Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/10963cb0-949a-4d70-92e8-7ffe7d080a89.roa
File:                     10963cb0-949a-4d70-92e8-7ffe7d080a89.roa (raw, json)
Hash identifier:          HZkvT7L9eOBrTdYhraz67u3Ms2IyPKj3F9RwPtnsUgs=
Subject key identifier:   7B:1D:1F:87:51:5C:49:76:47:45:D1:96:F1:1B:CD:89:9E:04:8E:33
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2746B6DB261C1D9933D5AC4500D50DA5CA1F18C9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/10963cb0-949a-4d70-92e8-7ffe7d080a89.roa
Signing time:             Tue 07 Oct 2025 00:23:19 +0000
ROA not before:           Tue 07 Oct 2025 00:23:19 +0000
ROA not after:            Tue 11 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.15.192.0/18 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:46:b6:db:26:1c:1d:99:33:d5:ac:45:00:d5:0d:a5:ca:1f:18:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  7 00:23:19 2025 GMT
            Not After : Nov 11 23:59:59 2025 GMT
        Subject: serialNumber=38bd119a74e5a86c0fc3ca33c34318d281197f9a69dc3006b9b7153fb706bd5b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:c5:5b:cf:4d:6a:13:3d:0c:4c:f9:6b:c3:ba:
                    95:4b:fe:91:36:45:d4:f5:66:5a:26:5a:e7:ef:66:
                    d9:f2:49:99:d5:77:ea:51:2e:cd:c0:e5:84:cb:8b:
                    b4:5d:65:b1:32:93:54:e7:e8:63:18:36:43:b0:6e:
                    94:14:a0:ca:ce:7f:14:dc:d2:e9:d0:32:0a:2b:b3:
                    7c:8b:5b:1e:05:5f:89:2e:ec:ec:d3:1b:2f:29:ac:
                    2a:ff:02:1d:a2:97:8e:51:d8:68:2c:27:db:d3:f8:
                    9a:d0:02:e0:db:24:09:ce:c4:1c:48:22:fe:a5:7d:
                    32:8b:6d:a1:eb:0c:31:c0:4d:53:a1:9c:14:fd:1d:
                    07:90:d5:8d:4d:d8:f5:9f:c8:d5:32:0d:d0:00:32:
                    2b:9f:1b:15:85:a5:91:12:e0:12:ad:eb:df:00:43:
                    21:c3:cb:de:1a:bb:50:7e:d7:9c:6e:37:35:7e:84:
                    c8:ef:ca:0c:3f:44:49:10:c6:48:ed:34:56:f6:05:
                    75:a2:ca:d1:6d:58:44:73:26:f9:cf:8d:c7:a2:9f:
                    72:28:cd:72:6d:3c:ad:4d:0f:98:88:e2:40:f1:a9:
                    c5:01:82:10:06:70:50:22:e6:ad:9d:b7:e9:45:67:
                    6b:e0:5a:d6:86:4c:3b:44:82:9d:8c:1a:e2:42:a1:
                    1a:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:1D:1F:87:51:5C:49:76:47:45:D1:96:F1:1B:CD:89:9E:04:8E:33
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/10963cb0-949a-4d70-92e8-7ffe7d080a89.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.15.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         99:d7:3e:36:02:22:d7:90:dd:0d:3f:47:72:44:35:49:f3:d5:
         18:4e:78:2c:ad:d8:ee:f9:4c:90:ea:e6:06:83:f7:00:e8:71:
         70:77:96:07:1a:e3:1f:08:c5:7a:c5:cb:46:37:a4:45:ce:a1:
         f5:ab:b7:ce:0d:28:e3:4b:18:54:5a:fb:ad:9d:ca:06:fa:ee:
         6a:fc:0a:3a:c8:4e:e7:48:79:5b:8a:8c:63:72:8a:51:02:0f:
         fe:15:52:bf:d1:c8:4d:75:74:91:6c:cd:6d:36:72:cd:56:09:
         2e:f7:0e:c7:eb:e0:97:a4:c6:e4:c3:c4:89:1b:a0:a1:bf:fb:
         bc:4d:40:30:16:ec:d3:cb:6f:64:e0:64:65:13:94:66:49:30:
         ed:da:16:f8:8b:60:61:13:e5:d6:cf:77:4d:c3:10:a1:8b:77:
         c3:27:36:f4:2d:0a:28:ae:5e:7f:be:14:16:12:35:31:9e:a1:
         0c:c6:b3:4e:d9:a0:d6:90:a1:d6:36:b1:56:f9:95:00:cb:fd:
         a6:c7:86:34:d0:13:ff:dc:75:8a:7d:95:72:3a:8b:de:6a:53:
         6a:66:fe:ba:09:7a:14:29:e2:b3:bf:ba:4c:64:21:a8:40:00:
         4f:ac:ec:03:02:0d:9c:0c:01:eb:38:c6:ed:37:04:3a:4c:36:
         33:99:e1:0b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJ0a22yYcHZkz1axFANUNpcofGMkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA3MDAyMzE5WhcNMjUxMTExMjM1OTU5
WjB6MUkwRwYDVQQFE0AzOGJkMTE5YTc0ZTVhODZjMGZjM2NhMzNjMzQzMThkMjgx
MTk3ZjlhNjlkYzMwMDZiOWI3MTUzZmI3MDZiZDViMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDYxVvPTWoTPQxM+WvDupVL/pE2RdT1ZlomWufvZtnySZnV
d+pRLs3A5YTLi7RdZbEyk1Tn6GMYNkOwbpQUoMrOfxTc0unQMgors3yLWx4FX4ku
7OzTGy8prCr/Ah2il45R2GgsJ9vT+JrQAuDbJAnOxBxIIv6lfTKLbaHrDDHATVOh
nBT9HQeQ1Y1N2PWfyNUyDdAAMiufGxWFpZES4BKt698AQyHDy94au1B+15xuNzV+
hMjvygw/REkQxkjtNFb2BXWiytFtWERzJvnPjcein3IozXJtPK1ND5iI4kDxqcUB
ghAGcFAi5q2dt+lFZ2vgWtaGTDtEgp2MGuJCoRr1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUex0fh1FcSXZHRdGW8RvNiZ4EjjMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzEwOTYzY2IwLTk0OWEtNGQ3MC05MmU4LTdmZmU3ZDA4MGE4OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAYQD8AwDQYJKoZIhvcNAQELBQADggEBAJnXPjYCIteQ3Q0/R3JENUnz1RhO
eCyt2O75TJDq5gaD9wDocXB3lgca4x8IxXrFy0Y3pEXOofWrt84NKONLGFRa+62d
ygb67mr8CjrITudIeVuKjGNyilECD/4VUr/RyE11dJFszW02cs1WCS73Dsfr4Jek
xuTDxIkboKG/+7xNQDAW7NPLb2TgZGUTlGZJMO3aFviLYGET5dbPd03DEKGLd8Mn
NvQtCiiuXn++FBYSNTGeoQzGs07ZoNaQodY2sVb5lQDL/abHhjTQE//cdYp9lXI6
i95qU2pm/roJehQp4rO/ukxkIahAAE+s7AMCDZwMAes4xu03BDpMNjOZ4Qs=
-----END CERTIFICATE-----