Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5479b9ca-074b-4540-9c9c-ad3d807995aa.roa
File:                     5479b9ca-074b-4540-9c9c-ad3d807995aa.roa (raw, json)
Hash identifier:          6zQFcYYrzesp+ahlRbEdvXPe6kYfGSveqOQI5dyOKtc=
Subject key identifier:   EF:41:74:93:6B:91:2A:B9:23:72:DA:EA:60:06:C3:83:F0:6B:0C:0B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5F542DE57FD19CFBEE6D33956314EA2BFE64A490
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5479b9ca-074b-4540-9c9c-ad3d807995aa.roa
Signing time:             Wed 12 Nov 2025 01:21:17 +0000
ROA not before:           Wed 12 Nov 2025 01:21:17 +0000
ROA not after:            Wed 17 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        40.173.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:54:2d:e5:7f:d1:9c:fb:ee:6d:33:95:63:14:ea:2b:fe:64:a4:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 12 01:21:17 2025 GMT
            Not After : Dec 17 23:59:59 2025 GMT
        Subject: serialNumber=93c06d349a9122b44e9ca061f9cb4df59943f377f0cb09d5dabbc8a61b82b81b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:71:c2:de:97:4e:0c:b7:30:61:42:5c:37:6f:
                    62:02:93:66:cb:cc:5a:0f:9b:be:06:67:c6:c7:54:
                    03:61:46:1d:51:10:aa:84:dc:8f:d2:85:e9:e0:7f:
                    d0:a9:68:1a:7d:06:1a:56:f8:03:30:9a:8d:d1:a2:
                    7b:d5:81:18:73:d8:9b:dd:dc:19:e7:9b:94:84:38:
                    37:10:d5:61:7e:91:f4:f1:0a:0f:d6:6a:93:91:81:
                    48:94:22:0b:48:f5:67:2d:2b:5a:7b:9f:49:f7:14:
                    07:57:78:0c:cf:b3:88:7b:a7:bd:88:99:dd:e9:09:
                    60:8c:98:d8:ae:26:1d:41:1d:e4:5a:4b:44:29:2e:
                    64:ab:f6:80:52:1a:ab:0c:f2:0d:a1:92:0b:c9:ad:
                    e6:cd:1d:a6:38:7a:74:95:a1:40:bd:e2:b0:50:c5:
                    b1:b6:af:17:c7:98:1b:98:3e:67:d8:97:68:09:ee:
                    89:1e:a0:ca:1b:6e:40:e7:f1:de:6b:c1:46:78:2d:
                    25:40:88:3f:69:46:02:64:a0:56:5f:bf:81:e5:9e:
                    ad:87:61:bb:ed:f0:d8:bf:1a:4f:9b:6c:b9:0f:f4:
                    8f:5e:1c:d5:30:97:48:02:30:ab:94:41:7b:80:63:
                    e3:5e:ef:7e:03:af:c3:ce:19:82:49:65:a3:76:06:
                    c5:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:41:74:93:6B:91:2A:B9:23:72:DA:EA:60:06:C3:83:F0:6B:0C:0B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5479b9ca-074b-4540-9c9c-ad3d807995aa.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  40.173.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         45:4d:47:7a:8c:9b:e7:ca:ac:89:f5:1e:91:d9:1b:a5:75:6a:
         90:8a:d9:39:57:87:07:ba:1e:2f:01:ba:d1:a7:fe:f1:cc:27:
         02:3f:43:ae:59:50:7e:86:17:b5:9f:75:a1:4a:4d:ed:11:1c:
         ef:c2:f9:23:ee:35:64:20:06:ed:f3:ad:e3:af:1b:89:0d:6a:
         f7:8d:b7:0e:1d:fc:1f:06:f5:92:36:b5:ba:5f:e7:e1:3d:e4:
         63:cd:0c:9f:9f:f2:b3:63:b5:48:9d:71:b8:ca:61:3f:92:c5:
         3d:3b:8f:74:42:f4:f0:48:8c:c9:ff:e7:7c:92:11:ff:6d:2f:
         45:28:b2:c4:77:91:a6:d0:bf:f8:ef:1d:9e:73:6d:7c:58:ee:
         e2:d7:0a:85:c7:08:5d:9d:ba:d0:a3:d8:67:36:7f:51:dc:7f:
         9a:6a:f8:77:31:4b:22:cc:28:82:d2:02:36:39:91:6f:b4:cd:
         12:d6:41:d2:d1:eb:e3:c7:0f:d6:88:99:19:10:19:6b:7b:4b:
         0c:dd:fd:d7:ad:90:82:6e:8c:ca:61:56:15:93:01:64:0e:da:
         10:57:16:45:2a:03:80:ac:31:d4:99:15:88:13:2b:64:bf:b9:
         d8:ce:0f:13:1e:a4:f1:36:30:a6:a6:05:96:5e:73:26:1c:ce:
         f4:3b:e3:a0
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUX1Qt5X/RnPvubTOVYxTqK/5kpJAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEyMDEyMTE3WhcNMjUxMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A5M2MwNmQzNDlhOTEyMmI0NGU5Y2EwNjFmOWNiNGRmNTk5
NDNmMzc3ZjBjYjA5ZDVkYWJiYzhhNjFiODJiODFiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJccLel04MtzBhQlw3b2ICk2bLzFoPm74GZ8bHVANhRh1R
EKqE3I/Shengf9CpaBp9BhpW+AMwmo3RonvVgRhz2Jvd3Bnnm5SEODcQ1WF+kfTx
Cg/WapORgUiUIgtI9WctK1p7n0n3FAdXeAzPs4h7p72Imd3pCWCMmNiuJh1BHeRa
S0QpLmSr9oBSGqsM8g2hkgvJrebNHaY4enSVoUC94rBQxbG2rxfHmBuYPmfYl2gJ
7okeoMobbkDn8d5rwUZ4LSVAiD9pRgJkoFZfv4Hlnq2HYbvt8Ni/Gk+bbLkP9I9e
HNUwl0gCMKuUQXuAY+Ne734Dr8POGYJJZaN2BsVpAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU70F0k2uRKrkjctrqYAbDg/BrDAswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzU0NzliOWNhLTA3NGItNDU0MC05YzljLWFkM2Q4MDc5OTVhYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAorTANBgkqhkiG9w0BAQsFAAOCAQEARU1Heoyb58qsifUekdkbpXVqkIrZ
OVeHB7oeLwG60af+8cwnAj9DrllQfoYXtZ91oUpN7REc78L5I+41ZCAG7fOt468b
iQ1q9423Dh38Hwb1kja1ul/n4T3kY80Mn5/ys2O1SJ1xuMphP5LFPTuPdEL08EiM
yf/nfJIR/20vRSiyxHeRptC/+O8dnnNtfFju4tcKhccIXZ260KPYZzZ/Udx/mmr4
dzFLIswogtICNjmRb7TNEtZB0tHr48cP1oiZGRAZa3tLDN39162Qgm6MymFWFZMB
ZA7aEFcWRSoDgKwx1JkViBMrZL+52M4PEx6k8TYwpqYFll5zJhzO9DvjoA==
-----END CERTIFICATE-----