Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/05c4765b-4799-4565-ad48-4904ecc48754.roa
File:                     05c4765b-4799-4565-ad48-4904ecc48754.roa (raw, json)
Hash identifier:          jeu3/m1iBAZ4dMV3DFAUtDE5Ke+Il21rOZ1CqDwxkGo=
Subject key identifier:   47:5B:B8:14:67:D2:05:6D:65:0B:FB:FB:93:E8:CA:1F:98:8E:4A:9D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       587633BA05A8D42EF1881CB9DCB56723CA760249
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/05c4765b-4799-4565-ad48-4904ecc48754.roa
Signing time:             Sat 11 Oct 2025 00:42:39 +0000
ROA not before:           Sat 11 Oct 2025 00:42:39 +0000
ROA not after:            Sat 15 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        216.87.216.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:76:33:ba:05:a8:d4:2e:f1:88:1c:b9:dc:b5:67:23:ca:76:02:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 11 00:42:39 2025 GMT
            Not After : Nov 15 23:59:59 2025 GMT
        Subject: serialNumber=8c036a4202a7c074e6fd095815d990d50102392235244d6aa314bef39b03cfa2, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:ba:f9:0a:75:b4:ab:38:76:12:23:de:77:c9:
                    a4:80:31:30:e8:9f:09:75:69:52:e4:14:e0:ce:b4:
                    53:06:1d:e8:df:55:b5:34:14:b2:32:95:fd:ce:38:
                    32:56:b0:51:68:10:a3:4b:f0:40:e7:4b:f2:89:91:
                    d0:ea:54:5e:74:cb:1b:4c:11:90:a2:c6:b6:95:38:
                    02:de:49:e5:57:2f:1b:5e:e1:e9:c0:76:9c:8c:90:
                    7f:25:f5:30:a3:4a:e9:8f:29:d2:e6:b6:6c:33:a7:
                    b6:9b:60:4a:1b:1c:3e:1e:ea:ca:45:a0:8b:04:89:
                    c7:68:45:d6:6c:6b:94:f1:ba:fc:52:90:ec:4f:5b:
                    23:fe:db:99:1e:0f:38:d6:e4:16:01:cb:a2:ee:c8:
                    d7:35:cb:ca:b8:72:75:b0:47:14:6e:8d:96:4c:81:
                    5d:b9:ab:5e:01:38:d0:8c:10:3a:d6:ca:07:07:98:
                    9b:60:f7:fb:12:cc:29:17:27:fd:12:0e:4c:62:56:
                    52:58:9f:d5:f6:6b:0e:ea:17:6c:b1:29:20:33:ba:
                    85:3b:ff:f5:8f:a5:30:6d:35:55:d7:51:d5:71:12:
                    7e:e8:82:0a:10:f8:dc:df:c7:86:94:07:a0:c1:da:
                    fe:7c:81:06:4c:15:18:f4:a7:a7:5e:e0:ea:6a:fd:
                    43:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:5B:B8:14:67:D2:05:6D:65:0B:FB:FB:93:E8:CA:1F:98:8E:4A:9D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/05c4765b-4799-4565-ad48-4904ecc48754.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.87.216.0/22

    Signature Algorithm: sha256WithRSAEncryption
         67:f8:8c:e8:a6:da:fd:fe:cc:b0:88:f5:06:1f:6a:18:89:82:
         1e:7e:e7:6d:06:d9:24:10:e2:fe:1b:b0:9e:14:ab:b5:5b:a1:
         7a:8b:40:d6:a1:f8:d8:e1:16:51:1d:bc:a6:f7:87:7f:af:07:
         87:56:12:43:32:c0:2a:ff:d7:cb:ae:6d:e9:06:9e:d0:39:06:
         8c:6e:55:79:4f:b6:23:72:0c:0f:1d:57:1a:41:68:09:b4:bf:
         ce:2f:85:73:51:1e:76:6d:86:6b:a5:be:55:dd:24:43:87:91:
         7b:9f:0d:ce:86:e8:d5:a0:40:66:24:10:9d:e4:c6:cf:5f:b2:
         8f:f6:1b:46:72:36:f6:40:e9:58:f6:75:dd:9e:f5:aa:2a:16:
         8d:03:5d:04:3e:be:2e:b3:66:06:c0:48:a7:95:d4:f4:e8:43:
         9b:22:0b:42:70:78:82:c5:24:d5:2e:bc:d8:ac:56:cf:80:ed:
         30:83:aa:bc:d2:1b:50:9b:3a:a6:0c:69:44:37:ec:f2:64:1f:
         97:31:35:53:72:6f:08:0d:fa:f3:9e:6a:38:26:53:cd:75:06:
         18:72:10:10:7a:fe:04:28:5c:8f:b2:cb:7a:7c:9c:90:1f:9e:
         d7:ab:5d:dd:6b:03:7e:6a:63:d8:3a:e9:c6:2a:7e:d5:77:f7:
         21:99:24:5b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUWHYzugWo1C7xiBy53LVnI8p2AkkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDExMDA0MjM5WhcNMjUxMTE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A4YzAzNmE0MjAyYTdjMDc0ZTZmZDA5NTgxNWQ5OTBkNTAx
MDIzOTIyMzUyNDRkNmFhMzE0YmVmMzliMDNjZmEyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCouvkKdbSrOHYSI953yaSAMTDonwl1aVLkFODOtFMGHejf
VbU0FLIylf3OODJWsFFoEKNL8EDnS/KJkdDqVF50yxtMEZCixraVOALeSeVXLxte
4enAdpyMkH8l9TCjSumPKdLmtmwzp7abYEobHD4e6spFoIsEicdoRdZsa5TxuvxS
kOxPWyP+25keDzjW5BYBy6LuyNc1y8q4cnWwRxRujZZMgV25q14BONCMEDrWygcH
mJtg9/sSzCkXJ/0SDkxiVlJYn9X2aw7qF2yxKSAzuoU7//WPpTBtNVXXUdVxEn7o
ggoQ+Nzfx4aUB6DB2v58gQZMFRj0p6de4Opq/UNtAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUR1u4FGfSBW1lC/v7k+jKH5iOSp0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzA1YzQ3NjViLTQ3OTktNDU2NS1hZDQ4LTQ5MDRlY2M0ODc1NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALYV9gwDQYJKoZIhvcNAQELBQADggEBAGf4jOim2v3+zLCI9QYfahiJgh5+
520G2SQQ4v4bsJ4Uq7VboXqLQNah+NjhFlEdvKb3h3+vB4dWEkMywCr/18uubekG
ntA5BoxuVXlPtiNyDA8dVxpBaAm0v84vhXNRHnZthmulvlXdJEOHkXufDc6G6NWg
QGYkEJ3kxs9fso/2G0ZyNvZA6Vj2dd2e9aoqFo0DXQQ+vi6zZgbASKeV1PToQ5si
C0JweILFJNUuvNisVs+A7TCDqrzSG1CbOqYMaUQ37PJkH5cxNVNybwgN+vOeajgm
U811BhhyEBB6/gQoXI+yy3p8nJAfnterXd1rA35qY9g66cYqftV39yGZJFs=
-----END CERTIFICATE-----