Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8469210f-a38a-4fc9-9e32-10f79df8ee72.roa
File:                     8469210f-a38a-4fc9-9e32-10f79df8ee72.roa (raw, json)
Hash identifier:          NhgyMmBeGEaGoOGA+1cTBV2ZeSurEtoo3929pO3dies=
Subject key identifier:   99:17:45:9F:93:50:A1:18:E7:41:4A:C3:6A:DC:F4:6D:13:6A:C4:C8
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6F55F372E8CD737FE7E01D0913FDE367F9ADC6BA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8469210f-a38a-4fc9-9e32-10f79df8ee72.roa
Signing time:             Wed 05 Nov 2025 00:30:18 +0000
ROA not before:           Wed 05 Nov 2025 00:30:18 +0000
ROA not after:            Wed 10 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        203.110.200.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6f:55:f3:72:e8:cd:73:7f:e7:e0:1d:09:13:fd:e3:67:f9:ad:c6:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  5 00:30:18 2025 GMT
            Not After : Dec 10 23:59:59 2025 GMT
        Subject: serialNumber=d94f6f06a63887e603916695f51e4dea064d984cbbb3d75d2bb231c0c1bd4e6e, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:40:02:bb:27:67:9b:fe:7d:8e:33:61:ca:1e:
                    2c:26:3f:dd:8a:c3:f0:09:81:7d:90:ea:5c:e2:35:
                    29:72:85:eb:dd:7a:73:7c:45:45:8d:2c:c7:10:3a:
                    7b:0e:99:a6:4f:4f:80:ab:81:fb:ed:4b:dd:d9:47:
                    12:9a:75:14:2d:91:12:6d:55:65:1f:53:fd:9b:78:
                    17:3b:6b:e4:5d:5b:fc:04:fc:93:47:6b:48:5c:3a:
                    b9:a9:07:fe:74:b7:be:12:0e:03:11:45:0b:36:d1:
                    50:b4:81:54:11:55:a1:74:4d:f7:71:b4:ee:b9:ee:
                    83:6b:39:93:c9:18:fb:6f:21:1d:39:64:79:45:5d:
                    ab:27:c0:bc:12:28:7a:7b:48:8f:80:ce:5b:e9:c5:
                    56:ff:1c:a4:36:c3:5a:03:0c:98:16:1c:5f:24:69:
                    5e:00:63:94:9c:05:55:a7:02:32:c9:69:7c:27:48:
                    43:95:1b:c0:f6:7d:31:3e:62:38:ba:8f:d3:d2:78:
                    5a:8b:5e:67:f8:66:84:fd:26:49:a9:13:25:81:55:
                    c5:78:61:a8:3c:c7:65:cb:5e:18:7a:d0:34:50:22:
                    f7:09:07:fd:4c:84:63:52:33:9a:d1:e7:d8:52:58:
                    18:a9:a1:f9:60:7f:47:48:1d:dd:42:29:d6:c4:79:
                    ae:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:17:45:9F:93:50:A1:18:E7:41:4A:C3:6A:DC:F4:6D:13:6A:C4:C8
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8469210f-a38a-4fc9-9e32-10f79df8ee72.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.110.200.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:e4:8b:a1:00:73:4f:8a:a6:c2:e0:a4:f0:7d:b4:b2:83:f9:
         a8:7b:04:5a:29:f4:4f:8c:1a:d8:b0:e4:42:d8:21:57:68:ea:
         97:a8:55:16:ef:3f:8c:3e:57:9b:ed:84:02:3a:94:57:c9:d9:
         76:4d:a7:e6:38:2d:f8:45:2f:69:29:9d:b0:d9:a5:58:f3:d5:
         ba:86:1c:de:3b:8f:c3:88:f9:65:60:27:76:88:65:34:7c:5c:
         44:c3:e5:49:57:5e:b9:6f:49:19:07:0c:93:a0:75:e3:f7:4a:
         e2:80:48:b7:6a:63:51:4a:b8:ee:35:19:df:8c:2e:ff:55:db:
         3d:32:a2:c9:a8:46:28:44:fc:c0:4e:47:a5:5b:61:90:5f:ed:
         07:18:bc:37:05:b8:3c:07:cd:c3:f7:ce:22:8d:1a:0a:74:5d:
         1e:68:cf:b9:60:ff:1d:09:54:43:59:04:b4:ad:72:3e:83:1b:
         ae:29:dd:e0:f2:f3:98:a8:36:d6:27:08:52:f6:5a:4f:f9:ba:
         89:33:64:fa:b9:23:d9:5f:2e:7e:d6:a6:57:cd:8d:27:75:ef:
         b6:19:2b:6c:6b:b5:08:e4:53:70:37:e4:26:bf:c2:71:76:6d:
         3d:17:df:6e:c1:96:b9:83:83:53:06:bf:75:8a:cf:f2:95:87:
         cd:46:60:27
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUb1XzcujNc3/n4B0JE/3jZ/mtxrowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTA1MDAzMDE4WhcNMjUxMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BkOTRmNmYwNmE2Mzg4N2U2MDM5MTY2OTVmNTFlNGRlYTA2
NGQ5ODRjYmJiM2Q3NWQyYmIyMzFjMGMxYmQ0ZTZlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3QAK7J2eb/n2OM2HKHiwmP92Kw/AJgX2Q6lziNSlyhevd
enN8RUWNLMcQOnsOmaZPT4CrgfvtS93ZRxKadRQtkRJtVWUfU/2beBc7a+RdW/wE
/JNHa0hcOrmpB/50t74SDgMRRQs20VC0gVQRVaF0TfdxtO657oNrOZPJGPtvIR05
ZHlFXasnwLwSKHp7SI+AzlvpxVb/HKQ2w1oDDJgWHF8kaV4AY5ScBVWnAjLJaXwn
SEOVG8D2fTE+Yji6j9PSeFqLXmf4ZoT9JkmpEyWBVcV4Yag8x2XLXhh60DRQIvcJ
B/1MhGNSM5rR59hSWBipoflgf0dIHd1CKdbEea4/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUmRdFn5NQoRjnQUrDatz0bRNqxMgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg0NjkyMTBmLWEzOGEtNGZjOS05ZTMyLTEwZjc5ZGY4ZWU3Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADLbsgwDQYJKoZIhvcNAQELBQADggEBAFnki6EAc0+KpsLgpPB9tLKD+ah7
BFop9E+MGtiw5ELYIVdo6peoVRbvP4w+V5vthAI6lFfJ2XZNp+Y4LfhFL2kpnbDZ
pVjz1bqGHN47j8OI+WVgJ3aIZTR8XETD5UlXXrlvSRkHDJOgdeP3SuKASLdqY1FK
uO41Gd+MLv9V2z0yosmoRihE/MBOR6VbYZBf7QcYvDcFuDwHzcP3ziKNGgp0XR5o
z7lg/x0JVENZBLStcj6DG64p3eDy85ioNtYnCFL2Wk/5uokzZPq5I9lfLn7WplfN
jSd177YZK2xrtQjkU3A35Ca/wnF2bT0X327BlrmDg1MGv3WKz/KVh81GYCc=
-----END CERTIFICATE-----