Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/16ffac70-214d-4030-80b9-261fde777a67.roa
File:                     16ffac70-214d-4030-80b9-261fde777a67.roa (raw, json)
Hash identifier:          QbnAt5JB1rFkCgz/BcrMaKxlnKuhsS9GiM4060p12iY=
Subject key identifier:   9C:3D:62:C4:81:F9:71:5D:6F:EA:25:5D:D4:B2:BA:F7:8D:68:FA:42
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6296F0390FAA20AA5D1ED221D4EAD9C03B2EF9B2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/16ffac70-214d-4030-80b9-261fde777a67.roa
Signing time:             Sun 26 Oct 2025 00:31:37 +0000
ROA not before:           Sun 26 Oct 2025 00:31:37 +0000
ROA not after:            Sun 30 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        32.168.0.0/14 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:96:f0:39:0f:aa:20:aa:5d:1e:d2:21:d4:ea:d9:c0:3b:2e:f9:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 26 00:31:37 2025 GMT
            Not After : Nov 30 23:59:59 2025 GMT
        Subject: serialNumber=92c387064afdacc7880c7a0185ec24cef33036a6bc263a36466c2fba41749747, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:69:57:54:a6:38:6d:12:97:6c:24:a9:24:d9:
                    d0:70:03:c7:50:71:66:57:8d:7c:32:a5:3b:30:81:
                    bc:43:61:f0:49:83:a8:1b:f8:3e:db:32:a2:87:43:
                    1d:f5:1f:9f:97:64:df:26:67:10:ee:cd:d1:ea:30:
                    62:42:cf:63:1c:ff:3a:47:63:8e:b5:39:24:e3:3a:
                    33:61:7f:f5:77:eb:59:7b:f6:18:1d:a2:c9:08:8b:
                    58:66:98:0d:3a:8c:86:45:92:ab:11:d4:23:aa:d2:
                    55:3e:d3:3d:6e:5a:72:ad:ad:3d:cf:1e:88:06:8e:
                    27:14:d7:65:e1:dd:19:60:c6:0b:1d:65:23:62:0c:
                    b4:f2:1b:d5:64:3f:34:be:ee:11:f2:90:08:37:55:
                    ec:c2:8d:7a:49:e8:b9:cc:a8:85:bc:59:c2:f7:0a:
                    90:28:70:32:f2:75:6b:e9:05:49:a4:70:14:ec:21:
                    0e:cb:5d:45:f6:1f:87:12:f7:d5:a9:be:b9:11:eb:
                    cd:e8:72:e8:39:e4:7f:6d:58:6b:12:5d:dd:69:55:
                    91:aa:d2:a7:c0:e9:b9:f2:5f:49:9a:88:1a:b8:31:
                    04:d6:f4:05:b4:50:81:4b:34:ad:c8:5f:56:ad:b0:
                    25:8d:b5:1d:77:6c:eb:94:af:eb:26:61:e2:c4:39:
                    06:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:3D:62:C4:81:F9:71:5D:6F:EA:25:5D:D4:B2:BA:F7:8D:68:FA:42
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/16ffac70-214d-4030-80b9-261fde777a67.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  32.168.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         1d:7d:51:1b:5c:e0:3e:a6:85:ea:17:05:a7:e6:67:60:1d:56:
         72:57:ec:68:55:c9:2f:1a:83:f4:25:91:aa:df:70:d3:6d:b4:
         c2:7a:0c:7f:6c:25:04:4b:af:d9:e0:f9:05:98:3a:c7:8c:0e:
         f7:1a:2f:d1:ab:a7:6e:ec:b5:43:bc:51:ba:c2:a3:36:b9:67:
         79:b6:78:35:a3:e3:52:94:fe:8b:95:5b:e7:27:de:62:fb:e9:
         db:f2:63:b2:a8:7a:23:ab:b4:97:08:17:59:08:55:8a:cb:19:
         fe:21:0e:df:a5:5e:b7:e7:d4:3a:71:1e:42:cc:80:e8:7e:ff:
         26:6a:df:a8:b9:66:7d:d6:d0:ba:02:8d:0a:f3:27:ac:fe:65:
         76:55:5b:40:b5:9e:95:af:3f:7d:e9:9f:b1:44:07:8c:99:35:
         5b:2e:16:b8:e4:29:bf:bd:59:41:95:ab:61:69:57:73:cf:d0:
         93:6b:a6:54:a4:d4:40:93:96:4e:99:cb:80:7a:de:48:5d:c5:
         78:6a:b4:f8:39:37:bc:89:d9:6c:74:a5:38:2b:56:19:2c:99:
         bb:dd:2c:92:b2:d6:fc:6c:78:1e:9f:c7:e6:be:cf:90:76:d1:
         d8:22:32:0c:07:bd:5c:3a:9b:11:78:f3:75:c7:59:e6:2e:75:
         2e:32:6a:f1
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUYpbwOQ+qIKpdHtIh1OrZwDsu+bIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI2MDAzMTM3WhcNMjUxMTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0A5MmMzODcwNjRhZmRhY2M3ODgwYzdhMDE4NWVjMjRjZWYz
MzAzNmE2YmMyNjNhMzY0NjZjMmZiYTQxNzQ5NzQ3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCNaVdUpjhtEpdsJKkk2dBwA8dQcWZXjXwypTswgbxDYfBJ
g6gb+D7bMqKHQx31H5+XZN8mZxDuzdHqMGJCz2Mc/zpHY461OSTjOjNhf/V361l7
9hgdoskIi1hmmA06jIZFkqsR1COq0lU+0z1uWnKtrT3PHogGjicU12Xh3Rlgxgsd
ZSNiDLTyG9VkPzS+7hHykAg3VezCjXpJ6LnMqIW8WcL3CpAocDLydWvpBUmkcBTs
IQ7LXUX2H4cS99WpvrkR683ocug55H9tWGsSXd1pVZGq0qfA6bnyX0maiBq4MQTW
9AW0UIFLNK3IX1atsCWNtR13bOuUr+smYeLEOQbNAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUnD1ixIH5cV1v6iVd1LK6941o+kIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE2ZmZhYzcwLTIxNGQtNDAzMC04MGI5LTI2MWZkZTc3N2E2Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwIgqDANBgkqhkiG9w0BAQsFAAOCAQEAHX1RG1zgPqaF6hcFp+ZnYB1Wclfs
aFXJLxqD9CWRqt9w0220wnoMf2wlBEuv2eD5BZg6x4wO9xov0aunbuy1Q7xRusKj
NrlnebZ4NaPjUpT+i5Vb5yfeYvvp2/Jjsqh6I6u0lwgXWQhVissZ/iEO36Vet+fU
OnEeQsyA6H7/JmrfqLlmfdbQugKNCvMnrP5ldlVbQLWela8/femfsUQHjJk1Wy4W
uOQpv71ZQZWrYWlXc8/Qk2umVKTUQJOWTpnLgHreSF3FeGq0+Dk3vInZbHSlOCtW
GSyZu90skrLW/Gx4Hp/H5r7PkHbR2CIyDAe9XDqbEXjzdcdZ5i51LjJq8Q==
-----END CERTIFICATE-----