Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8ea8bcc3-dbdd-4625-8fcb-b88f42d1cd0a.roa
File:                     8ea8bcc3-dbdd-4625-8fcb-b88f42d1cd0a.roa (raw, json)
Hash identifier:          VbR+lY7zth6JZhqTPNVC9FTojW+rXv1ed0GmtKkg9OM=
Subject key identifier:   50:41:65:E1:45:72:C6:EC:86:84:5C:45:2B:A0:09:28:2F:EC:10:00
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       41594738DC0233EFCD3B153AE3439C1FFE80E05D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8ea8bcc3-dbdd-4625-8fcb-b88f42d1cd0a.roa
Signing time:             Sat 11 Oct 2025 00:38:40 +0000
ROA not before:           Sat 11 Oct 2025 00:38:40 +0000
ROA not after:            Sat 15 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        216.244.0.0/18 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:59:47:38:dc:02:33:ef:cd:3b:15:3a:e3:43:9c:1f:fe:80:e0:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 11 00:38:40 2025 GMT
            Not After : Nov 15 23:59:59 2025 GMT
        Subject: serialNumber=1735de03065d062583876fa552be5a81e0af2f3ff6f769db06160755ab334fe5, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:a9:a2:c2:4f:fb:6a:b2:bb:9e:5d:3a:e1:67:
                    04:15:05:5d:e8:e7:4f:d2:9c:6e:58:fb:52:92:39:
                    0e:8e:eb:78:ef:b5:32:21:74:d4:45:d4:c7:8d:98:
                    ea:d1:62:ed:24:9c:a9:22:2f:9d:41:7f:95:1e:e3:
                    82:3c:76:b6:0c:43:f9:fa:7c:f0:07:d5:67:84:59:
                    0a:be:93:f3:24:ea:8e:de:9b:18:0f:87:30:44:6f:
                    53:5a:9c:df:5b:c0:e4:3b:91:4e:85:76:1c:09:d9:
                    0a:cb:51:46:20:ba:5b:1a:76:f9:dc:68:e6:f2:23:
                    b5:60:82:91:5e:d5:34:03:57:08:3c:cf:2a:7c:e0:
                    dc:01:9d:2f:ed:6e:07:70:19:ce:c5:13:07:85:52:
                    b8:3c:c2:cd:14:c2:d1:7d:82:5f:b8:10:64:41:69:
                    b4:a0:64:65:58:aa:11:5c:79:bc:1f:c9:dd:2b:93:
                    cc:5d:41:30:41:40:89:63:92:7b:dc:eb:dd:e3:9c:
                    3e:83:bf:fe:0d:61:9a:75:42:d0:ba:1b:19:30:4d:
                    1f:fc:af:8b:6b:9c:68:a3:d7:78:28:2f:f5:06:99:
                    d5:65:fc:e8:6e:65:a6:43:d0:dc:4a:a8:43:a6:87:
                    a5:3a:ec:10:0e:8d:81:10:44:87:f5:20:25:80:be:
                    94:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:41:65:E1:45:72:C6:EC:86:84:5C:45:2B:A0:09:28:2F:EC:10:00
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8ea8bcc3-dbdd-4625-8fcb-b88f42d1cd0a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.244.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         03:13:bd:e0:ec:dd:ee:fc:b6:34:e8:94:15:af:b1:d6:99:30:
         6d:1c:87:bf:13:56:f9:5e:5e:a4:66:c4:f9:a1:2e:fc:97:da:
         25:8d:f7:f4:72:9a:7f:dc:36:ca:d7:a7:db:db:60:7e:a9:3a:
         ab:f8:f9:08:e9:a1:4a:12:b5:3d:e9:6c:80:dd:04:4d:b3:91:
         6c:34:0e:6c:2d:df:43:e3:4e:e1:b2:38:3f:17:1d:26:1f:50:
         dd:02:63:5b:d1:6c:9c:06:8b:cc:5f:4e:be:4a:c1:b1:24:14:
         a8:49:2b:80:db:80:57:74:1f:92:85:21:d3:98:0d:6c:80:42:
         62:14:47:75:b8:b3:9a:88:69:9f:4f:67:df:2d:40:6c:84:ee:
         5e:19:0a:d3:bf:5c:63:52:e1:ce:cb:cc:dd:5c:ad:ac:fe:dd:
         28:cb:d8:f7:b3:a5:2e:3b:80:98:fb:59:3e:01:26:af:27:ad:
         75:52:38:70:c4:89:32:48:12:f2:cb:31:cb:3f:09:a9:4e:e0:
         89:aa:5b:af:73:b1:97:7c:9b:0b:c0:c7:3f:46:01:29:d9:f4:
         1d:81:57:56:04:49:6e:16:10:3e:2c:f8:78:7e:21:a2:ab:b4:
         97:97:0b:37:d6:a0:f7:b4:b4:30:cb:a4:9b:b0:95:2d:f9:03:
         3a:87:2b:36
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQVlHONwCM+/NOxU640OcH/6A4F0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDExMDAzODQwWhcNMjUxMTE1MjM1OTU5
WjB6MUkwRwYDVQQFE0AxNzM1ZGUwMzA2NWQwNjI1ODM4NzZmYTU1MmJlNWE4MWUw
YWYyZjNmZjZmNzY5ZGIwNjE2MDc1NWFiMzM0ZmU1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCjqaLCT/tqsrueXTrhZwQVBV3o50/SnG5Y+1KSOQ6O63jv
tTIhdNRF1MeNmOrRYu0knKkiL51Bf5Ue44I8drYMQ/n6fPAH1WeEWQq+k/Mk6o7e
mxgPhzBEb1NanN9bwOQ7kU6FdhwJ2QrLUUYgulsadvncaObyI7VggpFe1TQDVwg8
zyp84NwBnS/tbgdwGc7FEweFUrg8ws0UwtF9gl+4EGRBabSgZGVYqhFcebwfyd0r
k8xdQTBBQIljknvc693jnD6Dv/4NYZp1QtC6GxkwTR/8r4trnGij13goL/UGmdVl
/OhuZaZD0NxKqEOmh6U67BAOjYEQRIf1ICWAvpTtAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUUEFl4UVyxuyGhFxFK6AJKC/sEAAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhlYThiY2MzLWRiZGQtNDYyNS04ZmNiLWI4OGY0MmQxY2QwYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAbY9AAwDQYJKoZIhvcNAQELBQADggEBAAMTveDs3e78tjTolBWvsdaZMG0c
h78TVvleXqRmxPmhLvyX2iWN9/Rymn/cNsrXp9vbYH6pOqv4+QjpoUoStT3pbIDd
BE2zkWw0Dmwt30PjTuGyOD8XHSYfUN0CY1vRbJwGi8xfTr5KwbEkFKhJK4DbgFd0
H5KFIdOYDWyAQmIUR3W4s5qIaZ9PZ98tQGyE7l4ZCtO/XGNS4c7LzN1craz+3SjL
2PezpS47gJj7WT4BJq8nrXVSOHDEiTJIEvLLMcs/CalO4ImqW69zsZd8mwvAxz9G
ASnZ9B2BV1YESW4WED4s+Hh+IaKrtJeXCzfWoPe0tDDLpJuwlS35AzqHKzY=
-----END CERTIFICATE-----