Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/13a7aaf3-b41d-469c-8464-1f7399d7ccf8.roa
File:                     13a7aaf3-b41d-469c-8464-1f7399d7ccf8.roa (raw, json)
Hash identifier:          wP0GL2DuBFGd4O4pTgsvQa+wanJfT/s+gh6wGkKLFCc=
Subject key identifier:   D4:E9:B6:23:A0:68:61:55:DF:D3:B4:75:B9:2B:BE:C8:5E:FC:24:A4
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3200940BAA0DFB041D852826F6183683C410333A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/13a7aaf3-b41d-469c-8464-1f7399d7ccf8.roa
Signing time:             Fri 03 Oct 2025 00:39:18 +0000
ROA not before:           Fri 03 Oct 2025 00:39:18 +0000
ROA not after:            Fri 07 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        64.252.67.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:00:94:0b:aa:0d:fb:04:1d:85:28:26:f6:18:36:83:c4:10:33:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  3 00:39:18 2025 GMT
            Not After : Nov  7 23:59:59 2025 GMT
        Subject: serialNumber=93fbfdc631dfd0a77b8d405b19e221db535a592e4d360418a2c8b75794c9cae4, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:49:43:02:ab:a2:54:f2:cc:96:46:19:57:4c:
                    44:ab:31:f6:aa:fa:33:ce:3a:13:3d:fc:4a:3e:c8:
                    c4:a2:ee:be:6f:28:a1:4a:38:04:e1:a1:eb:c9:47:
                    62:af:67:f3:65:80:40:f2:5d:8a:ed:7c:71:52:83:
                    50:ab:54:10:d0:b1:cb:66:63:de:48:f9:0e:e5:95:
                    25:cd:d7:0c:dd:cc:b9:dd:97:0e:7e:ef:fd:6e:2f:
                    f0:cd:b0:a8:75:b0:44:4c:fc:7e:85:04:b9:07:6d:
                    4f:a8:64:7b:85:38:00:c0:02:e9:5e:ee:03:38:6f:
                    0c:90:92:5c:57:a9:e1:06:b6:d5:dc:d7:d5:aa:6c:
                    b1:ff:f5:c2:48:fc:42:9b:70:d5:af:13:7c:55:79:
                    63:d2:92:b8:c4:19:7d:d5:26:8d:b9:92:e8:14:f2:
                    e8:88:c4:07:80:8a:26:7e:f1:00:a5:c0:5c:e4:0f:
                    8d:79:9a:10:49:1c:41:69:ae:31:27:28:48:d0:a9:
                    fe:11:da:ef:9c:9e:7c:2b:d8:b9:74:6e:28:5f:b1:
                    a2:f8:f1:59:40:33:68:e7:5a:5c:97:45:fb:7e:55:
                    b6:39:f1:35:2a:31:71:26:00:84:d1:26:6e:81:2f:
                    50:af:30:b9:b7:c2:14:e2:7a:4b:22:47:38:43:7d:
                    b2:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:E9:B6:23:A0:68:61:55:DF:D3:B4:75:B9:2B:BE:C8:5E:FC:24:A4
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/13a7aaf3-b41d-469c-8464-1f7399d7ccf8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.252.67.0/24

    Signature Algorithm: sha256WithRSAEncryption
         82:69:a4:38:86:a2:c9:bb:12:82:42:68:48:c5:55:80:e8:29:
         45:29:81:5e:dc:81:58:44:84:61:39:d9:f5:23:21:58:8e:70:
         79:53:1f:4f:1e:27:cb:fd:82:a7:e0:fb:14:65:66:60:ec:7f:
         ea:a3:4d:bf:80:33:87:7c:d2:3a:ee:91:cf:a2:86:2b:cc:12:
         35:08:de:f8:41:73:00:52:5b:12:33:ff:a2:a2:50:bb:cd:3a:
         ca:05:86:31:93:e2:db:cb:af:4e:88:cb:79:16:96:6e:38:ae:
         09:f2:54:66:a9:f3:67:a0:fc:4e:42:f5:e7:6d:58:18:f4:8a:
         5a:62:e6:6f:64:7c:58:09:d4:9d:a0:c4:4d:1f:6c:c8:25:e5:
         37:45:22:17:07:ae:21:de:b4:34:e6:06:73:b9:e2:73:fb:c4:
         ec:14:f9:ab:7a:3c:2c:ef:01:49:bd:43:2f:8a:20:ff:b9:6d:
         09:b3:99:f1:ed:19:95:3c:ae:6d:7f:e0:15:62:c7:dd:56:d3:
         a2:42:97:f0:1d:85:2a:9e:80:96:35:0e:77:ae:c8:63:3d:5f:
         a9:a1:14:77:d7:65:2e:8b:bb:54:bd:08:46:54:ec:4c:00:95:
         01:d8:08:39:ed:45:28:a5:62:00:d1:0b:70:66:31:61:73:68:
         c0:a0:bd:0d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMgCUC6oN+wQdhSgm9hg2g8QQMzowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAzMDAzOTE4WhcNMjUxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A5M2ZiZmRjNjMxZGZkMGE3N2I4ZDQwNWIxOWUyMjFkYjUz
NWE1OTJlNGQzNjA0MThhMmM4Yjc1Nzk0YzljYWU0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2SUMCq6JU8syWRhlXTESrMfaq+jPOOhM9/Eo+yMSi7r5v
KKFKOAThoevJR2KvZ/NlgEDyXYrtfHFSg1CrVBDQsctmY95I+Q7llSXN1wzdzLnd
lw5+7/1uL/DNsKh1sERM/H6FBLkHbU+oZHuFOADAAule7gM4bwyQklxXqeEGttXc
19WqbLH/9cJI/EKbcNWvE3xVeWPSkrjEGX3VJo25kugU8uiIxAeAiiZ+8QClwFzk
D415mhBJHEFprjEnKEjQqf4R2u+cnnwr2Ll0bihfsaL48VlAM2jnWlyXRft+VbY5
8TUqMXEmAITRJm6BL1CvMLm3whTieksiRzhDfbLJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU1Om2I6BoYVXf07R1uSu+yF78JKQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzEzYTdhYWYzLWI0MWQtNDY5Yy04NDY0LTFmNzM5OWQ3Y2NmOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABA/EMwDQYJKoZIhvcNAQELBQADggEBAIJppDiGosm7EoJCaEjFVYDoKUUp
gV7cgVhEhGE52fUjIViOcHlTH08eJ8v9gqfg+xRlZmDsf+qjTb+AM4d80jrukc+i
hivMEjUI3vhBcwBSWxIz/6KiULvNOsoFhjGT4tvLr06Iy3kWlm44rgnyVGap82eg
/E5C9edtWBj0ilpi5m9kfFgJ1J2gxE0fbMgl5TdFIhcHriHetDTmBnO54nP7xOwU
+at6PCzvAUm9Qy+KIP+5bQmzmfHtGZU8rm1/4BVix91W06JCl/AdhSqegJY1Dneu
yGM9X6mhFHfXZS6Lu1S9CEZU7EwAlQHYCDntRSilYgDRC3BmMWFzaMCgvQ0=
-----END CERTIFICATE-----