Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/07dc4f6d-7b9d-49fa-9765-75c8f4dab02a.roa
File:                     07dc4f6d-7b9d-49fa-9765-75c8f4dab02a.roa (raw, json)
Hash identifier:          Q4EaY0vqVInauOwvn5AlJlgYzhM08o3PS+Ez6CNL5Z0=
Subject key identifier:   06:13:87:F4:A3:62:E3:A3:7E:10:43:17:4C:5F:0C:8E:D2:63:22:B3
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       09461AA45C7EBEDA08DE444785534BA5E188E7B6
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/07dc4f6d-7b9d-49fa-9765-75c8f4dab02a.roa
Signing time:             Sat 27 Sep 2025 00:03:13 +0000
ROA not before:           Sat 27 Sep 2025 00:03:13 +0000
ROA not after:            Sat 01 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.76.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:46:1a:a4:5c:7e:be:da:08:de:44:47:85:53:4b:a5:e1:88:e7:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 27 00:03:13 2025 GMT
            Not After : Nov  1 23:59:59 2025 GMT
        Subject: serialNumber=ab07e243c3de6fcccd8274927ceaf753d3fca0c3d0fa043128258e1aff805dff, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:69:c3:ce:94:de:44:b9:e3:a3:f0:56:cf:8e:
                    08:75:f5:50:de:6a:c7:be:c8:c7:34:01:69:c0:c9:
                    f3:e2:b0:36:14:bd:6e:b9:f3:b7:08:2c:99:6e:f8:
                    14:47:88:4d:0c:9a:b0:e1:96:7b:c6:68:fd:90:f9:
                    ac:c7:1a:fe:3a:04:4f:38:5b:af:e7:bc:b6:90:bd:
                    78:cd:58:49:71:ab:00:6f:0e:44:79:d0:39:8e:40:
                    7d:09:58:f9:d8:8e:ad:e1:46:17:dd:43:5d:37:cd:
                    84:3b:ef:85:1d:16:35:fd:24:c8:87:bf:d8:80:f9:
                    98:c8:52:d5:6c:61:4d:7a:c0:4e:a4:09:4f:88:a4:
                    19:95:4f:fe:75:d9:97:5a:f2:45:17:d6:9c:cf:ed:
                    b4:d8:56:93:76:d6:67:63:0e:24:05:3d:69:c1:e9:
                    5e:3c:0c:7e:67:3a:db:2d:35:5d:72:ef:5d:74:cf:
                    94:b4:43:c4:ef:90:18:d4:53:70:d2:11:bf:af:81:
                    89:aa:07:69:8b:a8:2b:df:37:fc:fa:0e:4e:af:c3:
                    e2:d8:c6:6e:a0:b6:47:ac:f0:87:0e:20:3e:af:e0:
                    85:0e:a2:52:bc:8c:80:3b:af:e4:2a:6e:27:77:ce:
                    2c:51:88:03:c7:29:4e:39:d0:43:d1:d6:42:43:04:
                    b0:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:13:87:F4:A3:62:E3:A3:7E:10:43:17:4C:5F:0C:8E:D2:63:22:B3
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/07dc4f6d-7b9d-49fa-9765-75c8f4dab02a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.76.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         d3:cb:73:93:ba:5c:a9:01:80:8b:ea:47:64:e3:57:25:69:a9:
         ca:ae:48:bd:40:f9:22:f8:e1:ec:1f:e7:f9:ee:6f:00:94:11:
         a2:87:b3:10:cb:21:c9:2f:50:e4:a0:f7:d6:36:49:eb:4f:fa:
         57:79:9c:4e:f4:dd:7e:70:d1:c1:53:a1:76:a6:b6:ed:bf:57:
         96:ac:c4:6a:ec:11:92:1a:fe:39:51:cb:4f:15:35:68:d8:ba:
         fa:c8:77:a1:ae:0e:ee:b6:e6:b5:7c:56:c8:a5:c4:79:37:18:
         27:45:8c:6f:58:d6:f1:bd:41:48:70:f9:cc:6f:02:71:8e:9a:
         35:d3:96:34:ed:24:d1:92:7b:81:a1:c6:d5:85:91:bf:74:53:
         28:e6:f7:c5:f2:6e:86:4a:0d:2a:93:c7:d7:87:da:9a:26:f3:
         3d:c1:e2:ce:00:32:a2:21:9c:58:51:0e:75:16:68:1a:2d:5b:
         79:de:05:51:c4:3f:95:29:7a:7d:c0:e1:1e:87:ea:28:70:de:
         7d:2c:34:0e:bb:fb:07:e6:0a:63:26:c8:94:b5:c2:8f:e9:2b:
         8a:08:ce:41:5c:c9:c6:4d:3a:e0:1b:0e:aa:3e:5c:59:8a:05:
         55:f7:f3:0b:2f:73:68:38:9e:ab:11:53:66:92:57:42:9b:12:
         00:a0:f9:82
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUCUYapFx+vtoI3kRHhVNLpeGI57YwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI3MDAwMzEzWhcNMjUxMTAxMjM1OTU5
WjB6MUkwRwYDVQQFE0BhYjA3ZTI0M2MzZGU2ZmNjY2Q4Mjc0OTI3Y2VhZjc1M2Qz
ZmNhMGMzZDBmYTA0MzEyODI1OGUxYWZmODA1ZGZmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDUacPOlN5EueOj8FbPjgh19VDease+yMc0AWnAyfPisDYU
vW6587cILJlu+BRHiE0MmrDhlnvGaP2Q+azHGv46BE84W6/nvLaQvXjNWElxqwBv
DkR50DmOQH0JWPnYjq3hRhfdQ103zYQ774UdFjX9JMiHv9iA+ZjIUtVsYU16wE6k
CU+IpBmVT/512Zda8kUX1pzP7bTYVpN21mdjDiQFPWnB6V48DH5nOtstNV1y7110
z5S0Q8TvkBjUU3DSEb+vgYmqB2mLqCvfN/z6Dk6vw+LYxm6gtkes8IcOID6v4IUO
olK8jIA7r+Qqbid3zixRiAPHKU450EPR1kJDBLAbAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUBhOH9KNi46N+EEMXTF8MjtJjIrMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzA3ZGM0ZjZkLTdiOWQtNDlmYS05NzY1LTc1YzhmNGRhYjAyYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQTDANBgkqhkiG9w0BAQsFAAOCAQEA08tzk7pcqQGAi+pHZONXJWmpyq5I
vUD5Ivjh7B/n+e5vAJQRooezEMshyS9Q5KD31jZJ60/6V3mcTvTdfnDRwVOhdqa2
7b9XlqzEauwRkhr+OVHLTxU1aNi6+sh3oa4O7rbmtXxWyKXEeTcYJ0WMb1jW8b1B
SHD5zG8CcY6aNdOWNO0k0ZJ7gaHG1YWRv3RTKOb3xfJuhkoNKpPH14famibzPcHi
zgAyoiGcWFEOdRZoGi1bed4FUcQ/lSl6fcDhHofqKHDefSw0Drv7B+YKYybIlLXC
j+krigjOQVzJxk064BsOqj5cWYoFVffzCy9zaDieqxFTZpJXQpsSAKD5gg==
-----END CERTIFICATE-----