Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d2da1583-5ebe-4a18-8fcd-9a78b9bcefd7.roa
File:                     d2da1583-5ebe-4a18-8fcd-9a78b9bcefd7.roa (raw, json)
Hash identifier:          hB1m3f125/c2EnsgaPpIV6CUkmD8wxG/kDW1/nB6J0o=
Subject key identifier:   B2:06:78:AB:FD:BE:91:2B:63:52:1B:1A:D1:49:0C:D8:06:46:3E:1C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       084EB92501D2149E871E29F13566D02EDB4DD8E1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d2da1583-5ebe-4a18-8fcd-9a78b9bcefd7.roa
Signing time:             Sun 02 Nov 2025 00:31:14 +0000
ROA not before:           Sun 02 Nov 2025 00:31:14 +0000
ROA not after:            Sun 07 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.59.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:4e:b9:25:01:d2:14:9e:87:1e:29:f1:35:66:d0:2e:db:4d:d8:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  2 00:31:14 2025 GMT
            Not After : Dec  7 23:59:59 2025 GMT
        Subject: serialNumber=ba4ae14b4656e4548c3a4a1a9e09d3e95e219d1b73cc7e97ed78b6c6dbe47a00, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:ad:4e:27:75:b4:61:5e:bf:bc:8c:7a:35:93:
                    87:b7:66:7a:c6:c0:fe:85:8f:b2:19:c9:8f:ba:90:
                    ff:21:2f:77:38:81:21:e0:72:56:d6:0f:95:ea:f6:
                    f6:05:03:dc:eb:3f:00:64:32:2e:08:ef:ca:f2:54:
                    22:91:1d:6c:a5:a2:7a:da:3a:36:64:48:f3:e5:43:
                    b3:c9:bb:f5:84:4e:56:a5:d7:29:c5:71:7e:30:6a:
                    3c:d9:14:6b:02:2f:8f:c3:0e:3d:76:8c:2f:be:9c:
                    60:fa:e2:21:80:83:6d:3a:6e:9e:d3:67:6a:f8:36:
                    4f:7f:71:0e:c4:9e:44:34:48:be:88:3f:21:bd:68:
                    34:ef:c4:58:f1:bb:43:6b:2c:16:ff:77:8a:0a:bc:
                    6c:f6:cc:90:08:c1:eb:4d:7f:69:5d:1b:b2:6d:bd:
                    c3:61:af:c9:c3:8f:2e:5c:9b:33:eb:0d:b6:fb:dd:
                    1a:81:ee:2c:97:21:c7:49:1b:6b:44:41:f4:eb:bb:
                    e8:fe:a6:42:8d:46:01:9e:68:ed:cd:c0:35:7e:f4:
                    e6:89:3f:99:bd:ae:15:5e:ef:5c:98:4b:e2:6c:57:
                    bb:08:eb:9e:6d:8f:6a:00:79:2c:f9:90:10:65:fe:
                    6e:b7:18:a5:e5:cd:72:49:2a:88:86:85:5e:26:c0:
                    f3:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:06:78:AB:FD:BE:91:2B:63:52:1B:1A:D1:49:0C:D8:06:46:3E:1C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d2da1583-5ebe-4a18-8fcd-9a78b9bcefd7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.59.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         20:17:57:a1:d9:57:41:e0:47:45:7a:49:20:44:55:49:aa:0e:
         4c:f8:f4:05:8f:97:0a:55:cc:c6:d9:80:44:92:e2:f2:2c:9b:
         bc:cc:93:6d:88:42:f1:71:14:a0:1d:4d:da:9f:7a:64:60:6a:
         0e:df:48:a5:6d:d7:b3:0f:2c:02:d9:d3:0e:ff:79:e9:1d:49:
         e9:a4:85:12:28:97:71:76:ce:c9:48:45:35:4d:ab:ec:01:3b:
         93:07:2c:2c:6c:d7:ea:08:15:03:02:d5:8c:69:f1:af:b8:a6:
         14:e3:84:43:2d:70:05:1b:ac:52:5f:97:98:74:44:c3:e8:59:
         d1:3b:62:e2:96:fe:cb:ff:a2:6e:a0:40:26:77:3c:4c:d7:89:
         c8:02:69:3f:fe:45:b5:40:83:c0:b1:82:e3:c3:a6:31:27:87:
         ca:85:af:2a:63:2d:1a:62:7b:ce:96:63:b2:0b:04:b7:49:f4:
         80:31:01:9b:95:1e:57:f3:90:93:6f:ad:e2:83:38:06:6e:50:
         d1:ad:49:9a:11:fe:17:15:70:ab:47:02:9a:f9:10:4f:ca:6a:
         64:ee:06:e5:a9:cf:1f:df:33:9f:3c:05:75:55:85:d7:dd:92:
         41:2e:08:e5:23:0e:84:49:e0:8d:56:86:e6:c9:ae:33:a7:e1:
         6e:f5:98:dd
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUCE65JQHSFJ6HHinxNWbQLttN2OEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTAyMDAzMTE0WhcNMjUxMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BiYTRhZTE0YjQ2NTZlNDU0OGMzYTRhMWE5ZTA5ZDNlOTVl
MjE5ZDFiNzNjYzdlOTdlZDc4YjZjNmRiZTQ3YTAwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDxrU4ndbRhXr+8jHo1k4e3ZnrGwP6Fj7IZyY+6kP8hL3c4
gSHgclbWD5Xq9vYFA9zrPwBkMi4I78ryVCKRHWylonraOjZkSPPlQ7PJu/WETlal
1ynFcX4wajzZFGsCL4/DDj12jC++nGD64iGAg206bp7TZ2r4Nk9/cQ7EnkQ0SL6I
PyG9aDTvxFjxu0NrLBb/d4oKvGz2zJAIwetNf2ldG7JtvcNhr8nDjy5cmzPrDbb7
3RqB7iyXIcdJG2tEQfTru+j+pkKNRgGeaO3NwDV+9OaJP5m9rhVe71yYS+JsV7sI
655tj2oAeSz5kBBl/m63GKXlzXJJKoiGhV4mwPP9AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUsgZ4q/2+kStjUhsa0UkM2AZGPhwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2QyZGExNTgzLTVlYmUtNGExOC04ZmNkLTlhNzhiOWJjZWZkNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQOzANBgkqhkiG9w0BAQsFAAOCAQEAIBdXodlXQeBHRXpJIERVSaoOTPj0
BY+XClXMxtmARJLi8iybvMyTbYhC8XEUoB1N2p96ZGBqDt9IpW3Xsw8sAtnTDv95
6R1J6aSFEiiXcXbOyUhFNU2r7AE7kwcsLGzX6ggVAwLVjGnxr7imFOOEQy1wBRus
Ul+XmHREw+hZ0Tti4pb+y/+ibqBAJnc8TNeJyAJpP/5FtUCDwLGC48OmMSeHyoWv
KmMtGmJ7zpZjsgsEt0n0gDEBm5UeV/OQk2+t4oM4Bm5Q0a1JmhH+FxVwq0cCmvkQ
T8pqZO4G5anPH98znzwFdVWF192SQS4I5SMOhEngjVaG5smuM6fhbvWY3Q==
-----END CERTIFICATE-----