Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/abe641dd-a10f-4e91-8408-cbc741adace1.roa
File:                     abe641dd-a10f-4e91-8408-cbc741adace1.roa (raw, json)
Hash identifier:          2N7HQ5h0NDo5MOCPIi3VbFmBXcAUMeVXeosaYossnrc=
Subject key identifier:   EC:41:38:84:06:2E:19:17:76:A4:2A:9B:F2:FC:6A:BB:A4:A7:12:B6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       18A9F77A218A1EF998964268439C2F8108366B26
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/abe641dd-a10f-4e91-8408-cbc741adace1.roa
Signing time:             Wed 05 Nov 2025 00:40:50 +0000
ROA not before:           Wed 05 Nov 2025 00:40:50 +0000
ROA not after:            Wed 10 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        46.235.6.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:a9:f7:7a:21:8a:1e:f9:98:96:42:68:43:9c:2f:81:08:36:6b:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  5 00:40:50 2025 GMT
            Not After : Dec 10 23:59:59 2025 GMT
        Subject: serialNumber=1faaa1ed3f9f75cb5e6e353bbf099bab4a58260c3b9625ef2b6af1e8d907fd2b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:e4:7b:bc:1b:03:47:e3:e2:88:d1:70:7c:6b:
                    89:b6:be:a7:97:cd:74:f6:10:67:99:6c:b6:90:cb:
                    0b:e4:86:bd:10:13:17:7d:49:1d:c8:a2:5a:d4:60:
                    33:f8:53:7c:de:20:7c:a3:42:57:e3:dc:57:af:76:
                    67:41:95:cf:56:d4:42:b3:a5:82:c8:67:f5:35:f0:
                    af:4b:f3:8b:11:fd:28:ed:ac:85:a4:3b:1a:93:37:
                    c7:ac:e8:5d:dc:8d:79:cc:b7:04:f1:c0:d3:31:2d:
                    a1:93:d3:9f:bd:53:ec:0b:a9:6f:ef:d6:bb:95:c8:
                    07:dd:a8:64:b4:f3:15:09:25:62:85:4e:3c:c5:80:
                    68:b2:de:2f:ad:91:e6:41:1d:ae:5c:f9:50:8d:44:
                    9f:8b:d5:79:da:94:4f:fa:ff:cc:f8:83:ae:a3:ea:
                    f9:f1:2a:30:0e:86:d2:70:49:9a:22:5f:69:08:3b:
                    d0:fa:c1:c9:d9:f9:b4:1c:2f:6b:bd:a6:95:4b:85:
                    0b:58:8e:d2:bc:12:db:d4:d1:f6:ce:bb:bb:fb:b0:
                    33:59:8d:55:22:a5:7a:1b:cf:11:b9:d4:ad:99:45:
                    05:d6:52:04:64:a2:5b:d1:70:0c:71:ec:b0:95:a4:
                    4a:09:3f:e0:7e:d8:38:48:5d:62:9e:3b:d5:8b:34:
                    eb:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:41:38:84:06:2E:19:17:76:A4:2A:9B:F2:FC:6A:BB:A4:A7:12:B6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/abe641dd-a10f-4e91-8408-cbc741adace1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.235.6.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c1:96:68:7e:9c:f5:f3:57:6e:74:36:0c:66:9c:ab:d9:3b:4c:
         35:25:3f:6e:ae:03:bd:9d:75:44:4c:fe:d2:2c:c1:bf:71:1d:
         9f:8f:4d:ce:87:26:63:f4:bc:e9:55:6e:b1:5c:7e:5b:de:d9:
         83:20:77:df:1e:43:70:26:02:fa:96:21:3f:17:77:ea:7e:f2:
         dc:00:21:cd:01:58:d6:f1:3b:27:eb:41:c3:24:1a:f6:8c:73:
         9e:b3:a6:d6:a4:83:f1:bc:e1:1f:d4:9b:41:9c:dd:88:52:f5:
         45:08:fe:49:14:5e:37:e4:45:09:cc:91:65:00:8e:59:d8:4a:
         7b:d3:35:7c:a3:91:fc:5a:26:6c:8b:58:32:2d:f9:04:e7:55:
         92:12:9a:7b:87:44:37:75:21:69:c2:29:61:80:44:28:17:e6:
         8a:a3:ad:ec:fc:cf:f7:a3:fa:65:cf:e7:27:95:e8:45:89:c9:
         11:19:c0:87:5c:47:af:2b:29:b4:14:a0:d6:99:74:d0:e6:9a:
         77:a8:34:bf:a9:6a:ce:ac:5b:7a:a1:01:3e:fb:22:da:de:25:
         25:c1:68:3c:22:99:41:85:ad:e7:bd:cf:bf:2b:8a:1d:5b:59:
         00:0f:b0:40:f6:aa:1c:20:9b:86:52:a0:6e:03:9e:c8:cd:0b:
         11:3e:f3:c3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUGKn3eiGKHvmYlkJoQ5wvgQg2ayYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTA1MDA0MDUwWhcNMjUxMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AxZmFhYTFlZDNmOWY3NWNiNWU2ZTM1M2JiZjA5OWJhYjRh
NTgyNjBjM2I5NjI1ZWYyYjZhZjFlOGQ5MDdmZDJiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCV5Hu8GwNH4+KI0XB8a4m2vqeXzXT2EGeZbLaQywvkhr0Q
Exd9SR3IolrUYDP4U3zeIHyjQlfj3FevdmdBlc9W1EKzpYLIZ/U18K9L84sR/Sjt
rIWkOxqTN8es6F3cjXnMtwTxwNMxLaGT05+9U+wLqW/v1ruVyAfdqGS08xUJJWKF
TjzFgGiy3i+tkeZBHa5c+VCNRJ+L1XnalE/6/8z4g66j6vnxKjAOhtJwSZoiX2kI
O9D6wcnZ+bQcL2u9ppVLhQtYjtK8EtvU0fbOu7v7sDNZjVUipXobzxG51K2ZRQXW
UgRkolvRcAxx7LCVpEoJP+B+2DhIXWKeO9WLNOt3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU7EE4hAYuGRd2pCqb8vxqu6SnErYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FiZTY0MWRkLWExMGYtNGU5MS04NDA4LWNiYzc0MWFkYWNlMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAu6wYwDQYJKoZIhvcNAQELBQADggEBAMGWaH6c9fNXbnQ2DGacq9k7TDUl
P26uA72ddURM/tIswb9xHZ+PTc6HJmP0vOlVbrFcflve2YMgd98eQ3AmAvqWIT8X
d+p+8twAIc0BWNbxOyfrQcMkGvaMc56zptakg/G84R/Um0Gc3YhS9UUI/kkUXjfk
RQnMkWUAjlnYSnvTNXyjkfxaJmyLWDIt+QTnVZISmnuHRDd1IWnCKWGARCgX5oqj
rez8z/ej+mXP5yeV6EWJyREZwIdcR68rKbQUoNaZdNDmmneoNL+pas6sW3qhAT77
ItreJSXBaDwimUGFree9z78rih1bWQAPsED2qhwgm4ZSoG4DnsjNCxE+88M=
-----END CERTIFICATE-----