Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1165be7b-1545-4b66-8938-2321c07d5a67.roa
File:                     1165be7b-1545-4b66-8938-2321c07d5a67.roa (raw, json)
Hash identifier:          yY7ktL5iXCXDhiHZ0d/3TsaeOcW0TuLNz2sqUTyhXq4=
Subject key identifier:   AB:66:0C:B9:63:64:46:CE:2F:B1:38:EC:8C:02:79:A0:49:27:FA:C6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       26420130750472719989C22A416A50020D18C288
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1165be7b-1545-4b66-8938-2321c07d5a67.roa
Signing time:             Wed 08 Oct 2025 00:12:52 +0000
ROA not before:           Wed 08 Oct 2025 00:12:52 +0000
ROA not after:            Wed 12 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.247.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:42:01:30:75:04:72:71:99:89:c2:2a:41:6a:50:02:0d:18:c2:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  8 00:12:52 2025 GMT
            Not After : Nov 12 23:59:59 2025 GMT
        Subject: serialNumber=3ceba1a65d03353ff52465c3724191c4c887635ded337f946010a30b11b25363, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:fb:9a:0d:ae:bb:c4:0f:87:98:cb:2d:83:3b:
                    73:a4:31:9e:b9:c7:82:1f:42:fe:97:90:a9:90:3f:
                    2e:31:1e:14:cd:a8:c5:d2:d6:aa:8c:48:84:87:74:
                    1d:3d:0c:7c:43:a3:fd:36:7b:bb:ac:9f:7d:be:b6:
                    92:ff:d9:5d:03:01:b1:ce:7d:e7:c9:d0:de:0d:1f:
                    52:8d:2d:38:e4:8e:71:7d:2a:91:3e:9e:f3:95:d6:
                    9e:2b:ec:1d:46:55:87:30:b6:7d:56:d8:7d:3d:6a:
                    3f:39:41:88:35:80:d0:03:65:3f:dd:aa:06:3e:50:
                    c0:a8:a3:ba:4a:f9:c3:9f:55:8d:ac:9b:6a:6a:02:
                    e9:e0:39:2b:d0:1e:5e:ff:08:76:40:fe:36:b2:19:
                    43:3f:7f:a9:01:c6:91:f6:2c:9a:ee:60:4a:e7:3f:
                    07:74:b0:ad:b2:bb:f6:27:c1:6e:81:67:fc:7c:ac:
                    cf:48:78:8d:45:ab:88:9e:d4:2e:b8:33:e9:89:29:
                    37:5f:e3:08:c5:96:44:35:40:ff:10:b2:cb:63:85:
                    05:50:b8:46:09:24:c6:6d:82:55:ed:5d:5b:fa:d3:
                    d7:d2:0b:a4:6d:82:f1:6b:82:55:37:7b:52:bb:bd:
                    b6:87:8b:c8:cd:d7:ca:3a:20:a1:9c:7b:49:be:70:
                    12:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:66:0C:B9:63:64:46:CE:2F:B1:38:EC:8C:02:79:A0:49:27:FA:C6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1165be7b-1545-4b66-8938-2321c07d5a67.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.247.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         3b:2e:88:75:30:89:c4:a2:0a:7b:91:f9:1d:37:22:3c:68:a9:
         f1:0a:6a:c0:45:21:68:db:d2:89:c0:81:6f:91:ec:55:38:d8:
         3e:d1:33:21:b3:01:3e:ca:bc:66:cb:2b:4d:9b:9c:1d:ad:fa:
         51:fb:ae:be:68:28:bd:fd:ff:5c:5b:3c:97:40:c3:71:56:f4:
         7e:f6:d7:7d:ff:23:25:a4:0f:d0:ef:d5:58:f0:08:93:97:6d:
         5f:08:6f:78:ed:36:b0:a6:83:e8:f5:9b:f8:87:03:9f:75:a8:
         94:3f:a2:6b:ac:9e:ea:e7:c2:80:0a:ff:5f:c1:78:64:dc:81:
         3e:11:fd:fb:6c:2f:e3:c5:30:44:be:cf:a5:5c:3a:b7:e9:34:
         a7:66:41:ce:2c:ea:78:8f:df:32:f1:f5:f8:c6:0d:87:78:2a:
         48:e8:99:32:a1:86:3d:fc:54:e1:7c:29:8a:73:cd:5a:ae:dd:
         e3:c7:aa:0d:2f:4f:55:01:ee:72:36:98:4a:f6:20:85:da:f9:
         09:7d:4b:6e:5a:57:d8:37:dd:d8:8a:73:95:09:a1:f8:f4:73:
         e6:73:f9:8f:91:5d:1e:b0:3b:5c:1b:46:5b:54:2e:d5:7c:0f:
         ea:78:fa:cd:f4:5b:ab:8c:68:cc:cc:62:7c:11:cb:f0:d9:c3:
         26:6e:5f:f2
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUJkIBMHUEcnGZicIqQWpQAg0YwogwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA4MDAxMjUyWhcNMjUxMTEyMjM1OTU5
WjB6MUkwRwYDVQQFE0AzY2ViYTFhNjVkMDMzNTNmZjUyNDY1YzM3MjQxOTFjNGM4
ODc2MzVkZWQzMzdmOTQ2MDEwYTMwYjExYjI1MzYzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCH+5oNrrvED4eYyy2DO3OkMZ65x4IfQv6XkKmQPy4xHhTN
qMXS1qqMSISHdB09DHxDo/02e7usn32+tpL/2V0DAbHOfefJ0N4NH1KNLTjkjnF9
KpE+nvOV1p4r7B1GVYcwtn1W2H09aj85QYg1gNADZT/dqgY+UMCoo7pK+cOfVY2s
m2pqAungOSvQHl7/CHZA/jayGUM/f6kBxpH2LJruYErnPwd0sK2yu/YnwW6BZ/x8
rM9IeI1Fq4ie1C64M+mJKTdf4wjFlkQ1QP8QsstjhQVQuEYJJMZtglXtXVv609fS
C6RtgvFrglU3e1K7vbaHi8jN18o6IKGce0m+cBJbAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUq2YMuWNkRs4vsTjsjAJ5oEkn+sYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzExNjViZTdiLTE1NDUtNGI2Ni04OTM4LTIzMjFjMDdkNWE2Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA49zANBgkqhkiG9w0BAQsFAAOCAQEAOy6IdTCJxKIKe5H5HTciPGip8Qpq
wEUhaNvSicCBb5HsVTjYPtEzIbMBPsq8ZssrTZucHa36Ufuuvmgovf3/XFs8l0DD
cVb0fvbXff8jJaQP0O/VWPAIk5dtXwhveO02sKaD6PWb+IcDn3WolD+ia6ye6ufC
gAr/X8F4ZNyBPhH9+2wv48UwRL7PpVw6t+k0p2ZBzizqeI/fMvH1+MYNh3gqSOiZ
MqGGPfxU4XwpinPNWq7d48eqDS9PVQHucjaYSvYghdr5CX1LblpX2Dfd2IpzlQmh
+PRz5nP5j5FdHrA7XBtGW1Qu1XwP6nj6zfRbq4xozMxifBHL8NnDJm5f8g==
-----END CERTIFICATE-----