roa
Signing time: Mon 20 Oct 2025 00:42:38 +0000
ROA not before: Mon 20 Oct 2025 00:42:38 +0000
ROA not after: Mon 24 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.156.146.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:8b:fa:0e:f6:a2:20:66:88:59:99:2e:39:32:b2:be:36:22:a8:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 20 00:42:38 2025 GMT
Not After : Nov 24 23:59:59 2025 GMT
Subject: serialNumber=f2a41f410be7035f54979944670628a0f5a0de9a41a4d83831a578fdd3ee5a73, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:4e:08:8b:87:9b:5a:51:84:a8:6c:05:be:8e:
e0:47:70:4e:24:e3:6f:7e:15:0d:df:c6:11:ac:ff:
51:2a:aa:23:f8:7a:b0:c1:bd:e4:a4:2f:30:80:f2:
f2:61:eb:ac:25:61:b5:b5:6a:83:bb:d1:fb:aa:d9:
6b:f6:2f:3d:5e:5b:14:bf:8b:fa:e0:e9:64:aa:63:
00:50:cc:8c:45:4a:04:b6:31:c9:4f:7d:dd:0c:12:
60:a3:7e:f1:e5:6b:1c:b7:83:f1:8d:9f:f5:58:c5:
8b:2e:e9:b9:17:b7:97:eb:05:b9:3d:4f:b2:f5:3b:
55:b1:39:54:36:dc:09:66:0c:15:4f:d4:1e:8a:fc:
e5:a1:52:33:20:de:28:06:db:f4:cc:d5:9d:60:8a:
43:60:a6:ef:ee:e5:7b:40:88:cb:47:5c:78:9b:1a:
fc:09:0e:b1:65:9b:1a:ab:72:4c:46:38:8a:6e:b5:
84:7a:7b:07:2b:11:71:6f:c6:21:a7:15:8c:9f:70:
f1:46:33:28:57:c2:0e:a2:e0:31:be:82:ac:3c:11:
a7:a6:0e:6c:77:1b:4d:e6:46:75:93:66:c9:f2:a6:
da:f3:31:13:11:1a:97:e5:fb:06:75:95:8b:a6:85:
72:a2:34:b7:89:c7:41:3e:62:50:7d:11:e5:54:ca:
13:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:F6:19:DF:4D:31:1D:4C:CB:FD:16:09:0E:34:01:17:F6:5D:95:EA
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d81a1fd3-9fa0-4378-9cc1-1842c47c185c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.156.146.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:02:70:b3:8e:88:69:9b:f4:2a:f6:e2:41:4e:5c:cc:c6:d1:
fa:8c:81:c6:ed:8c:6e:d2:b1:82:77:f1:61:2f:b0:08:20:3e:
68:1f:f3:ff:38:4b:1e:44:4c:08:0b:d1:4b:b7:91:73:92:ba:
29:62:d7:6c:af:ae:df:6c:34:99:dd:a8:a9:e4:64:07:1d:04:
02:9c:28:2b:62:c2:4a:e9:c8:48:4c:65:40:3d:4f:74:81:04:
35:7e:2a:f4:e0:51:b8:ef:b4:a0:1c:38:93:18:8e:5e:1c:91:
41:fe:32:01:c7:8f:67:1c:4a:f1:6c:1c:e5:4c:68:ab:0e:7d:
64:bc:01:2e:2e:56:fb:f9:90:81:30:aa:fa:18:5f:34:f6:60:
f4:d7:11:4d:26:96:77:62:51:d8:c7:b5:9c:e5:ec:9c:03:e3:
5a:5c:34:31:42:51:3e:89:39:c9:35:33:5f:6d:e4:0d:12:2f:
49:9a:4d:d8:de:d5:3b:ae:83:84:e7:98:29:50:21:2c:d2:bc:
5a:73:30:b3:9e:28:50:01:b6:7b:24:d3:03:c6:99:a4:f9:ee:
d5:17:30:04:42:78:ef:53:b2:0b:8a:77:b2:1c:fb:c0:e1:88:
23:5e:b7:d4:08:0b:2d:f2:68:07:f4:68:f1:e9:39:39:31:8b:
dd:3f:86:2c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUPIv6DvaiIGaIWZkuOTKyvjYiqGMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIwMDA0MjM4WhcNMjUxMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BmMmE0MWY0MTBiZTcwMzVmNTQ5Nzk5NDQ2NzA2MjhhMGY1
YTBkZTlhNDFhNGQ4MzgzMWE1NzhmZGQzZWU1YTczMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4TgiLh5taUYSobAW+juBHcE4k429+FQ3fxhGs/1EqqiP4
erDBveSkLzCA8vJh66wlYbW1aoO70fuq2Wv2Lz1eWxS/i/rg6WSqYwBQzIxFSgS2
MclPfd0MEmCjfvHlaxy3g/GNn/VYxYsu6bkXt5frBbk9T7L1O1WxOVQ23AlmDBVP
1B6K/OWhUjMg3igG2/TM1Z1gikNgpu/u5XtAiMtHXHibGvwJDrFlmxqrckxGOIpu
tYR6ewcrEXFvxiGnFYyfcPFGMyhXwg6i4DG+gqw8EaemDmx3G03mRnWTZsnyptrz
MRMRGpfl+wZ1lYumhXKiNLeJx0E+YlB9EeVUyhPdAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUN/YZ300xHUzL/RYJDjQBF/ZdleowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Q4MWExZmQzLTlmYTAtNDM3OC05Y2MxLTE4NDJjNDdjMTg1Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABsnJIwDQYJKoZIhvcNAQELBQADggEBAK4CcLOOiGmb9Cr24kFOXMzG0fqM
gcbtjG7SsYJ38WEvsAggPmgf8/84Sx5ETAgL0Uu3kXOSuili12yvrt9sNJndqKnk
ZAcdBAKcKCtiwkrpyEhMZUA9T3SBBDV+KvTgUbjvtKAcOJMYjl4ckUH+MgHHj2cc
SvFsHOVMaKsOfWS8AS4uVvv5kIEwqvoYXzT2YPTXEU0mlndiUdjHtZzl7JwD41pc
NDFCUT6JOck1M19t5A0SL0maTdje1Tuug4TnmClQISzSvFpzMLOeKFABtnsk0wPG
maT57tUXMARCeO9TsguKd7Ic+8DhiCNet9QICy3yaAf0aPHpOTkxi90/hiw=
-----END CERTIFICATE-----
Generated at Mon Oct 20 20:49:51 2025 by rpki-client