Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b17b3aba-3a43-4d0b-a3eb-5e76518c1287.roa
File:                     b17b3aba-3a43-4d0b-a3eb-5e76518c1287.roa (raw, json)
Hash identifier:          yoyDbHIKeRtc3SX1mF/0eqfX5dtYELxuqA3QBxrIx9Y=
Subject key identifier:   89:89:FA:29:37:96:D2:CA:72:C1:15:0A:89:FF:59:12:CC:5E:40:48
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0C075AD1777020513FF9872CBFF63C737D26C6B4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b17b3aba-3a43-4d0b-a3eb-5e76518c1287.roa
Signing time:             Fri 31 Oct 2025 00:10:36 +0000
ROA not before:           Fri 31 Oct 2025 00:10:36 +0000
ROA not after:            Fri 05 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.128.64.0/20 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:07:5a:d1:77:70:20:51:3f:f9:87:2c:bf:f6:3c:73:7d:26:c6:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 31 00:10:36 2025 GMT
            Not After : Dec  5 23:59:59 2025 GMT
        Subject: serialNumber=cdd06e49cc59cff6c5cd52db4a4f66a91e622dee1cbff1fc4895291afca9d2e6, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:b2:7c:18:15:39:08:35:12:c5:7a:e4:35:fb:
                    d7:18:51:63:15:66:a6:54:2f:90:e8:c4:f9:20:dc:
                    9d:ca:2b:2d:9e:28:eb:c6:a3:45:cd:84:9b:52:40:
                    61:a9:58:8f:9b:df:5c:f9:0e:c4:b7:e5:6b:b3:d2:
                    1e:80:ef:19:6f:e1:34:da:29:03:8d:79:e0:73:b4:
                    5a:7e:59:97:2e:71:27:d9:9e:0e:58:19:09:65:8e:
                    fd:8b:67:e1:44:f5:82:47:cf:e4:64:7c:dd:f7:b8:
                    2a:7c:70:13:ee:14:7c:ae:93:b9:0f:fd:48:fd:6f:
                    92:34:27:bd:21:74:86:0b:92:a2:6f:bb:84:46:cf:
                    6c:16:f3:97:ea:f8:6f:83:a9:4e:29:0d:77:cc:ae:
                    30:53:32:4c:6f:b8:f1:6f:bd:c8:24:f0:95:02:bf:
                    b4:84:ac:7e:2f:c5:ea:f9:e0:68:b6:1b:ac:8b:52:
                    de:ab:36:96:be:8b:a5:03:f7:0d:a7:00:28:4a:a6:
                    f2:2f:b7:8d:24:87:38:d7:8f:a4:5d:f1:ec:44:5b:
                    65:c5:10:bd:8c:df:42:ef:08:81:c0:5b:ed:c4:a4:
                    3f:e6:91:ad:27:29:2c:b1:98:2d:7d:01:ed:0f:c4:
                    79:a8:21:88:be:f2:7f:ed:f7:24:15:44:4e:4e:42:
                    16:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:89:FA:29:37:96:D2:CA:72:C1:15:0A:89:FF:59:12:CC:5E:40:48
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b17b3aba-3a43-4d0b-a3eb-5e76518c1287.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.128.64.0/20

    Signature Algorithm: sha256WithRSAEncryption
         1d:e5:a2:75:d5:c7:29:46:c3:04:a2:15:3e:29:df:55:89:de:
         9c:43:c9:f1:90:6f:a1:a2:47:fb:3f:b3:59:5a:d4:f9:ab:eb:
         af:3e:8c:72:81:4e:f0:8b:46:e3:87:1b:33:a3:69:6d:00:7b:
         7a:50:e3:04:b7:6d:b2:d0:0d:a2:f0:ae:34:cf:37:2f:7f:03:
         73:4f:26:dc:e3:1f:99:f0:a6:69:9d:c0:82:4b:2b:50:10:42:
         2a:46:07:36:6c:6b:05:2f:c8:fb:b4:7d:c8:6d:c6:9d:1d:70:
         12:d5:a1:8e:ae:4e:24:10:53:b1:cd:71:d1:23:ba:3f:60:c3:
         b3:46:42:90:af:1b:57:30:5c:e3:a3:a1:f3:c2:be:3c:f4:64:
         50:b1:6e:76:b2:3d:a2:92:ec:f3:fc:bd:1d:5e:73:74:cf:8e:
         df:f2:3c:d1:b0:91:5c:2c:10:b8:4c:6b:75:15:3c:1a:e6:5d:
         76:d5:e3:8b:5e:46:1c:2a:ef:9f:71:90:45:3d:48:7e:b0:db:
         88:7f:02:50:6f:f4:cf:7a:2c:34:ea:ec:8e:37:0b:64:21:28:
         d2:71:1a:8e:8c:33:30:19:a5:d3:3a:1c:46:9b:94:63:ef:33:
         fb:20:33:3a:7a:1b:1e:81:40:7a:f7:72:38:9f:60:34:40:5d:
         17:61:13:e0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDAda0XdwIFE/+Ycsv/Y8c30mxrQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDMxMDAxMDM2WhcNMjUxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BjZGQwNmU0OWNjNTljZmY2YzVjZDUyZGI0YTRmNjZhOTFl
NjIyZGVlMWNiZmYxZmM0ODk1MjkxYWZjYTlkMmU2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDAsnwYFTkINRLFeuQ1+9cYUWMVZqZUL5DoxPkg3J3KKy2e
KOvGo0XNhJtSQGGpWI+b31z5DsS35Wuz0h6A7xlv4TTaKQONeeBztFp+WZcucSfZ
ng5YGQlljv2LZ+FE9YJHz+RkfN33uCp8cBPuFHyuk7kP/Uj9b5I0J70hdIYLkqJv
u4RGz2wW85fq+G+DqU4pDXfMrjBTMkxvuPFvvcgk8JUCv7SErH4vxer54Gi2G6yL
Ut6rNpa+i6UD9w2nAChKpvIvt40khzjXj6Rd8exEW2XFEL2M30LvCIHAW+3EpD/m
ka0nKSyxmC19Ae0PxHmoIYi+8n/t9yQVRE5OQhYnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUiYn6KTeW0spywRUKif9ZEsxeQEgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2IxN2IzYWJhLTNhNDMtNGQwYi1hM2ViLTVlNzY1MThjMTI4Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQNgEAwDQYJKoZIhvcNAQELBQADggEBAB3lonXVxylGwwSiFT4p31WJ3pxD
yfGQb6GiR/s/s1la1Pmr668+jHKBTvCLRuOHGzOjaW0Ae3pQ4wS3bbLQDaLwrjTP
Ny9/A3NPJtzjH5nwpmmdwIJLK1AQQipGBzZsawUvyPu0fchtxp0dcBLVoY6uTiQQ
U7HNcdEjuj9gw7NGQpCvG1cwXOOjofPCvjz0ZFCxbnayPaKS7PP8vR1ec3TPjt/y
PNGwkVwsELhMa3UVPBrmXXbV44teRhwq759xkEU9SH6w24h/AlBv9M96LDTq7I43
C2QhKNJxGo6MMzAZpdM6HEablGPvM/sgMzp6Gx6BQHr3cjifYDRAXRdhE+A=
-----END CERTIFICATE-----