Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9ae9d595-e46f-4b50-99d6-0707f0dd0ff0.roa
File:                     9ae9d595-e46f-4b50-99d6-0707f0dd0ff0.roa (raw, json)
Hash identifier:          3m59oN60o4Q2jmEB3X1W7BYQ4VAB0LHZIHnR6rSvbp8=
Subject key identifier:   99:54:D5:BD:36:51:A7:75:09:11:8C:24:4C:CA:5A:33:1D:8A:E9:CF
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1ACCAC146BC11E0DFEAFD82C637B30133B86982F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9ae9d595-e46f-4b50-99d6-0707f0dd0ff0.roa
Signing time:             Sat 15 Nov 2025 00:20:45 +0000
ROA not before:           Sat 15 Nov 2025 00:20:45 +0000
ROA not after:            Sat 20 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        149.186.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:cc:ac:14:6b:c1:1e:0d:fe:af:d8:2c:63:7b:30:13:3b:86:98:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 15 00:20:45 2025 GMT
            Not After : Dec 20 23:59:59 2025 GMT
        Subject: serialNumber=4f6b29bc80f4c126a854e823d7e4be6b833bb1391f4b5e7684db2886b8004cb4, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:05:6c:b3:49:9f:d1:e5:59:2e:76:b8:a5:69:
                    37:a6:b0:fa:07:52:e6:a4:63:3b:3b:82:47:e9:73:
                    d9:71:8e:8b:cd:35:ad:c1:3d:7c:9a:1d:40:08:ff:
                    b6:06:71:cd:77:98:ed:b0:d0:c6:5a:07:93:84:8a:
                    bd:06:87:9c:5b:58:ff:60:19:70:d2:03:c8:b3:e2:
                    92:74:65:7e:22:93:c0:a6:69:fd:c2:d8:7c:08:56:
                    60:65:1c:cb:22:39:de:f1:ce:0a:42:0a:08:73:06:
                    ed:d1:db:e4:ce:5d:5c:58:c0:18:87:3e:42:73:17:
                    3e:fb:00:76:0e:ec:ef:b2:3a:55:ac:de:4e:44:81:
                    e0:d9:32:62:eb:2b:a3:61:b9:e8:87:5b:6d:1c:80:
                    14:2e:a9:d2:94:5f:2f:b8:6a:b7:ed:1c:78:c6:6e:
                    30:51:73:33:d9:0c:c9:de:54:f9:cd:14:37:3c:e5:
                    84:b6:e0:96:49:55:b8:12:8f:0b:51:74:c4:1e:a3:
                    6c:92:e3:b8:ab:f3:8d:71:e2:d9:8e:e2:71:76:6a:
                    c4:c6:8c:65:c5:25:d7:36:cb:d7:19:9c:cd:7d:a0:
                    27:5f:f9:f1:d0:4c:5e:8e:fc:ae:40:68:de:ee:2e:
                    ec:a9:89:a6:c2:9a:fc:1f:f4:12:84:b2:89:32:97:
                    1c:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:54:D5:BD:36:51:A7:75:09:11:8C:24:4C:CA:5A:33:1D:8A:E9:CF
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9ae9d595-e46f-4b50-99d6-0707f0dd0ff0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  149.186.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         1a:ad:0e:f3:22:95:05:bb:a1:19:32:fd:5f:6a:0b:e2:b5:e9:
         33:b0:9b:51:9a:e8:a8:6c:40:3d:0a:e3:1c:b9:e5:1d:60:35:
         fa:97:a9:5c:db:5f:c7:ca:95:8b:7a:9c:64:da:af:f6:a0:43:
         9d:e0:ef:cc:aa:19:49:d7:76:fc:91:64:e7:4d:5e:34:87:a3:
         3c:25:a6:fa:72:bc:18:d6:16:97:e5:ac:09:54:a1:15:9d:f5:
         8a:27:b6:e6:fe:a0:82:ea:b9:57:ea:f8:c9:f0:5f:59:47:ab:
         4a:23:26:62:a9:7f:2d:7e:e6:40:d7:dd:28:34:3f:e6:ed:e0:
         32:b6:49:e7:93:7e:d8:5d:60:d9:59:e1:b4:36:57:54:4b:ea:
         26:fe:ea:5c:aa:a3:45:35:39:62:7a:e6:ef:af:4e:fd:8d:a4:
         0c:c5:32:09:57:b5:51:c0:aa:cc:f4:74:5a:90:14:b0:ed:91:
         63:42:e5:6e:0a:3b:88:d5:6b:31:31:82:72:1d:4a:a6:3b:f3:
         bc:12:30:b9:d5:8f:02:2c:75:4b:08:d3:b5:7d:ab:76:d6:73:
         da:fe:23:3d:0b:1e:3d:56:6e:c3:91:c4:43:d7:e0:27:51:5d:
         3b:9c:22:06:54:f2:90:98:9a:6b:4b:dd:69:9d:42:97:4e:bb:
         c9:b1:98:58
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUGsysFGvBHg3+r9gsY3swEzuGmC8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTE1MDAyMDQ1WhcNMjUxMjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A0ZjZiMjliYzgwZjRjMTI2YTg1NGU4MjNkN2U0YmU2Yjgz
M2JiMTM5MWY0YjVlNzY4NGRiMjg4NmI4MDA0Y2I0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCwBWyzSZ/R5VkudrilaTemsPoHUuakYzs7gkfpc9lxjovN
Na3BPXyaHUAI/7YGcc13mO2w0MZaB5OEir0Gh5xbWP9gGXDSA8iz4pJ0ZX4ik8Cm
af3C2HwIVmBlHMsiOd7xzgpCCghzBu3R2+TOXVxYwBiHPkJzFz77AHYO7O+yOlWs
3k5EgeDZMmLrK6NhueiHW20cgBQuqdKUXy+4arftHHjGbjBRczPZDMneVPnNFDc8
5YS24JZJVbgSjwtRdMQeo2yS47ir841x4tmO4nF2asTGjGXFJdc2y9cZnM19oCdf
+fHQTF6O/K5AaN7uLuypiabCmvwf9BKEsokylxy/AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUmVTVvTZRp3UJEYwkTMpaMx2K6c8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzlhZTlkNTk1LWU0NmYtNGI1MC05OWQ2LTA3MDdmMGRkMGZmMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCVujANBgkqhkiG9w0BAQsFAAOCAQEAGq0O8yKVBbuhGTL9X2oL4rXpM7Cb
UZroqGxAPQrjHLnlHWA1+pepXNtfx8qVi3qcZNqv9qBDneDvzKoZSdd2/JFk501e
NIejPCWm+nK8GNYWl+WsCVShFZ31iie25v6gguq5V+r4yfBfWUerSiMmYql/LX7m
QNfdKDQ/5u3gMrZJ55N+2F1g2VnhtDZXVEvqJv7qXKqjRTU5Ynrm769O/Y2kDMUy
CVe1UcCqzPR0WpAUsO2RY0Llbgo7iNVrMTGCch1KpjvzvBIwudWPAix1SwjTtX2r
dtZz2v4jPQsePVZuw5HEQ9fgJ1FdO5wiBlTykJiaa0vdaZ1Cl067ybGYWA==
-----END CERTIFICATE-----