Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2f53e86e-9190-41c5-ad32-08c02983e9bd.roa
File:                     2f53e86e-9190-41c5-ad32-08c02983e9bd.roa (raw, json)
Hash identifier:          N+4Ef34OGKg7v8d0eBPjN9n6XZdWzEoe+OGIrW84TJM=
Subject key identifier:   50:7D:C2:30:81:E8:E6:86:61:43:62:B6:94:3E:51:47:EF:1A:3B:0A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       35CC996D9BD1BDB0B8836CE808BC6A7469D76CF9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2f53e86e-9190-41c5-ad32-08c02983e9bd.roa
Signing time:             Tue 11 Nov 2025 00:10:22 +0000
ROA not before:           Tue 11 Nov 2025 00:10:22 +0000
ROA not after:            Tue 16 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.184.0.0/13 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:cc:99:6d:9b:d1:bd:b0:b8:83:6c:e8:08:bc:6a:74:69:d7:6c:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 11 00:10:22 2025 GMT
            Not After : Dec 16 23:59:59 2025 GMT
        Subject: serialNumber=f3cb96a8362c38b587fb306d2074903edd8253d993e3811919bf24d34bad2868, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:00:1a:04:5b:c1:54:15:09:05:b7:6e:cd:36:
                    84:2e:6c:f9:dd:fe:59:92:b9:13:78:5e:a0:71:98:
                    ab:79:c1:b3:e6:bc:09:37:6c:1e:39:9d:f9:58:c8:
                    df:73:1c:1b:b6:f2:53:6d:5f:9e:ee:fd:65:45:98:
                    c7:95:ed:fc:ce:9e:04:e0:05:a7:56:a0:4f:03:ab:
                    81:63:60:7b:b1:05:01:1d:74:28:ac:3e:0b:13:ac:
                    d6:b8:2e:08:c4:60:ff:d2:80:8e:b6:22:b2:33:4b:
                    46:26:e2:01:38:6b:00:95:7e:a6:b2:f3:f5:73:48:
                    80:7b:82:c2:55:77:61:ca:55:ea:3e:f6:8a:8c:20:
                    68:99:19:f5:05:ad:56:85:df:01:ce:13:ba:e6:c4:
                    2e:b5:3a:57:de:82:ef:2d:c1:c0:99:2b:f4:0e:6e:
                    9b:9b:88:2a:11:4e:4a:a5:9f:3f:17:95:2f:96:7e:
                    57:2d:88:b4:56:86:e7:d4:b6:71:0f:a5:0a:52:c1:
                    bb:61:11:d6:70:80:a7:93:db:7b:7c:f1:63:36:00:
                    aa:92:39:d5:56:23:bd:a9:51:4e:af:c4:8d:f6:82:
                    0e:60:48:c1:c9:23:03:8d:c0:66:0d:a7:8a:f7:8d:
                    5d:ef:73:5c:37:90:26:9b:89:fe:84:68:54:ed:da:
                    67:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:7D:C2:30:81:E8:E6:86:61:43:62:B6:94:3E:51:47:EF:1A:3B:0A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2f53e86e-9190-41c5-ad32-08c02983e9bd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.184.0.0/13

    Signature Algorithm: sha256WithRSAEncryption
         66:3d:e7:e8:d5:85:49:e9:f1:fa:e0:93:32:41:88:d5:fb:06:
         ea:43:53:3b:85:0b:54:11:1f:fc:5a:00:d6:69:e8:ae:0b:6c:
         df:a8:7b:dc:60:82:85:bc:61:7b:f7:17:1c:3f:bf:95:36:3f:
         f9:38:20:83:fd:91:fa:01:5b:94:8c:2a:c0:26:78:9f:34:ec:
         b3:c6:a4:ab:82:2f:b5:9d:ea:3a:58:ee:b1:2b:30:c0:74:66:
         83:ec:29:48:ef:3d:af:e4:c2:40:36:50:e7:4d:29:bc:d1:d4:
         e0:3d:ea:d8:62:bf:cb:c8:84:d3:6d:eb:46:59:69:ed:4e:a8:
         90:a1:34:64:11:1d:26:ec:27:08:c8:4c:07:d4:80:53:6b:3d:
         b5:40:cb:82:db:1f:2d:05:21:e9:94:f0:3b:09:64:b5:1f:6c:
         52:f2:03:68:84:5b:c8:72:12:2b:54:ea:b3:af:3d:4e:21:0b:
         3c:4c:05:9b:bf:c8:e5:ca:18:31:e5:f0:00:b9:96:b8:04:4d:
         3a:2f:02:da:6f:b7:d1:70:e5:0d:01:87:b4:7e:c7:a2:38:ad:
         ae:6a:28:e8:01:32:d7:34:f2:40:c5:45:75:df:be:90:c4:33:
         0f:7e:46:5d:df:02:f0:4d:09:36:64:8d:a2:a5:39:cf:c5:ad:
         80:72:c6:95
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUNcyZbZvRvbC4g2zoCLxqdGnXbPkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDAxMDIyWhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BmM2NiOTZhODM2MmMzOGI1ODdmYjMwNmQyMDc0OTAzZWRk
ODI1M2Q5OTNlMzgxMTkxOWJmMjRkMzRiYWQyODY4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+ABoEW8FUFQkFt27NNoQubPnd/lmSuRN4XqBxmKt5wbPm
vAk3bB45nflYyN9zHBu28lNtX57u/WVFmMeV7fzOngTgBadWoE8Dq4FjYHuxBQEd
dCisPgsTrNa4LgjEYP/SgI62IrIzS0Ym4gE4awCVfqay8/VzSIB7gsJVd2HKVeo+
9oqMIGiZGfUFrVaF3wHOE7rmxC61Olfegu8twcCZK/QObpubiCoRTkqlnz8XlS+W
flctiLRWhufUtnEPpQpSwbthEdZwgKeT23t88WM2AKqSOdVWI72pUU6vxI32gg5g
SMHJIwONwGYNp4r3jV3vc1w3kCabif6EaFTt2mcrAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUUH3CMIHo5oZhQ2K2lD5RR+8aOwowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJmNTNlODZlLTkxOTAtNDFjNS1hZDMyLTA4YzAyOTgzZTliZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwMNuDANBgkqhkiG9w0BAQsFAAOCAQEAZj3n6NWFSenx+uCTMkGI1fsG6kNT
O4ULVBEf/FoA1mnorgts36h73GCChbxhe/cXHD+/lTY/+Tggg/2R+gFblIwqwCZ4
nzTss8akq4IvtZ3qOljusSswwHRmg+wpSO89r+TCQDZQ500pvNHU4D3q2GK/y8iE
023rRllp7U6okKE0ZBEdJuwnCMhMB9SAU2s9tUDLgtsfLQUh6ZTwOwlktR9sUvID
aIRbyHISK1Tqs689TiELPEwFm7/I5coYMeXwALmWuARNOi8C2m+30XDlDQGHtH7H
ojitrmoo6AEy1zTyQMVFdd++kMQzD35GXd8C8E0JNmSNoqU5z8WtgHLGlQ==
-----END CERTIFICATE-----