Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1a954652-ffae-4df0-b410-814bccdedfa0.roa
File:                     1a954652-ffae-4df0-b410-814bccdedfa0.roa (raw, json)
Hash identifier:          aXdWY/wugR5JswZH8XuMCga1hcOYblsPGiM+5elR+C0=
Subject key identifier:   3F:F0:4D:D7:0B:CC:C6:8F:42:BD:2B:41:AD:FC:D9:8D:93:00:A8:49
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       20B067322CCE8246BBB051257354A52DFB876A0E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1a954652-ffae-4df0-b410-814bccdedfa0.roa
Signing time:             Tue 07 Oct 2025 00:21:33 +0000
ROA not before:           Tue 07 Oct 2025 00:21:33 +0000
ROA not after:            Tue 11 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        136.18.33.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:b0:67:32:2c:ce:82:46:bb:b0:51:25:73:54:a5:2d:fb:87:6a:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  7 00:21:33 2025 GMT
            Not After : Nov 11 23:59:59 2025 GMT
        Subject: serialNumber=ebed524c4fd99ce5f694d8f34fcd5a75fb2a9b44f48613522179ba614464e284, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:5e:e1:f8:86:3a:47:fb:4d:55:cc:65:11:40:
                    50:e8:2a:42:0a:be:0c:bf:bd:d7:04:f9:c9:ca:21:
                    75:42:3d:79:49:b2:48:9b:d6:5c:43:63:fd:39:72:
                    74:c0:60:89:6d:78:5b:09:2e:e2:06:d7:e9:7b:14:
                    5e:6d:b6:38:85:d0:3d:0c:2c:17:85:bc:28:f3:05:
                    5d:54:eb:9a:ff:7d:c1:da:31:dd:13:8a:eb:60:ca:
                    8f:bc:88:b6:00:7f:a6:03:2f:2c:b0:ef:f6:85:78:
                    18:ad:82:99:ed:a0:40:6d:1a:fc:a6:02:86:85:af:
                    ce:3a:8c:d4:40:7d:45:41:23:54:8b:8f:99:6a:52:
                    16:f9:27:8d:0c:cc:a2:ec:8d:d7:92:cd:d3:78:ba:
                    fc:ae:f5:42:75:c0:24:c5:93:89:f1:b1:35:b8:2d:
                    8a:9b:1e:03:67:41:69:a7:0d:dc:0a:4f:2c:ac:73:
                    98:a8:5c:69:3c:a8:36:fa:e3:37:8c:28:92:1c:d5:
                    98:0a:c3:d2:28:80:b2:82:82:d7:47:a9:cd:38:17:
                    3e:98:80:b2:ca:49:c2:50:83:76:60:7e:96:d5:bd:
                    2b:0b:1c:f5:c6:ca:77:70:d7:d0:e6:65:c1:42:68:
                    32:b0:c6:67:d0:44:c5:33:fd:be:d2:17:fa:02:67:
                    2a:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:F0:4D:D7:0B:CC:C6:8F:42:BD:2B:41:AD:FC:D9:8D:93:00:A8:49
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1a954652-ffae-4df0-b410-814bccdedfa0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  136.18.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         46:06:57:b3:41:12:2e:c5:2d:ad:18:d9:73:bc:d3:43:19:d8:
         61:69:5a:db:5b:04:ee:10:61:5e:58:73:72:30:4f:5e:b9:ed:
         fb:b4:d1:51:df:b5:1d:12:d7:65:a5:da:af:22:1b:f0:d3:14:
         8e:8d:a6:95:48:aa:34:80:70:6d:36:43:e9:29:a5:42:ce:94:
         c6:3a:dc:17:81:0a:4a:d8:5c:9f:31:e3:14:c9:b6:6a:6a:21:
         2d:e6:f3:fb:04:8d:6f:22:7e:1f:98:a2:95:07:39:61:3e:0e:
         b0:92:0e:37:07:80:8f:6d:fd:dc:b5:b1:e5:ab:e2:41:e0:0e:
         76:6d:2d:85:f9:44:f0:85:48:df:91:a0:00:0b:83:fa:2a:8e:
         e2:b3:ab:94:f8:40:1d:4a:f6:e9:b4:66:1b:20:c6:61:d6:92:
         17:a8:05:29:4a:94:7a:bf:95:68:39:92:22:1c:1c:c6:25:79:
         bf:60:bf:53:9c:f5:65:57:a3:e0:e2:53:47:44:3e:83:05:a4:
         b2:bb:f1:ad:16:df:1d:46:80:67:f3:41:69:f4:6e:3b:25:dd:
         e5:cb:61:db:f8:62:53:2f:f3:2c:b1:33:cd:9a:cb:13:af:69:
         33:07:ee:c7:ad:fe:9f:a2:a9:a3:41:04:3b:26:04:63:6a:a7:
         2d:32:7a:14
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUILBnMizOgka7sFElc1SlLfuHag4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA3MDAyMTMzWhcNMjUxMTExMjM1OTU5
WjB6MUkwRwYDVQQFE0BlYmVkNTI0YzRmZDk5Y2U1ZjY5NGQ4ZjM0ZmNkNWE3NWZi
MmE5YjQ0ZjQ4NjEzNTIyMTc5YmE2MTQ0NjRlMjg0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDGXuH4hjpH+01VzGURQFDoKkIKvgy/vdcE+cnKIXVCPXlJ
skib1lxDY/05cnTAYIlteFsJLuIG1+l7FF5ttjiF0D0MLBeFvCjzBV1U65r/fcHa
Md0Tiutgyo+8iLYAf6YDLyyw7/aFeBitgpntoEBtGvymAoaFr846jNRAfUVBI1SL
j5lqUhb5J40MzKLsjdeSzdN4uvyu9UJ1wCTFk4nxsTW4LYqbHgNnQWmnDdwKTyys
c5ioXGk8qDb64zeMKJIc1ZgKw9IogLKCgtdHqc04Fz6YgLLKScJQg3ZgfpbVvSsL
HPXGyndw19DmZcFCaDKwxmfQRMUz/b7SF/oCZyoDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUP/BN1wvMxo9CvStBrfzZjZMAqEkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzFhOTU0NjUyLWZmYWUtNGRmMC1iNDEwLTgxNGJjY2RlZGZhMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACIEiEwDQYJKoZIhvcNAQELBQADggEBAEYGV7NBEi7FLa0Y2XO800MZ2GFp
WttbBO4QYV5Yc3IwT1657fu00VHftR0S12Wl2q8iG/DTFI6NppVIqjSAcG02Q+kp
pULOlMY63BeBCkrYXJ8x4xTJtmpqIS3m8/sEjW8ifh+YopUHOWE+DrCSDjcHgI9t
/dy1seWr4kHgDnZtLYX5RPCFSN+RoAALg/oqjuKzq5T4QB1K9um0ZhsgxmHWkheo
BSlKlHq/lWg5kiIcHMYleb9gv1Oc9WVXo+DiU0dEPoMFpLK78a0W3x1GgGfzQWn0
bjsl3eXLYdv4YlMv8yyxM82ayxOvaTMH7set/p+iqaNBBDsmBGNqpy0yehQ=
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:16:02 2025 by rpki-client