Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/375a6ca2-770f-45e1-a8af-10c7303818a0.roa
File:                     375a6ca2-770f-45e1-a8af-10c7303818a0.roa (raw, json)
Hash identifier:          mHZnil45jj19YYgY5/J3cn0syKqBriu2qT+FbmoJoGM=
Subject key identifier:   CA:67:E6:9A:9A:9B:29:F9:31:B0:A7:11:54:C8:6C:A5:CF:26:1D:A5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1F6DE1BBB24223BF7A5492D371BC36B63257A3CE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/375a6ca2-770f-45e1-a8af-10c7303818a0.roa
Signing time:             Fri 03 Oct 2025 00:02:16 +0000
ROA not before:           Fri 03 Oct 2025 00:02:16 +0000
ROA not after:            Fri 07 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        163.119.128.0/17 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:6d:e1:bb:b2:42:23:bf:7a:54:92:d3:71:bc:36:b6:32:57:a3:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  3 00:02:16 2025 GMT
            Not After : Nov  7 23:59:59 2025 GMT
        Subject: serialNumber=d30edec0913cb55d616b6bbf9c18465058c38f18834159dc3bb2a3b03844a63d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:29:ef:a3:e1:4e:9c:45:04:0e:a8:b5:b6:25:
                    0f:19:d9:41:cd:47:8a:5c:4d:5c:e1:35:24:91:fc:
                    0b:d3:77:e3:b1:2d:93:95:80:7e:49:e8:e2:57:d0:
                    5b:52:ac:59:9e:7f:64:d9:02:5c:11:36:c2:9e:52:
                    8d:17:9f:02:a7:ef:5f:f3:92:78:40:6b:b2:6d:f9:
                    52:4d:28:c8:2d:17:ca:db:11:01:25:6c:48:5f:a6:
                    57:a4:8a:69:fc:01:74:4e:ce:f4:2d:ea:7d:43:81:
                    df:8a:10:fc:79:04:3c:d2:37:ec:61:2c:19:d2:32:
                    20:d5:35:37:d6:c0:ac:8f:d3:f1:7c:2d:d7:e0:a8:
                    49:50:d1:d1:d3:4a:0c:33:13:02:17:d8:2f:fc:d8:
                    c3:ff:ff:16:47:01:29:df:2e:1c:d3:87:db:bb:8f:
                    a4:19:91:87:87:2b:7f:df:b5:16:c6:5f:39:f7:79:
                    f4:44:55:a6:c9:e2:5e:a2:9e:cb:f1:5b:e7:56:6b:
                    be:60:50:f2:fc:9f:27:6b:65:52:ec:f9:fd:c6:3b:
                    09:2f:ad:e1:cc:d8:84:ae:cf:66:c3:ee:48:6c:59:
                    bf:62:1a:09:4d:90:49:27:67:5f:49:cf:8f:0d:ea:
                    18:06:14:bc:df:35:d8:f0:a6:ac:a2:26:85:fc:55:
                    06:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:67:E6:9A:9A:9B:29:F9:31:B0:A7:11:54:C8:6C:A5:CF:26:1D:A5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/375a6ca2-770f-45e1-a8af-10c7303818a0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.119.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         83:52:0f:0e:fc:20:af:e5:55:3e:b8:78:3d:b8:89:30:eb:5c:
         82:92:45:0b:2a:1f:80:ad:31:ca:57:6e:28:9f:49:30:9d:82:
         36:fe:ea:19:de:fe:b8:2d:ac:e7:3a:8d:cc:01:fb:ed:b1:c1:
         b2:b6:8d:c1:45:9c:6e:bc:5b:76:58:ad:ab:2e:9f:59:b8:89:
         a6:0c:4e:60:d7:8a:48:31:34:35:0a:50:09:2e:00:ca:23:fd:
         78:25:09:e7:c0:2e:e3:18:ba:2d:dd:09:ba:a8:7c:11:f8:c1:
         8a:75:0b:d1:9d:55:cb:af:56:fa:65:11:39:c9:a1:c7:be:c1:
         88:00:bb:1b:72:e3:71:9b:37:ac:07:b9:2c:fd:39:5f:28:3e:
         8d:f8:38:df:0c:4e:4f:5f:07:27:04:d5:ad:ff:c4:d1:75:d6:
         df:64:9b:1e:f1:cd:84:41:8e:5f:a8:15:37:92:3a:59:ca:0a:
         7d:22:9f:09:5b:f1:6c:e2:0b:6a:bd:94:56:b9:97:22:be:d2:
         df:e6:04:c6:2c:11:a0:0c:ca:34:46:d9:4d:38:29:8f:c7:92:
         da:0f:0f:e6:42:d3:ee:67:65:87:83:ab:b4:7a:a2:6f:86:d1:
         8a:f6:04:78:7b:73:74:6e:ab:ac:4b:bd:8f:3e:52:9f:80:46:
         ad:63:35:0f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUH23hu7JCI796VJLTcbw2tjJXo84wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAzMDAwMjE2WhcNMjUxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BkMzBlZGVjMDkxM2NiNTVkNjE2YjZiYmY5YzE4NDY1MDU4
YzM4ZjE4ODM0MTU5ZGMzYmIyYTNiMDM4NDRhNjNkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCwKe+j4U6cRQQOqLW2JQ8Z2UHNR4pcTVzhNSSR/AvTd+Ox
LZOVgH5J6OJX0FtSrFmef2TZAlwRNsKeUo0XnwKn71/zknhAa7Jt+VJNKMgtF8rb
EQElbEhfplekimn8AXROzvQt6n1Dgd+KEPx5BDzSN+xhLBnSMiDVNTfWwKyP0/F8
LdfgqElQ0dHTSgwzEwIX2C/82MP//xZHASnfLhzTh9u7j6QZkYeHK3/ftRbGXzn3
efREVabJ4l6insvxW+dWa75gUPL8nydrZVLs+f3GOwkvreHM2ISuz2bD7khsWb9i
GglNkEknZ19Jz48N6hgGFLzfNdjwpqyiJoX8VQaBAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUymfmmpqbKfkxsKcRVMhspc8mHaUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM3NWE2Y2EyLTc3MGYtNDVlMS1hOGFmLTEwYzczMDM4MThhMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAejd4AwDQYJKoZIhvcNAQELBQADggEBAINSDw78IK/lVT64eD24iTDrXIKS
RQsqH4CtMcpXbiifSTCdgjb+6hne/rgtrOc6jcwB++2xwbK2jcFFnG68W3ZYrasu
n1m4iaYMTmDXikgxNDUKUAkuAMoj/XglCefALuMYui3dCbqofBH4wYp1C9GdVcuv
VvplETnJoce+wYgAuxty43GbN6wHuSz9OV8oPo34ON8MTk9fBycE1a3/xNF11t9k
mx7xzYRBjl+oFTeSOlnKCn0inwlb8WziC2q9lFa5lyK+0t/mBMYsEaAMyjRG2U04
KY/HktoPD+ZC0+5nZYeDq7R6om+G0Yr2BHh7c3Ruq6xLvY8+Up+ARq1jNQ8=
-----END CERTIFICATE-----