Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/aec5606d-b8a4-46f2-b7ce-1d6f75bef390.roa
File:                     aec5606d-b8a4-46f2-b7ce-1d6f75bef390.roa (raw, json)
Hash identifier:          Ase7S/Ycbpc9dQdJanDkjyuTUBrNoz1wkGHItlg8+aM=
Subject key identifier:   C4:83:F1:02:B7:9B:C1:DC:96:6E:FE:10:4F:B9:BD:C7:84:F7:FD:89
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       37F4958D41CBE4C2C416D04A6D96AC8C33E9D9DE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/aec5606d-b8a4-46f2-b7ce-1d6f75bef390.roa
Signing time:             Sun 02 Nov 2025 00:40:53 +0000
ROA not before:           Sun 02 Nov 2025 00:40:53 +0000
ROA not after:            Sun 07 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.100.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:f4:95:8d:41:cb:e4:c2:c4:16:d0:4a:6d:96:ac:8c:33:e9:d9:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  2 00:40:53 2025 GMT
            Not After : Dec  7 23:59:59 2025 GMT
        Subject: serialNumber=7bcb9eb6967166a547ded0f76ba8a106135b0cf86ea61fc2190e3efe50e29f5f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:b5:b6:0e:24:06:43:92:01:2a:f9:1e:b3:ea:
                    1d:dd:f4:10:9e:c7:e2:86:3e:ec:f8:6d:52:a3:b3:
                    63:3d:f1:8d:20:63:20:cd:12:9a:21:5c:a8:2d:89:
                    98:89:c2:66:df:11:33:ee:47:f2:1f:0c:e5:fd:aa:
                    cf:d1:b6:40:53:69:c0:8a:bb:8e:a2:f1:d7:a8:7a:
                    7e:d3:91:1b:42:05:8e:01:e7:f7:37:da:1c:1d:8b:
                    78:9f:51:ee:db:d6:39:b6:49:1b:70:5f:d8:cf:97:
                    62:6f:22:24:18:7a:cb:7f:d7:53:cf:be:8d:26:b9:
                    04:07:b5:8e:ab:ec:1b:99:3f:1b:00:57:dc:76:14:
                    32:ed:64:40:a0:cd:1b:52:cb:83:ea:02:c8:5e:eb:
                    c6:54:fc:57:3a:1a:2c:95:4f:97:23:13:15:6b:b9:
                    17:7d:7b:2c:e7:06:24:9d:82:d5:0d:f7:af:fa:60:
                    f6:eb:e6:a7:7d:da:d5:7a:ea:dc:b9:1b:0f:5a:62:
                    1e:e2:ed:04:73:72:d1:23:1b:2a:ae:8b:66:16:0c:
                    40:c9:e8:0d:c8:10:3e:3c:b8:e2:68:82:61:64:8c:
                    1f:a5:9d:36:0a:d5:11:34:95:c4:83:39:b9:d7:df:
                    4b:42:cb:ad:ac:d9:cb:b7:1b:a6:73:26:02:c1:1d:
                    b6:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:83:F1:02:B7:9B:C1:DC:96:6E:FE:10:4F:B9:BD:C7:84:F7:FD:89
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/aec5606d-b8a4-46f2-b7ce-1d6f75bef390.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.100.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         96:fa:ce:28:b4:5f:73:71:5c:8c:10:5c:e8:b6:ac:b8:13:18:
         d7:f1:56:b7:09:52:30:af:26:a9:3b:66:81:6e:c5:c1:4f:3d:
         95:52:af:30:7c:52:5e:4a:fa:6f:25:ac:fc:0f:02:a9:06:ab:
         12:16:ad:76:a0:e0:4b:a6:c2:e6:0a:d6:77:7f:fd:d5:63:c4:
         41:2e:86:94:9f:86:52:e6:66:b5:c0:b8:1d:ee:e0:67:2c:19:
         73:30:20:a5:28:85:35:d8:cb:88:5b:51:e2:05:dc:db:a1:01:
         86:8e:fb:a1:05:ae:8f:7f:ac:15:22:6f:9c:d9:87:f2:59:d3:
         ad:6a:d2:d5:9f:73:4e:c7:6e:92:8b:f7:25:8f:8a:cf:74:93:
         da:14:6b:92:70:2c:fb:fe:17:69:d5:88:94:4d:05:39:67:ab:
         46:9f:59:d2:16:17:e5:5f:8f:1d:d6:c7:00:cb:99:8b:7d:f6:
         1d:84:78:b2:7e:47:5f:21:64:fe:ac:9c:67:a3:94:c2:80:f7:
         b1:e2:6b:f7:25:af:4d:62:8a:8b:e3:55:50:f0:16:17:33:46:
         28:6f:77:62:f2:6b:e4:15:fc:2b:40:81:cb:d6:48:8a:42:f4:
         4d:45:70:4a:c6:8c:9b:30:9a:b2:02:f3:3d:9f:20:2e:54:22:
         58:9a:f0:e8
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUN/SVjUHL5MLEFtBKbZasjDPp2d4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTAyMDA0MDUzWhcNMjUxMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A3YmNiOWViNjk2NzE2NmE1NDdkZWQwZjc2YmE4YTEwNjEz
NWIwY2Y4NmVhNjFmYzIxOTBlM2VmZTUwZTI5ZjVmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDYtbYOJAZDkgEq+R6z6h3d9BCex+KGPuz4bVKjs2M98Y0g
YyDNEpohXKgtiZiJwmbfETPuR/IfDOX9qs/RtkBTacCKu46i8deoen7TkRtCBY4B
5/c32hwdi3ifUe7b1jm2SRtwX9jPl2JvIiQYest/11PPvo0muQQHtY6r7BuZPxsA
V9x2FDLtZECgzRtSy4PqAshe68ZU/Fc6GiyVT5cjExVruRd9eyznBiSdgtUN96/6
YPbr5qd92tV66ty5Gw9aYh7i7QRzctEjGyqui2YWDEDJ6A3IED48uOJogmFkjB+l
nTYK1RE0lcSDObnX30tCy62s2cu3G6ZzJgLBHbZRAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUxIPxArebwdyWbv4QT7m9x4T3/YkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FlYzU2MDZkLWI4YTQtNDZmMi1iN2NlLTFkNmY3NWJlZjM5MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4ZDANBgkqhkiG9w0BAQsFAAOCAQEAlvrOKLRfc3FcjBBc6LasuBMY1/FW
twlSMK8mqTtmgW7FwU89lVKvMHxSXkr6byWs/A8CqQarEhatdqDgS6bC5grWd3/9
1WPEQS6GlJ+GUuZmtcC4He7gZywZczAgpSiFNdjLiFtR4gXc26EBho77oQWuj3+s
FSJvnNmH8lnTrWrS1Z9zTsdukov3JY+Kz3ST2hRrknAs+/4XadWIlE0FOWerRp9Z
0hYX5V+PHdbHAMuZi332HYR4sn5HXyFk/qycZ6OUwoD3seJr9yWvTWKKi+NVUPAW
FzNGKG93YvJr5BX8K0CBy9ZIikL0TUVwSsaMmzCasgLzPZ8gLlQiWJrw6A==
-----END CERTIFICATE-----