Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5e83772b-20e7-44cd-b060-03d5950ee025.roa
File:                     5e83772b-20e7-44cd-b060-03d5950ee025.roa (raw, json)
Hash identifier:          toMl9iQCwOI+e+5PTq5UinSBSh+uGvUkgSvgx/shRzI=
Subject key identifier:   95:99:4B:80:B2:6A:F2:A6:5E:90:5C:3B:13:03:AC:D0:57:A9:1B:29
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2719CD1C1107B1A0F33397F589104264FCD4FC77
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5e83772b-20e7-44cd-b060-03d5950ee025.roa
Signing time:             Sun 16 Nov 2025 00:21:15 +0000
ROA not before:           Sun 16 Nov 2025 00:21:15 +0000
ROA not after:            Sun 21 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.149.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:19:cd:1c:11:07:b1:a0:f3:33:97:f5:89:10:42:64:fc:d4:fc:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 16 00:21:15 2025 GMT
            Not After : Dec 21 23:59:59 2025 GMT
        Subject: serialNumber=e70b1d5ad03033d83f857f8f30ae167f1aa145d96d0099a7e53ce943a9ad7b98, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:6e:2e:a7:1b:4f:12:4e:c4:0c:6a:f6:f0:96:
                    96:36:8a:f6:70:0a:73:40:27:f7:4c:1b:d2:4f:c0:
                    9e:58:c6:51:2a:9c:50:41:bb:dc:9d:95:2a:d3:94:
                    55:9c:70:b4:2e:f5:9b:b0:e7:1d:d2:8f:ae:b4:32:
                    37:a1:d6:5e:d6:b6:24:ed:e9:90:1b:7f:69:e5:b3:
                    b7:7f:ad:ce:0e:55:7d:72:ce:43:0d:bb:ad:6c:84:
                    08:7a:ba:9f:6c:c5:05:c9:3b:d3:86:30:dd:00:a5:
                    9f:b2:98:c2:53:4e:01:0d:c9:80:e3:00:1b:40:28:
                    c4:eb:95:27:8c:b3:02:95:d4:ac:41:45:61:49:46:
                    4a:7c:34:0b:ea:ce:92:77:63:bb:63:34:ed:37:fe:
                    38:b5:f9:53:cc:f2:6a:81:d3:40:3b:fd:5a:93:98:
                    da:b4:c3:56:88:90:87:76:7c:63:a5:5b:4e:4f:69:
                    ba:72:12:31:31:7a:a4:b4:f2:1f:8d:cf:21:ee:fb:
                    2e:97:db:4f:fe:cf:2f:79:a2:55:1e:48:97:d1:b7:
                    b4:df:b6:9d:ba:15:08:5b:d2:93:6e:6a:27:35:69:
                    38:68:c3:00:ce:02:db:73:a0:e8:ac:7f:ec:63:cc:
                    09:bd:46:b6:9a:d7:9e:29:0d:1f:93:b0:94:97:3f:
                    01:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:99:4B:80:B2:6A:F2:A6:5E:90:5C:3B:13:03:AC:D0:57:A9:1B:29
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5e83772b-20e7-44cd-b060-03d5950ee025.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.149.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         87:81:84:46:ca:3a:b1:51:4a:14:e2:d4:54:eb:00:26:6b:29:
         7b:6a:24:c9:d0:75:ab:16:d6:1c:8e:7b:47:ac:28:f3:dc:66:
         44:e1:07:91:45:f6:cc:ed:fa:6e:fc:4a:c3:3b:e8:d9:8f:09:
         b6:a8:6a:f6:31:98:39:97:46:06:d3:86:e9:68:4e:0a:63:4d:
         8e:fa:cb:56:b0:4f:1f:7e:04:75:cb:dd:c9:c8:a5:2e:ca:7d:
         73:d8:8c:fb:e1:58:8f:b2:f1:cb:02:a3:1e:b8:6b:b0:6d:03:
         83:87:2a:fb:99:6b:fb:7d:66:6a:52:4f:5a:8e:81:9b:c5:10:
         75:ba:24:b0:cb:20:d8:48:9c:85:18:98:cd:a2:e9:ba:78:22:
         08:d2:70:f9:7a:67:16:5b:4f:59:14:bb:4a:58:0b:ee:be:c4:
         58:17:7a:3f:43:a8:a4:5c:ec:a1:2f:72:49:be:7d:b0:2f:ca:
         14:ca:52:2c:bf:2b:8d:bd:a0:cd:dd:28:fb:ce:e5:7c:9b:d8:
         f2:72:27:51:d4:1e:c6:c5:7b:c8:d8:c0:9b:62:8a:22:90:b7:
         51:f5:d7:0d:1f:f3:9a:cf:4f:56:bb:45:14:6d:d1:8c:ce:4a:
         a9:62:c7:8e:4b:99:9c:0d:da:40:02:b8:61:24:f9:fd:b5:f5:
         8a:93:ca:65
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUJxnNHBEHsaDzM5f1iRBCZPzU/HcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTE2MDAyMTE1WhcNMjUxMjIxMjM1OTU5
WjB6MUkwRwYDVQQFE0BlNzBiMWQ1YWQwMzAzM2Q4M2Y4NTdmOGYzMGFlMTY3ZjFh
YTE0NWQ5NmQwMDk5YTdlNTNjZTk0M2E5YWQ3Yjk4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDibi6nG08STsQMavbwlpY2ivZwCnNAJ/dMG9JPwJ5YxlEq
nFBBu9ydlSrTlFWccLQu9Zuw5x3Sj660Mjeh1l7WtiTt6ZAbf2nls7d/rc4OVX1y
zkMNu61shAh6up9sxQXJO9OGMN0ApZ+ymMJTTgENyYDjABtAKMTrlSeMswKV1KxB
RWFJRkp8NAvqzpJ3Y7tjNO03/ji1+VPM8mqB00A7/VqTmNq0w1aIkId2fGOlW05P
abpyEjExeqS08h+NzyHu+y6X20/+zy95olUeSJfRt7Tftp26FQhb0pNuaic1aTho
wwDOAttzoOisf+xjzAm9Rraa154pDR+TsJSXPwEBAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUlZlLgLJq8qZekFw7EwOs0FepGykwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzVlODM3NzJiLTIwZTctNDRjZC1iMDYwLTAzZDU5NTBlZTAyNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4lTANBgkqhkiG9w0BAQsFAAOCAQEAh4GERso6sVFKFOLUVOsAJmspe2ok
ydB1qxbWHI57R6wo89xmROEHkUX2zO36bvxKwzvo2Y8Jtqhq9jGYOZdGBtOG6WhO
CmNNjvrLVrBPH34EdcvdycilLsp9c9iM++FYj7LxywKjHrhrsG0Dg4cq+5lr+31m
alJPWo6Bm8UQdboksMsg2EichRiYzaLpungiCNJw+XpnFltPWRS7SlgL7r7EWBd6
P0OopFzsoS9ySb59sC/KFMpSLL8rjb2gzd0o+87lfJvY8nInUdQexsV7yNjAm2KK
IpC3UfXXDR/zms9PVrtFFG3RjM5KqWLHjkuZnA3aQAK4YST5/bX1ipPKZQ==
-----END CERTIFICATE-----