Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9673500a-78b0-40cf-bd15-b5632ba4f401.roa
File:                     9673500a-78b0-40cf-bd15-b5632ba4f401.roa (raw, json)
Hash identifier:          F67ENN3je2s0ZnzUttxPdjgRn4Kq8wgBpJnCdsxh8oU=
Subject key identifier:   1E:54:12:E2:D1:CC:80:42:B2:C9:0B:C0:1F:96:EE:71:DF:E0:AD:5B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       425DC5AAE59D36543B0D1837D9FB9D43A80DA7E2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9673500a-78b0-40cf-bd15-b5632ba4f401.roa
Signing time:             Mon 31 Mar 2025 15:31:54 +0000
ROA not before:           Mon 31 Mar 2025 15:31:54 +0000
ROA not after:            Mon 05 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        40.235.192.0/18 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:5d:c5:aa:e5:9d:36:54:3b:0d:18:37:d9:fb:9d:43:a8:0d:a7:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 31 15:31:54 2025 GMT
            Not After : May  5 23:59:59 2025 GMT
        Subject: serialNumber=ddf7278cc236d5c567b5e40723a57d006428660096a04a3cab4867b58fa6b52a, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:5b:d7:15:78:4b:c4:58:f1:49:0c:a2:eb:83:
                    e5:f3:1d:3d:d8:1f:09:83:47:cf:9e:80:53:a7:f0:
                    f8:64:f8:54:b1:06:68:d9:53:b0:da:a8:41:c6:e3:
                    36:82:cc:c6:60:47:44:51:44:47:65:e4:24:b6:c6:
                    95:e9:ec:25:fc:60:17:a0:84:21:c2:36:e1:60:5c:
                    9b:30:20:b7:05:66:9a:8e:f5:a4:21:d0:ea:66:e8:
                    81:e5:6f:29:d1:d7:99:4c:c1:af:28:1f:11:77:60:
                    52:3c:1a:01:50:ed:ed:ec:43:28:ce:69:7c:67:5b:
                    bc:75:7b:35:9e:73:5f:0a:0b:fe:95:86:31:35:83:
                    28:e9:28:bb:3f:1d:d8:34:b4:60:21:57:cc:37:87:
                    dc:97:62:bd:12:b4:98:24:53:81:bd:c5:60:3a:84:
                    72:7b:47:cc:33:e6:20:57:73:69:0d:be:ab:38:60:
                    21:49:99:42:04:95:e3:65:db:60:98:be:7a:14:3d:
                    52:81:42:98:8b:50:f9:dd:e7:2f:8c:6c:56:3e:f1:
                    6d:a9:8b:2a:fb:2f:80:0f:0c:67:ec:71:39:71:b6:
                    8e:81:f5:2a:16:bf:ff:fa:d2:9a:ec:e2:c1:86:1b:
                    21:0b:5d:cc:06:f6:6b:56:53:e3:bf:9e:27:69:51:
                    71:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:54:12:E2:D1:CC:80:42:B2:C9:0B:C0:1F:96:EE:71:DF:E0:AD:5B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9673500a-78b0-40cf-bd15-b5632ba4f401.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  40.235.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         47:6a:26:b8:25:cc:21:68:2e:60:52:b8:db:3c:73:76:6b:3a:
         10:0c:13:1f:f5:0c:61:a0:37:7d:69:c2:56:7e:9e:22:4d:db:
         e8:97:6b:b2:4d:53:44:30:91:93:ee:36:03:11:12:c1:07:18:
         33:5a:66:28:ea:19:01:30:6b:a2:c9:fd:14:ec:8f:4d:9e:77:
         ae:30:b7:90:a3:41:cf:e9:1e:81:3f:72:f5:8c:03:f1:c0:54:
         6d:12:d3:2a:d5:80:fa:9b:97:5d:30:0c:85:01:c2:5b:b1:1a:
         9c:59:21:4b:c2:0e:fd:70:df:cc:de:93:72:e0:c0:83:1b:e0:
         f2:cc:be:54:0a:26:6d:20:5c:6d:3b:23:e0:d8:d2:b5:73:0b:
         74:48:d7:70:bb:77:3d:0d:88:ce:bb:f8:c2:d7:98:b4:fd:df:
         23:5d:27:fb:3c:fb:cc:b4:8e:39:51:50:7b:6c:73:11:70:3c:
         44:8a:3d:73:65:26:54:6a:2d:6a:40:17:7a:c9:6b:83:a6:80:
         9d:c1:a8:09:69:c9:69:3e:35:44:1b:26:4c:90:42:dd:09:3e:
         e7:2f:1a:bf:c1:01:1a:f8:cc:52:6d:32:ed:e6:4d:69:35:be:
         50:b5:eb:d2:b7:9c:67:ed:d5:4e:26:eb:17:1d:8a:9e:5a:23:
         8c:04:29:87
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQl3FquWdNlQ7DRg32fudQ6gNp+IwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzMxMTUzMTU0WhcNMjUwNTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BkZGY3Mjc4Y2MyMzZkNWM1NjdiNWU0MDcyM2E1N2QwMDY0
Mjg2NjAwOTZhMDRhM2NhYjQ4NjdiNThmYTZiNTJhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDTW9cVeEvEWPFJDKLrg+XzHT3YHwmDR8+egFOn8Phk+FSx
BmjZU7DaqEHG4zaCzMZgR0RRREdl5CS2xpXp7CX8YBeghCHCNuFgXJswILcFZpqO
9aQh0Opm6IHlbynR15lMwa8oHxF3YFI8GgFQ7e3sQyjOaXxnW7x1ezWec18KC/6V
hjE1gyjpKLs/Hdg0tGAhV8w3h9yXYr0StJgkU4G9xWA6hHJ7R8wz5iBXc2kNvqs4
YCFJmUIEleNl22CYvnoUPVKBQpiLUPnd5y+MbFY+8W2piyr7L4APDGfscTlxto6B
9SoWv//60prs4sGGGyELXcwG9mtWU+O/nidpUXEJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUHlQS4tHMgEKyyQvAH5bucd/grVswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk2NzM1MDBhLTc4YjAtNDBjZi1iZDE1LWI1NjMyYmE0ZjQwMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAYo68AwDQYJKoZIhvcNAQELBQADggEBAEdqJrglzCFoLmBSuNs8c3ZrOhAM
Ex/1DGGgN31pwlZ+niJN2+iXa7JNU0QwkZPuNgMREsEHGDNaZijqGQEwa6LJ/RTs
j02ed64wt5CjQc/pHoE/cvWMA/HAVG0S0yrVgPqbl10wDIUBwluxGpxZIUvCDv1w
38zek3LgwIMb4PLMvlQKJm0gXG07I+DY0rVzC3RI13C7dz0NiM67+MLXmLT93yNd
J/s8+8y0jjlRUHtscxFwPESKPXNlJlRqLWpAF3rJa4OmgJ3BqAlpyWk+NUQbJkyQ
Qt0JPucvGr/BARr4zFJtMu3mTWk1vlC169K3nGft1U4m6xcdip5aI4wEKYc=
-----END CERTIFICATE-----
Generated at Tue Apr 15 19:19:14 2025 by rpki-client on console.sobornost.net