Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4d6fa9c9-a5fe-4695-879f-c3dcd2782f05.roa
File:                     4d6fa9c9-a5fe-4695-879f-c3dcd2782f05.roa (raw, json)
Hash identifier:          kxGTAhMPNOvNDtqQkp7Qt5yNgkc1JGNJIPf7H0kncM4=
Subject key identifier:   37:BF:FA:A4:35:94:6D:7A:28:F3:E2:FC:D9:78:4C:10:D6:F2:78:B8
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       45577787D6C9E6F5889C0F93A3187267A3AC13B8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4d6fa9c9-a5fe-4695-879f-c3dcd2782f05.roa
Signing time:             Sat 18 Oct 2025 03:40:07 +0000
ROA not before:           Sat 18 Oct 2025 03:40:07 +0000
ROA not after:            Sat 22 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        54.112.32.0/19 maxlen: 19
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:57:77:87:d6:c9:e6:f5:88:9c:0f:93:a3:18:72:67:a3:ac:13:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 18 03:40:07 2025 GMT
            Not After : Nov 22 23:59:59 2025 GMT
        Subject: serialNumber=b6a68feb5d6e13660a724cfa9156bcb165c2b109bd051e3951ba44b955d2b57d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:81:86:a9:cc:a4:fe:a2:c5:22:10:e4:e2:30:
                    7c:03:8c:b5:78:90:05:6f:f3:f8:52:18:5d:ec:a1:
                    4e:ed:a7:ef:ba:f0:95:ff:d4:af:57:fc:ea:33:0f:
                    53:35:5f:08:73:03:b6:24:ab:23:6d:ed:55:aa:4f:
                    2d:bc:dd:77:67:9f:16:58:c2:b0:60:7c:fc:f4:6c:
                    8c:20:f2:41:0b:e7:7a:7e:34:63:00:12:4b:71:46:
                    09:f8:ad:02:84:ba:ad:3c:db:b2:d2:71:15:f6:38:
                    50:a2:fc:be:ce:f2:0a:7a:8f:d7:4f:78:a8:d5:89:
                    5f:38:2b:01:97:c8:58:58:e3:a5:9c:37:f7:ba:d4:
                    75:8c:49:b4:61:df:6f:fc:0a:2e:a9:15:44:4f:2f:
                    73:80:80:95:c4:65:74:9f:23:63:01:31:3e:59:b8:
                    31:d0:46:63:ef:1d:1a:85:6f:e0:3c:c2:bc:33:81:
                    03:ef:fa:e5:54:ae:57:f0:5c:04:2f:75:62:b6:c6:
                    fc:f1:b3:3b:9b:0c:42:37:f0:48:af:f8:24:d1:a5:
                    71:ee:98:26:89:7a:8f:67:e7:7b:94:36:08:06:1a:
                    a2:41:4a:1f:5d:16:f5:a3:c8:f8:cc:04:f4:7c:29:
                    f4:97:fa:32:fc:70:96:46:dd:8a:8f:42:78:6e:14:
                    4d:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:BF:FA:A4:35:94:6D:7A:28:F3:E2:FC:D9:78:4C:10:D6:F2:78:B8
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4d6fa9c9-a5fe-4695-879f-c3dcd2782f05.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.112.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         5b:fa:a7:23:43:5a:e4:44:e7:37:77:85:90:46:93:f2:b1:66:
         fd:32:05:fe:77:b6:84:a3:03:9c:9e:68:38:41:ad:3c:b0:77:
         6e:68:d8:92:e7:46:6a:a0:11:50:79:63:f9:35:30:69:4b:86:
         be:a7:90:15:0a:00:27:04:c0:82:c1:65:d7:c5:3a:e4:39:f8:
         1b:f8:6f:a1:ff:70:9b:cc:09:2f:96:9f:8d:10:1f:af:95:54:
         0b:a4:43:ca:7d:f6:9f:6d:eb:ae:fb:08:70:64:76:b8:f2:1e:
         66:15:22:ce:5e:6a:b9:da:71:2a:85:6a:69:df:c2:0f:05:d2:
         22:50:42:77:ab:18:a3:4f:1d:ea:51:7c:f1:e5:e4:4a:71:a1:
         f1:8c:64:d1:57:89:a1:29:0e:ec:a3:00:0a:b8:b0:41:a9:b8:
         9c:32:58:9b:0f:a5:5f:65:5e:fb:e0:e4:89:dc:50:f4:8c:bd:
         6b:51:d0:9b:5d:7f:9f:c8:2f:63:e9:db:eb:40:2d:48:8d:ed:
         f2:8b:b6:60:20:40:40:6f:82:8a:80:06:02:46:b4:21:dd:36:
         d7:db:28:51:00:6f:fd:b6:4c:9f:e1:e6:51:16:53:e4:08:ab:
         92:a0:04:a7:71:0b:95:64:cc:80:c2:37:ef:96:56:af:5a:da:
         ca:aa:a2:7c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURVd3h9bJ5vWInA+ToxhyZ6OsE7gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE4MDM0MDA3WhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0BiNmE2OGZlYjVkNmUxMzY2MGE3MjRjZmE5MTU2YmNiMTY1
YzJiMTA5YmQwNTFlMzk1MWJhNDRiOTU1ZDJiNTdkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDigYapzKT+osUiEOTiMHwDjLV4kAVv8/hSGF3soU7tp++6
8JX/1K9X/OozD1M1XwhzA7YkqyNt7VWqTy283XdnnxZYwrBgfPz0bIwg8kEL53p+
NGMAEktxRgn4rQKEuq0827LScRX2OFCi/L7O8gp6j9dPeKjViV84KwGXyFhY46Wc
N/e61HWMSbRh32/8Ci6pFURPL3OAgJXEZXSfI2MBMT5ZuDHQRmPvHRqFb+A8wrwz
gQPv+uVUrlfwXAQvdWK2xvzxszubDEI38Eiv+CTRpXHumCaJeo9n53uUNggGGqJB
Sh9dFvWjyPjMBPR8KfSX+jL8cJZG3YqPQnhuFE03AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUN7/6pDWUbXoo8+L82XhMENbyeLgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRkNmZhOWM5LWE1ZmUtNDY5NS04NzlmLWMzZGNkMjc4MmYwNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAU2cCAwDQYJKoZIhvcNAQELBQADggEBAFv6pyNDWuRE5zd3hZBGk/KxZv0y
Bf53toSjA5yeaDhBrTywd25o2JLnRmqgEVB5Y/k1MGlLhr6nkBUKACcEwILBZdfF
OuQ5+Bv4b6H/cJvMCS+Wn40QH6+VVAukQ8p99p9t6677CHBkdrjyHmYVIs5earna
cSqFamnfwg8F0iJQQnerGKNPHepRfPHl5EpxofGMZNFXiaEpDuyjAAq4sEGpuJwy
WJsPpV9lXvvg5IncUPSMvWtR0Jtdf5/IL2Pp2+tALUiN7fKLtmAgQEBvgoqABgJG
tCHdNtfbKFEAb/22TJ/h5lEWU+QIq5KgBKdxC5VkzIDCN++WVq9a2sqqonw=
-----END CERTIFICATE-----