Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c7b638b3-e41e-4f83-bc95-3722c08205ca.roa
File:                     c7b638b3-e41e-4f83-bc95-3722c08205ca.roa (raw, json)
Hash identifier:          lmSD1pWoLXZf/UWmMK79c6YKB6Yfq8BB4N4lHCSf0co=
Subject key identifier:   59:67:4A:DE:0C:1E:A3:46:78:3C:B9:C9:CB:14:7F:0F:5B:D6:F6:98
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       63B069EC3B122A03BF672BE76C3CE05627A4ED84
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c7b638b3-e41e-4f83-bc95-3722c08205ca.roa
Signing time:             Thu 13 Nov 2025 00:10:42 +0000
ROA not before:           Thu 13 Nov 2025 00:10:42 +0000
ROA not after:            Thu 18 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        75.3.160.0/19 maxlen: 19
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:b0:69:ec:3b:12:2a:03:bf:67:2b:e7:6c:3c:e0:56:27:a4:ed:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 13 00:10:42 2025 GMT
            Not After : Dec 18 23:59:59 2025 GMT
        Subject: serialNumber=2d695211fd1e38cf9b1d07f27e1ba57851a8ba5e93e8185cccb20c1f6fbbcc8a, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:09:ea:dc:60:83:0a:8c:60:0c:30:63:69:28:
                    56:dc:d4:7f:13:cd:59:6d:5a:f6:47:7f:ed:ae:fd:
                    7a:6a:87:43:91:fa:8a:d0:86:8f:57:44:ad:8e:46:
                    1d:ae:82:36:19:9a:a4:05:81:92:51:b8:5e:59:f4:
                    66:6a:7b:34:4b:fc:10:b2:c0:da:d5:f6:99:38:74:
                    16:cc:de:f8:e4:50:45:67:cd:a0:db:51:e4:6b:28:
                    e1:2d:85:f7:fc:2b:81:75:b9:77:3d:d7:b5:66:43:
                    d9:79:1f:83:42:54:15:8b:80:66:08:5b:0d:fd:6b:
                    1d:dc:47:14:a3:86:04:4e:95:64:a0:31:a7:57:65:
                    6c:e8:a0:44:c5:a4:fa:c2:6e:27:25:38:4e:97:50:
                    89:86:6c:87:ed:66:d9:1a:43:25:c4:94:b3:de:83:
                    c7:1d:ab:a9:3a:5a:78:33:5b:76:42:23:4d:7f:f9:
                    11:0b:d3:76:67:81:71:49:53:3d:69:cf:16:c7:5f:
                    5c:97:17:96:48:ff:16:59:0b:f9:ca:02:d6:be:a0:
                    7e:00:37:a0:48:f3:2a:04:98:75:74:07:53:53:59:
                    cf:89:d7:07:f8:d1:46:2a:03:e9:88:9f:3e:89:f1:
                    58:e2:a5:45:3f:13:dc:97:6a:fa:0d:11:c4:68:7a:
                    a0:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:67:4A:DE:0C:1E:A3:46:78:3C:B9:C9:CB:14:7F:0F:5B:D6:F6:98
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c7b638b3-e41e-4f83-bc95-3722c08205ca.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  75.3.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         7f:a4:f5:a2:2c:42:eb:d8:be:d9:88:fe:80:9e:0d:0d:8e:31:
         01:e1:03:d8:93:ab:fa:d8:64:d2:e4:c3:f1:13:24:8b:88:b2:
         4b:7f:2e:de:83:ef:0a:bd:f6:a7:fe:52:76:b3:b0:54:8b:a5:
         19:0a:15:5e:b8:b5:eb:99:15:96:8f:97:1e:ed:69:e2:12:cf:
         3a:56:36:43:86:64:aa:b9:60:54:3d:d8:c8:b1:d2:93:c5:ca:
         98:e1:86:c8:fc:ef:36:c3:ea:fb:f7:d9:e0:c5:ca:c3:31:16:
         6a:a0:ee:c2:aa:c7:60:ca:dc:ff:c2:2e:c3:60:7d:54:31:2a:
         9d:10:e9:8a:dd:32:94:57:81:a2:bd:fd:f2:d8:76:6d:ba:e6:
         e6:cb:21:89:02:1f:0c:ad:83:d8:59:58:07:c3:76:80:4c:1f:
         02:b8:1c:34:d8:6f:6b:db:4c:3b:72:d3:c2:af:17:b6:25:23:
         4a:75:6d:aa:26:7c:5b:76:68:14:4b:56:3c:7d:0f:75:34:7f:
         05:2f:bc:e1:61:c3:79:c9:f0:85:ae:20:60:16:df:ba:1b:09:
         04:36:93:6d:08:53:62:df:5a:a7:3b:1e:70:9a:4a:f9:78:0e:
         35:f4:79:82:32:fc:02:05:49:ea:03:82:e7:99:31:c7:b6:a8:
         c0:f2:61:5d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUY7Bp7DsSKgO/ZyvnbDzgViek7YQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEzMDAxMDQyWhcNMjUxMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AyZDY5NTIxMWZkMWUzOGNmOWIxZDA3ZjI3ZTFiYTU3ODUx
YThiYTVlOTNlODE4NWNjY2IyMGMxZjZmYmJjYzhhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJCercYIMKjGAMMGNpKFbc1H8TzVltWvZHf+2u/Xpqh0OR
+orQho9XRK2ORh2ugjYZmqQFgZJRuF5Z9GZqezRL/BCywNrV9pk4dBbM3vjkUEVn
zaDbUeRrKOEthff8K4F1uXc917VmQ9l5H4NCVBWLgGYIWw39ax3cRxSjhgROlWSg
MadXZWzooETFpPrCbiclOE6XUImGbIftZtkaQyXElLPeg8cdq6k6WngzW3ZCI01/
+REL03ZngXFJUz1pzxbHX1yXF5ZI/xZZC/nKAta+oH4AN6BI8yoEmHV0B1NTWc+J
1wf40UYqA+mInz6J8VjipUU/E9yXavoNEcRoeqCHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUWWdK3gweo0Z4PLnJyxR/D1vW9pgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M3YjYzOGIzLWU0MWUtNGY4My1iYzk1LTM3MjJjMDgyMDVjYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAVLA6AwDQYJKoZIhvcNAQELBQADggEBAH+k9aIsQuvYvtmI/oCeDQ2OMQHh
A9iTq/rYZNLkw/ETJIuIskt/Lt6D7wq99qf+UnazsFSLpRkKFV64teuZFZaPlx7t
aeISzzpWNkOGZKq5YFQ92Mix0pPFypjhhsj87zbD6vv32eDFysMxFmqg7sKqx2DK
3P/CLsNgfVQxKp0Q6YrdMpRXgaK9/fLYdm265ubLIYkCHwytg9hZWAfDdoBMHwK4
HDTYb2vbTDty08KvF7YlI0p1baomfFt2aBRLVjx9D3U0fwUvvOFhw3nJ8IWuIGAW
37obCQQ2k20IU2LfWqc7HnCaSvl4DjX0eYIy/AIFSeoDgueZMce2qMDyYV0=
-----END CERTIFICATE-----