Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e3c4112c-7f03-4c2c-82bb-f0412ad11664.roa
File: e3c4112c-7f03-4c2c-82bb-f0412ad11664.roa (raw, json)
Hash identifier: kOZJT+tofgHVKA7mimscZwz28EioNXjVg/LvQvNZYX8=
Subject key identifier: 11:76:AC:55:4D:0E:95:6E:D2:26:CB:7B:BF:4A:C2:BE:6E:E7:38:88
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 05403A5D179CC3AD122BC5D88C59478990CE6E9E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e3c4112c-7f03-4c2c-82bb-f0412ad11664.roa
Signing time: Mon 20 Oct 2025 01:20:47 +0000
ROA not before: Mon 20 Oct 2025 01:20:47 +0000
ROA not after: Mon 24 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.157.152.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:40:3a:5d:17:9c:c3:ad:12:2b:c5:d8:8c:59:47:89:90:ce:6e:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 20 01:20:47 2025 GMT
Not After : Nov 24 23:59:59 2025 GMT
Subject: serialNumber=7d08079901055c68c2bf58d0468d9ee53f63141da16856ff25aa5f76a455f7c2, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:1c:3b:69:be:49:14:6c:b0:5c:dd:ab:70:d2:
c2:1d:1c:d5:a7:ca:4a:68:17:43:93:b5:a1:d9:62:
24:67:ab:fe:34:69:0f:87:75:f3:86:80:0d:f8:62:
6f:3b:33:b8:56:1a:8b:e1:95:21:8c:12:d0:a2:97:
dd:a2:bf:25:57:c4:83:1f:ac:9d:34:c9:ed:f5:db:
7b:d6:56:ce:c5:d1:0f:f0:01:77:dd:ef:89:a4:84:
70:b7:4d:a2:51:c2:c7:c6:a4:8c:29:15:3d:19:9f:
fe:3d:69:6c:ae:7a:03:e6:11:5a:10:21:de:a0:f4:
08:41:d8:e4:74:28:f2:4e:c6:24:d3:58:df:16:80:
81:45:f8:1e:9d:fa:ff:76:48:4d:a6:7a:82:e3:85:
12:33:8c:70:9e:7d:e9:b4:7a:63:13:89:8c:2b:53:
63:a0:43:2e:e9:cc:19:a4:83:b8:53:72:35:11:e8:
8d:c4:12:f1:77:6a:63:2e:81:48:01:4c:bd:35:90:
fb:70:b5:d0:5c:c2:45:79:e7:0e:68:20:a4:c0:e8:
ea:30:ba:9d:6f:5b:73:e8:99:b0:33:e9:85:16:22:
51:01:36:bf:7a:da:7d:be:56:fa:d9:5a:da:21:90:
89:d1:e9:cf:e8:fc:8a:dc:f9:d1:db:4f:9d:d5:b1:
05:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:76:AC:55:4D:0E:95:6E:D2:26:CB:7B:BF:4A:C2:BE:6E:E7:38:88
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e3c4112c-7f03-4c2c-82bb-f0412ad11664.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.157.152.0/22
Signature Algorithm: sha256WithRSAEncryption
09:05:08:b1:f7:7c:e5:6b:e5:3e:b2:ad:c7:e9:66:d8:b4:52:
59:0d:72:12:17:c7:b8:59:6a:23:11:16:64:d7:01:15:e2:04:
69:29:db:3e:76:42:c0:a0:e7:44:92:fd:2a:d0:0e:c5:49:c4:
6a:12:cb:83:d0:4c:9d:d4:ad:6d:8c:e0:27:95:44:c5:1e:73:
d3:22:a3:25:35:30:6e:26:b2:57:30:5c:ba:8e:45:f2:fa:46:
e1:54:f2:01:06:29:b7:1c:8a:3e:58:e8:2f:a8:ba:9e:9c:bb:
7d:1e:46:29:d1:f1:cf:cf:27:5c:0e:d2:a5:52:8a:96:df:25:
33:71:e9:ad:5c:3f:4d:35:01:25:c9:e6:20:c7:74:73:a2:c9:
26:b0:bb:7d:90:b3:33:5a:01:d2:70:af:12:be:03:c5:66:39:
07:4e:bf:c5:6b:50:75:ed:9e:b2:c8:2f:92:00:90:a6:5c:16:
64:d3:55:79:bf:e6:e3:2e:b4:94:21:75:41:c7:cc:a2:89:f1:
58:fa:96:64:42:16:c6:d1:29:ef:6d:e6:40:43:83:19:2b:ee:
d6:87:a9:ef:8c:c1:a1:15:5f:c3:b7:df:86:ad:4b:0b:5e:ba:
51:ad:44:d6:b7:25:9c:af:3f:ce:68:2c:db:b5:c3:7a:dd:16:
d8:1c:8a:1c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBUA6XRecw60SK8XYjFlHiZDObp4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIwMDEyMDQ3WhcNMjUxMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A3ZDA4MDc5OTAxMDU1YzY4YzJiZjU4ZDA0NjhkOWVlNTNm
NjMxNDFkYTE2ODU2ZmYyNWFhNWY3NmE0NTVmN2MyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDmHDtpvkkUbLBc3atw0sIdHNWnykpoF0OTtaHZYiRnq/40
aQ+HdfOGgA34Ym87M7hWGovhlSGMEtCil92ivyVXxIMfrJ00ye3123vWVs7F0Q/w
AXfd74mkhHC3TaJRwsfGpIwpFT0Zn/49aWyuegPmEVoQId6g9AhB2OR0KPJOxiTT
WN8WgIFF+B6d+v92SE2meoLjhRIzjHCefem0emMTiYwrU2OgQy7pzBmkg7hTcjUR
6I3EEvF3amMugUgBTL01kPtwtdBcwkV55w5oIKTA6Oowup1vW3PombAz6YUWIlEB
Nr962n2+VvrZWtohkInR6c/o/Irc+dHbT53VsQWhAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUEXasVU0OlW7SJst7v0rCvm7nOIgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2UzYzQxMTJjLTdmMDMtNGMyYy04MmJiLWYwNDEyYWQxMTY2NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJsnZgwDQYJKoZIhvcNAQELBQADggEBAAkFCLH3fOVr5T6yrcfpZti0UlkN
chIXx7hZaiMRFmTXARXiBGkp2z52QsCg50SS/SrQDsVJxGoSy4PQTJ3UrW2M4CeV
RMUec9MioyU1MG4mslcwXLqORfL6RuFU8gEGKbccij5Y6C+oup6cu30eRinR8c/P
J1wO0qVSipbfJTNx6a1cP001ASXJ5iDHdHOiySawu32QszNaAdJwrxK+A8VmOQdO
v8VrUHXtnrLIL5IAkKZcFmTTVXm/5uMutJQhdUHHzKKJ8Vj6lmRCFsbRKe9t5kBD
gxkr7taHqe+MwaEVX8O334atSwteulGtRNa3JZyvP85oLNu1w3rdFtgcihw=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:46:58 2025 by rpki-client