Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9d023a52-54e3-44dc-bba9-27b3b31c1f3a.roa
File:                     9d023a52-54e3-44dc-bba9-27b3b31c1f3a.roa (raw, json)
Hash identifier:          LWcDilVHWk2BriLTU3aaUehtJFKd3tYLNFD+G6iEqYs=
Subject key identifier:   5E:83:57:7E:FD:D8:E8:AE:B2:23:1A:48:AE:B7:79:28:1A:91:15:DF
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2E6354CA1FE38DE12BA2AAB585953914FEBB3CD7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9d023a52-54e3-44dc-bba9-27b3b31c1f3a.roa
Signing time:             Sun 16 Nov 2025 00:10:11 +0000
ROA not before:           Sun 16 Nov 2025 00:10:11 +0000
ROA not after:            Sun 21 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.137.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:63:54:ca:1f:e3:8d:e1:2b:a2:aa:b5:85:95:39:14:fe:bb:3c:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 16 00:10:11 2025 GMT
            Not After : Dec 21 23:59:59 2025 GMT
        Subject: serialNumber=fcc36768ae646b8985ed0ee2e4a70789fd005110464265848b7304f4264fb154, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:09:7b:c3:48:cd:3f:bd:43:f0:29:06:62:b0:
                    75:44:9d:d5:74:d2:e9:fe:0f:45:66:fb:b7:4e:03:
                    16:77:6b:7d:e7:e2:09:21:63:87:87:36:f9:c4:79:
                    f6:0d:74:07:91:86:cc:a4:de:47:43:84:0c:c4:40:
                    36:0e:2d:5f:ac:20:08:53:63:a6:de:6c:89:b2:20:
                    b1:70:71:70:59:72:9f:60:f1:47:14:a1:2f:e4:ea:
                    cf:0b:d1:1a:a1:9a:ba:83:95:99:c1:76:8d:37:73:
                    70:f6:88:7b:cf:8c:30:68:9b:a8:8b:15:51:bd:4c:
                    dc:8a:f6:27:ee:d0:63:9b:01:01:ba:5d:2e:3d:4c:
                    3e:67:4f:45:1c:44:5e:52:a1:be:30:de:06:89:fd:
                    19:d4:5c:29:66:04:f0:30:a5:3e:4d:be:9a:51:cc:
                    98:d3:eb:fe:d2:83:d3:b2:07:18:09:6d:5c:42:18:
                    12:3e:1a:80:a7:df:0c:27:4b:f7:34:7f:e6:b1:a0:
                    43:af:56:b2:41:a2:5c:fe:ec:ff:8f:f0:70:d9:58:
                    bb:a4:a4:92:df:28:b1:aa:6a:65:99:76:c1:0f:5b:
                    33:2d:5a:ca:07:b2:ba:df:c2:35:7c:12:0b:12:7d:
                    82:4b:d7:96:62:73:03:b6:02:64:a1:17:6e:0a:5b:
                    7b:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:83:57:7E:FD:D8:E8:AE:B2:23:1A:48:AE:B7:79:28:1A:91:15:DF
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9d023a52-54e3-44dc-bba9-27b3b31c1f3a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.137.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:e7:e2:b6:c0:73:8d:65:57:e8:bc:e2:8e:07:f3:d6:64:84:
         ac:66:3d:4f:01:e4:a0:64:ad:4f:e5:d3:6c:b7:f5:a2:d2:bc:
         9e:25:65:a8:ea:d7:4a:a9:cd:72:8c:85:6c:61:e1:ad:01:b3:
         23:f4:8a:f8:98:bb:67:d5:76:c7:44:df:d6:d7:b7:70:ea:bd:
         e6:5f:eb:71:8e:d2:bf:2e:32:47:d3:79:6e:f9:38:79:94:2a:
         b1:b8:f1:54:d7:41:6c:42:4e:a2:ac:7a:db:44:93:5c:aa:cc:
         af:49:e6:ae:ff:20:36:60:5d:88:fb:ce:36:65:57:b5:f2:24:
         d6:f3:02:d1:d9:89:89:03:7e:43:a9:c6:94:7c:7f:6b:4d:8c:
         10:b7:7d:87:e8:1f:49:6b:d3:88:3b:54:ef:e1:6b:6b:49:25:
         e1:6a:22:5f:48:84:97:6f:33:f1:4a:aa:2b:0a:8e:b4:0b:fe:
         62:49:a2:3f:44:43:fd:49:3f:cb:ae:b6:c7:07:3d:16:a9:dd:
         34:ee:b9:72:df:e4:03:e0:b9:14:c9:73:84:df:31:d1:b8:8c:
         6d:04:7a:85:8a:0d:5a:50:81:3f:80:6b:75:dc:2a:f4:42:48:
         c6:a0:d8:66:82:f2:83:f5:c9:6d:c8:1a:a8:77:d8:57:56:15:
         eb:bf:69:f6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULmNUyh/jjeEroqq1hZU5FP67PNcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTE2MDAxMDExWhcNMjUxMjIxMjM1OTU5
WjB6MUkwRwYDVQQFE0BmY2MzNjc2OGFlNjQ2Yjg5ODVlZDBlZTJlNGE3MDc4OWZk
MDA1MTEwNDY0MjY1ODQ4YjczMDRmNDI2NGZiMTU0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDtCXvDSM0/vUPwKQZisHVEndV00un+D0Vm+7dOAxZ3a33n
4gkhY4eHNvnEefYNdAeRhsyk3kdDhAzEQDYOLV+sIAhTY6bebImyILFwcXBZcp9g
8UcUoS/k6s8L0RqhmrqDlZnBdo03c3D2iHvPjDBom6iLFVG9TNyK9ifu0GObAQG6
XS49TD5nT0UcRF5Sob4w3gaJ/RnUXClmBPAwpT5NvppRzJjT6/7Sg9OyBxgJbVxC
GBI+GoCn3wwnS/c0f+axoEOvVrJBolz+7P+P8HDZWLukpJLfKLGqamWZdsEPWzMt
WsoHsrrfwjV8EgsSfYJL15ZicwO2AmShF24KW3vlAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUXoNXfv3Y6K6yIxpIrrd5KBqRFd8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzlkMDIzYTUyLTU0ZTMtNDRkYy1iYmE5LTI3YjNiMzFjMWYzYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTYkwDQYJKoZIhvcNAQELBQADggEBAJDn4rbAc41lV+i84o4H89ZkhKxm
PU8B5KBkrU/l02y39aLSvJ4lZajq10qpzXKMhWxh4a0BsyP0iviYu2fVdsdE39bX
t3DqveZf63GO0r8uMkfTeW75OHmUKrG48VTXQWxCTqKsettEk1yqzK9J5q7/IDZg
XYj7zjZlV7XyJNbzAtHZiYkDfkOpxpR8f2tNjBC3fYfoH0lr04g7VO/ha2tJJeFq
Il9IhJdvM/FKqisKjrQL/mJJoj9EQ/1JP8uutscHPRap3TTuuXLf5APguRTJc4Tf
MdG4jG0EeoWKDVpQgT+Aa3XcKvRCSMag2GaC8oP1yW3IGqh32FdWFeu/afY=
-----END CERTIFICATE-----