Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98f54404-7ff6-4be7-9d93-ffaf68f6910e.roa
File:                     98f54404-7ff6-4be7-9d93-ffaf68f6910e.roa (raw, json)
Hash identifier:          VYAyOUuEBltZjz6jdi2uLt/ZKpj+XhpKsAXpU5izknk=
Subject key identifier:   D0:C8:D3:D5:2E:76:FC:F8:5A:3E:92:AE:0D:36:BF:24:BE:B3:36:C1
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       318493D81884212F6277439F96DB693A71B28526
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98f54404-7ff6-4be7-9d93-ffaf68f6910e.roa
Signing time:             Mon 06 Oct 2025 16:11:14 +0000
ROA not before:           Mon 06 Oct 2025 16:11:14 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        44.199.180.0/23 maxlen: 23
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:84:93:d8:18:84:21:2f:62:77:43:9f:96:db:69:3a:71:b2:85:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  6 16:11:14 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=196f4e2798cfa572ae9b46d4c2938c89f60e17b125fe5608a73c76c5f9ab938b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:25:ad:30:97:27:a9:31:e6:17:51:f0:79:f3:
                    9a:75:68:3a:2c:d1:fa:43:81:d2:be:c8:81:be:eb:
                    b4:bc:08:9e:77:b9:df:fd:e1:00:7a:93:4e:84:76:
                    a1:36:4e:c4:0c:34:de:ff:a1:c2:a3:c1:10:2a:8b:
                    e4:23:93:d6:31:4a:22:e1:71:39:ee:27:78:f3:d2:
                    c6:fb:74:5f:b5:cd:7b:e9:9c:e0:cf:6d:04:ff:3a:
                    00:19:50:e4:84:18:04:fc:70:e4:db:7b:a1:4e:32:
                    d9:8f:75:a1:b5:f7:ab:cc:c5:4b:fb:d3:17:ce:c0:
                    32:77:7d:c8:d4:b1:47:d4:67:a8:67:bb:dd:ec:88:
                    5d:b0:d0:c1:b9:47:0a:25:e2:09:95:66:22:db:4f:
                    c9:32:43:b7:05:00:a4:8c:5c:1e:44:4a:32:cd:15:
                    f2:16:56:77:43:f6:91:17:59:53:24:b8:de:06:88:
                    e4:c1:36:dc:0b:18:ff:2b:df:32:f2:cf:cc:5a:07:
                    51:4a:de:63:99:20:cb:20:03:8a:cf:79:3c:22:4d:
                    0d:10:27:ef:20:99:ff:a7:c9:d4:5f:b0:00:f1:43:
                    b4:65:c3:9d:28:10:92:d4:d4:7d:01:80:1c:dc:03:
                    2b:c7:1d:fb:28:08:0c:7e:7c:07:38:dc:7c:96:94:
                    d9:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:C8:D3:D5:2E:76:FC:F8:5A:3E:92:AE:0D:36:BF:24:BE:B3:36:C1
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98f54404-7ff6-4be7-9d93-ffaf68f6910e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  44.199.180.0/23

    Signature Algorithm: sha256WithRSAEncryption
         50:76:0a:bd:91:e0:fe:c0:18:58:15:ea:51:cc:79:73:c5:5e:
         2e:3f:f7:e4:0a:c9:3d:62:55:be:20:e9:47:0a:f0:ec:4b:cf:
         ef:28:b1:85:de:b1:4d:06:a9:f0:2e:6e:87:33:f1:ca:52:d9:
         f9:e5:1e:8d:44:09:9e:75:36:2d:0b:27:92:41:47:7c:df:01:
         0d:34:74:b5:47:91:2a:e8:6e:12:88:3b:1c:5d:f1:22:f8:22:
         38:90:92:54:e0:72:4c:43:40:81:ab:f9:e4:ef:d3:cc:8e:78:
         a6:c2:da:8d:09:21:87:a8:63:b4:c9:86:2e:14:51:c6:af:4f:
         b0:df:cb:ab:57:5b:8e:64:4b:80:05:70:e7:8d:fb:b5:07:b6:
         96:8c:27:b8:15:b6:05:4a:db:b9:a2:97:74:83:47:ad:4f:cd:
         5d:0e:d4:ab:c5:25:08:f0:94:d1:62:97:a4:bb:19:ad:9e:a9:
         72:5d:12:f2:b0:25:9d:2e:d1:f2:6f:32:a8:ac:5e:45:bd:7c:
         7e:07:e8:c5:e1:28:73:e8:9c:79:f7:19:6c:bd:7b:38:f8:2a:
         bc:f6:24:61:23:d2:84:0c:f8:69:9d:40:f8:a6:a7:e5:6b:6a:
         0d:15:1f:95:e1:ff:8f:8f:d8:ac:56:24:7f:e2:89:28:12:c7:
         a5:6c:72:6e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMYST2BiEIS9id0OflttpOnGyhSYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA2MTYxMTE0WhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AxOTZmNGUyNzk4Y2ZhNTcyYWU5YjQ2ZDRjMjkzOGM4OWY2
MGUxN2IxMjVmZTU2MDhhNzNjNzZjNWY5YWI5MzhiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCjJa0wlyepMeYXUfB585p1aDos0fpDgdK+yIG+67S8CJ53
ud/94QB6k06EdqE2TsQMNN7/ocKjwRAqi+Qjk9YxSiLhcTnuJ3jz0sb7dF+1zXvp
nODPbQT/OgAZUOSEGAT8cOTbe6FOMtmPdaG196vMxUv70xfOwDJ3fcjUsUfUZ6hn
u93siF2w0MG5Rwol4gmVZiLbT8kyQ7cFAKSMXB5ESjLNFfIWVndD9pEXWVMkuN4G
iOTBNtwLGP8r3zLyz8xaB1FK3mOZIMsgA4rPeTwiTQ0QJ+8gmf+nydRfsADxQ7Rl
w50oEJLU1H0BgBzcAyvHHfsoCAx+fAc43HyWlNmRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU0MjT1S52/PhaPpKuDTa/JL6zNsEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk4ZjU0NDA0LTdmZjYtNGJlNy05ZDkzLWZmYWY2OGY2OTEwZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEsx7QwDQYJKoZIhvcNAQELBQADggEBAFB2Cr2R4P7AGFgV6lHMeXPFXi4/
9+QKyT1iVb4g6UcK8OxLz+8osYXesU0GqfAubocz8cpS2fnlHo1ECZ51Ni0LJ5JB
R3zfAQ00dLVHkSrobhKIOxxd8SL4IjiQklTgckxDQIGr+eTv08yOeKbC2o0JIYeo
Y7TJhi4UUcavT7Dfy6tXW45kS4AFcOeN+7UHtpaMJ7gVtgVK27mil3SDR61PzV0O
1KvFJQjwlNFil6S7Ga2eqXJdEvKwJZ0u0fJvMqisXkW9fH4H6MXhKHPonHn3GWy9
ezj4Krz2JGEj0oQM+GmdQPimp+Vrag0VH5Xh/4+P2KxWJH/iiSgSx6Vscm4=
-----END CERTIFICATE-----