Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8f61c5a3-03b4-4953-a5e1-ea0975d1b8fc.roa
File:                     8f61c5a3-03b4-4953-a5e1-ea0975d1b8fc.roa (raw, json)
Hash identifier:          iqgZqUIgsGRxZMbDK3lDuMfBRgeGXLCHXZWcF/zqBmE=
Subject key identifier:   F1:21:1F:BC:7D:14:EC:67:93:92:96:2E:BA:18:69:34:6D:12:AA:CC
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       74DFE3DBB6865E9A60A8B6847535081C3781650A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8f61c5a3-03b4-4953-a5e1-ea0975d1b8fc.roa
Signing time:             Sun 26 Oct 2025 00:00:05 +0000
ROA not before:           Sun 26 Oct 2025 00:00:05 +0000
ROA not after:            Sun 30 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.138.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:df:e3:db:b6:86:5e:9a:60:a8:b6:84:75:35:08:1c:37:81:65:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 26 00:00:05 2025 GMT
            Not After : Nov 30 23:59:59 2025 GMT
        Subject: serialNumber=acb9cc5225cf7930ee6956dd515cffb9ff84fe055a61fa03b55abf9c376512ff, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:5a:d8:7b:83:09:1b:da:70:4b:36:39:61:ef:
                    00:2c:40:92:f8:cc:6b:1e:b3:cb:ac:4b:59:b5:93:
                    87:d0:0f:d7:ba:dd:e3:58:40:2d:0e:01:bf:99:f2:
                    4f:0d:be:e5:05:23:cd:44:17:d3:28:c9:18:2c:17:
                    5e:de:17:7d:20:1b:9d:3b:7b:be:3e:03:c3:20:d6:
                    62:ad:e1:e2:c0:b5:ad:bc:bc:f4:45:40:c5:b0:43:
                    f6:87:e0:31:78:10:6b:52:dc:d4:65:db:23:a4:e9:
                    9f:19:98:17:dc:64:a0:01:ca:91:af:a9:cc:44:3a:
                    da:17:d2:d1:4d:6e:04:66:64:9f:6f:05:af:6a:4e:
                    de:ad:36:a5:03:b0:23:aa:d3:63:d3:7f:f3:7b:38:
                    fb:ee:03:59:d5:ff:19:37:e6:df:3d:8b:82:50:82:
                    74:7a:80:54:5c:94:3b:41:1d:e9:fc:11:66:ff:b5:
                    98:92:4a:d6:f5:b0:e1:1a:e0:18:a5:92:a3:03:94:
                    03:f6:40:cc:89:f1:b8:41:c3:98:42:47:bc:dd:82:
                    90:f3:8d:17:ae:d4:7c:c4:3c:05:01:17:36:d0:6d:
                    a9:40:ee:02:9f:67:77:a4:87:82:bf:10:84:74:01:
                    70:69:fb:c9:c2:75:19:df:b0:85:7a:c2:2a:3d:f7:
                    b2:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:21:1F:BC:7D:14:EC:67:93:92:96:2E:BA:18:69:34:6D:12:AA:CC
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8f61c5a3-03b4-4953-a5e1-ea0975d1b8fc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.138.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         8f:73:11:9e:f7:3d:7e:c8:40:2a:3c:b0:ff:62:60:fe:67:a0:
         5f:62:76:f4:b1:bc:68:a7:00:68:c1:43:bd:cf:42:d2:4b:d0:
         76:43:26:2d:25:04:2c:6f:a0:60:7d:06:57:c1:60:22:58:11:
         1f:02:cb:2b:ba:6d:59:6e:5b:70:54:af:e9:8c:d7:80:95:f8:
         9d:f9:5f:da:d4:d3:f9:a7:34:1c:98:70:7f:c0:1f:af:f4:46:
         e5:53:b2:11:58:6f:f3:fc:9c:dc:92:2e:64:48:11:b3:7b:66:
         70:58:35:00:02:72:f4:6f:22:07:4b:d0:0d:4c:4c:db:3f:95:
         a8:a5:44:52:be:59:c9:59:7d:20:1c:aa:3b:32:b6:40:21:f5:
         93:9f:24:2a:6e:fa:b0:e1:e9:bd:2b:64:39:c9:33:7e:25:ad:
         c7:f9:9a:d1:d3:db:2c:23:d0:70:37:e7:ce:86:ac:c4:90:4e:
         2d:b4:5e:e8:79:c6:f3:24:62:f1:48:74:f8:ba:4e:00:8a:80:
         41:bf:95:d0:e7:83:61:c0:1e:e5:3f:f2:10:4b:d7:2b:ef:84:
         46:6e:89:35:1b:46:af:2f:31:ac:a2:88:86:22:30:23:de:85:
         ff:8c:6e:4d:d9:97:90:54:63:63:5f:d1:be:b9:02:a8:ca:e9:
         2d:5f:87:0e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUdN/j27aGXppgqLaEdTUIHDeBZQowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI2MDAwMDA1WhcNMjUxMTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BhY2I5Y2M1MjI1Y2Y3OTMwZWU2OTU2ZGQ1MTVjZmZiOWZm
ODRmZTA1NWE2MWZhMDNiNTVhYmY5YzM3NjUxMmZmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCfWth7gwkb2nBLNjlh7wAsQJL4zGses8usS1m1k4fQD9e6
3eNYQC0OAb+Z8k8NvuUFI81EF9MoyRgsF17eF30gG507e74+A8Mg1mKt4eLAta28
vPRFQMWwQ/aH4DF4EGtS3NRl2yOk6Z8ZmBfcZKABypGvqcxEOtoX0tFNbgRmZJ9v
Ba9qTt6tNqUDsCOq02PTf/N7OPvuA1nV/xk35t89i4JQgnR6gFRclDtBHen8EWb/
tZiSStb1sOEa4BilkqMDlAP2QMyJ8bhBw5hCR7zdgpDzjReu1HzEPAUBFzbQbalA
7gKfZ3ekh4K/EIR0AXBp+8nCdRnfsIV6wio997LpAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU8SEfvH0U7GeTkpYuuhhpNG0SqswwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhmNjFjNWEzLTAzYjQtNDk1My1hNWUxLWVhMDk3NWQxYjhmYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4ijANBgkqhkiG9w0BAQsFAAOCAQEAj3MRnvc9fshAKjyw/2Jg/megX2J2
9LG8aKcAaMFDvc9C0kvQdkMmLSUELG+gYH0GV8FgIlgRHwLLK7ptWW5bcFSv6YzX
gJX4nflf2tTT+ac0HJhwf8Afr/RG5VOyEVhv8/yc3JIuZEgRs3tmcFg1AAJy9G8i
B0vQDUxM2z+VqKVEUr5ZyVl9IByqOzK2QCH1k58kKm76sOHpvStkOckzfiWtx/ma
0dPbLCPQcDfnzoasxJBOLbRe6HnG8yRi8Uh0+LpOAIqAQb+V0OeDYcAe5T/yEEvX
K++ERm6JNRtGry8xrKKIhiIwI96F/4xuTdmXkFRjY1/RvrkCqMrpLV+HDg==
-----END CERTIFICATE-----