Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e4630c86-b882-4928-ade1-34e5096ba94b.roa
File: e4630c86-b882-4928-ade1-34e5096ba94b.roa (raw, json)
Hash identifier: pv24a1QxkZ6btUFMgvNWzQ1d0cKDHQJJ02kcm+jAsBQ=
Subject key identifier: E9:D1:6A:6F:11:40:6D:73:5F:83:32:86:87:A3:A9:28:3F:8C:F5:08
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 5961DAAB36AF517016E644D458827E57DF2DE88D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e4630c86-b882-4928-ade1-34e5096ba94b.roa
Signing time: Sun 19 Oct 2025 02:10:05 +0000
ROA not before: Sun 19 Oct 2025 02:10:05 +0000
ROA not after: Sun 23 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 108.138.133.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:61:da:ab:36:af:51:70:16:e6:44:d4:58:82:7e:57:df:2d:e8:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 19 02:10:05 2025 GMT
Not After : Nov 23 23:59:59 2025 GMT
Subject: serialNumber=80b0936f360da3df7964d2572bb795677f5d2ee9906e50c2c4aa93e6503c0d34, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:54:c1:7f:45:76:ed:05:d2:06:43:97:04:b3:
cf:8a:f1:ae:b8:cb:b7:1f:4f:92:87:9a:b1:0c:bd:
55:86:d8:43:ac:e9:cb:53:fb:77:df:b1:9f:86:75:
52:88:c1:6a:3a:8e:2a:a4:b3:56:4f:44:aa:42:24:
a5:31:00:eb:e0:10:d1:8c:23:53:7a:ce:1b:8b:5e:
74:61:90:c5:9c:68:a4:79:04:e3:b1:2a:8d:cb:0a:
7d:28:31:75:16:0a:e5:f8:25:8c:89:a2:2e:a2:4f:
b3:7a:1d:3f:84:e4:4c:80:82:ae:f5:6b:5b:ae:b4:
1f:df:54:ef:09:e8:e4:19:f4:58:da:aa:47:38:2c:
36:d0:76:57:07:3b:2c:17:ea:77:85:07:36:99:b9:
9e:24:27:d6:03:3f:ab:18:17:01:85:18:fd:1a:de:
49:a0:cf:45:4e:15:d4:13:63:46:3a:a4:3b:ae:d7:
2d:66:9a:2e:6c:81:70:ec:68:86:b7:4f:c7:e5:05:
dc:91:b7:f5:82:bb:44:f8:aa:62:c6:9c:db:2f:c6:
7e:f8:8b:4e:ef:df:dc:0a:91:50:b0:24:09:07:6b:
06:2a:bb:c5:f6:2d:64:f5:9a:73:b2:0f:de:d9:59:
c7:42:f7:aa:a3:8c:4c:2b:34:45:a0:45:22:41:64:
4a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:D1:6A:6F:11:40:6D:73:5F:83:32:86:87:A3:A9:28:3F:8C:F5:08
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e4630c86-b882-4928-ade1-34e5096ba94b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.138.133.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:96:40:bb:a6:23:a2:c3:96:60:cb:ee:25:6a:81:63:0c:8b:
56:0e:d0:42:54:a5:4f:cb:22:35:4b:d2:bc:64:12:a2:69:99:
1e:eb:a9:da:4a:8a:f2:ad:ff:6e:4b:0c:0d:55:d8:64:54:bb:
f6:80:6f:97:1c:83:38:bd:e4:87:20:ba:32:99:b4:7e:44:91:
07:3f:0f:ff:15:ca:00:99:50:05:17:5f:43:92:5d:f4:3d:02:
b7:8e:64:38:0f:ef:c4:30:e8:73:91:eb:4d:53:44:98:9c:6c:
77:33:dd:33:96:c5:3f:3b:db:63:a6:a7:72:38:4e:e5:19:61:
10:f8:74:bd:8c:89:da:8b:92:9f:43:fb:c2:bc:ff:96:24:f5:
a2:26:1d:ca:11:7f:6e:48:3c:40:62:73:75:80:de:24:79:ad:
b0:47:1c:55:b6:59:1a:b8:9c:2a:76:b6:93:95:df:75:03:b7:
29:d1:19:bb:45:eb:61:20:0d:14:73:08:40:96:19:9c:a9:f2:
17:14:ab:1d:66:c8:1f:30:7b:49:60:2e:f2:0e:9e:ef:5d:e9:
49:a8:b2:2f:09:06:56:59:04:1e:19:43:ea:7d:c7:fd:68:30:
72:99:fb:c6:b6:97:ec:bc:08:e1:8a:56:21:0c:38:bf:29:6d:
6a:6b:f8:3e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUWWHaqzavUXAW5kTUWIJ+V98t6I0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE5MDIxMDA1WhcNMjUxMTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A4MGIwOTM2ZjM2MGRhM2RmNzk2NGQyNTcyYmI3OTU2Nzdm
NWQyZWU5OTA2ZTUwYzJjNGFhOTNlNjUwM2MwZDM0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzVMF/RXbtBdIGQ5cEs8+K8a64y7cfT5KHmrEMvVWG2EOs
6ctT+3ffsZ+GdVKIwWo6jiqks1ZPRKpCJKUxAOvgENGMI1N6zhuLXnRhkMWcaKR5
BOOxKo3LCn0oMXUWCuX4JYyJoi6iT7N6HT+E5EyAgq71a1uutB/fVO8J6OQZ9Fja
qkc4LDbQdlcHOywX6neFBzaZuZ4kJ9YDP6sYFwGFGP0a3kmgz0VOFdQTY0Y6pDuu
1y1mmi5sgXDsaIa3T8flBdyRt/WCu0T4qmLGnNsvxn74i07v39wKkVCwJAkHawYq
u8X2LWT1mnOyD97ZWcdC96qjjEwrNEWgRSJBZErZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU6dFqbxFAbXNfgzKGh6OpKD+M9QgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U0NjMwYzg2LWI4ODItNDkyOC1hZGUxLTM0ZTUwOTZiYTk0Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABsioUwDQYJKoZIhvcNAQELBQADggEBAG6WQLumI6LDlmDL7iVqgWMMi1YO
0EJUpU/LIjVL0rxkEqJpmR7rqdpKivKt/25LDA1V2GRUu/aAb5ccgzi95IcgujKZ
tH5EkQc/D/8VygCZUAUXX0OSXfQ9AreOZDgP78Qw6HOR601TRJicbHcz3TOWxT87
22Omp3I4TuUZYRD4dL2MidqLkp9D+8K8/5Yk9aImHcoRf25IPEBic3WA3iR5rbBH
HFW2WRq4nCp2tpOV33UDtynRGbtF62EgDRRzCECWGZyp8hcUqx1myB8we0lgLvIO
nu9d6Umosi8JBlZZBB4ZQ+p9x/1oMHKZ+8a2l+y8COGKViEMOL8pbWpr+D4=
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:00:17 2025 by rpki-client