Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/11aab549-ced0-4ada-9748-9d58cb0c1eb7.roa
File:                     11aab549-ced0-4ada-9748-9d58cb0c1eb7.roa (raw, json)
Hash identifier:          jdA18SylFQwdgiHBfScTJFIZGc2gGrohB6Hwd3uMRhI=
Subject key identifier:   F6:DB:B9:DC:1F:32:44:2E:D5:BB:52:BC:5C:D8:B0:FC:D2:F4:C0:BE
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       53CC99A69B60F1F5B1400241CE34A31C232244EF
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/11aab549-ced0-4ada-9748-9d58cb0c1eb7.roa
Signing time:             Mon 06 Oct 2025 15:22:02 +0000
ROA not before:           Mon 06 Oct 2025 15:22:02 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.146.0.0/16 maxlen: 16
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:cc:99:a6:9b:60:f1:f5:b1:40:02:41:ce:34:a3:1c:23:22:44:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  6 15:22:02 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=43990b668edb00c2d07cafc8d244088303d68089a3f856e006f9a5bd21947865, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:f2:26:cb:7c:58:a0:50:e0:e7:3e:95:13:fa:
                    af:66:fd:48:42:31:bc:d3:1d:af:b7:30:1e:d9:d2:
                    a8:e5:8b:96:b5:02:f2:1b:fb:d3:2d:16:54:9c:ca:
                    c0:52:fe:62:85:9b:2f:4a:af:2c:12:23:26:88:2e:
                    75:b7:e2:74:61:fb:ec:01:59:b8:81:a1:77:68:55:
                    6f:e3:26:fd:c0:d5:90:ae:d5:bd:30:ec:ab:36:ab:
                    00:2e:63:09:47:2a:f8:f4:90:a2:ff:0f:33:01:63:
                    83:c0:9f:2d:e3:19:54:80:3f:3c:40:8d:03:40:85:
                    bd:7f:78:c3:6a:19:f5:cd:12:1d:34:40:fe:07:e8:
                    61:a6:87:55:db:35:5a:75:7f:16:61:48:e9:40:72:
                    5d:9d:d0:22:1b:55:15:c8:d8:94:cb:54:e4:2a:38:
                    a4:ce:12:71:cc:91:28:bc:b5:eb:5b:89:02:4f:2f:
                    0c:92:80:49:d8:b8:21:a3:48:f9:f3:24:26:e5:5b:
                    15:14:7a:1a:d1:b1:30:29:30:2c:cd:b4:99:71:d7:
                    8c:d3:4d:10:84:e8:05:4b:ee:97:34:7c:6d:cb:21:
                    4d:b5:36:a3:e5:93:9c:6f:2a:b5:26:d8:80:7c:2b:
                    27:9f:f9:ad:9f:de:64:d8:49:ae:8e:68:92:d3:62:
                    2c:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:DB:B9:DC:1F:32:44:2E:D5:BB:52:BC:5C:D8:B0:FC:D2:F4:C0:BE
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/11aab549-ced0-4ada-9748-9d58cb0c1eb7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.146.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         8d:af:6c:3b:ee:97:4f:bf:02:6e:f6:ea:01:e9:f1:0b:12:03:
         4f:2b:c3:99:4d:3d:c7:31:71:24:ab:1d:69:fe:37:0e:33:0b:
         92:f8:13:78:08:e1:6f:57:3b:74:93:9b:74:91:6a:62:5d:2c:
         ba:9e:60:69:33:b3:ea:ae:4a:63:6e:a4:43:d2:f9:13:54:9b:
         8d:18:66:76:a7:7e:bd:26:8e:af:4f:0b:f9:cd:e5:e3:c5:22:
         43:e3:d2:db:ee:98:49:74:2d:a7:90:df:3c:e1:09:3a:b0:91:
         f3:94:9b:ba:dd:9f:7d:f1:51:b9:13:68:66:26:53:7f:6a:12:
         a5:77:31:0c:a8:b3:2d:63:f2:a4:33:b2:28:65:de:d0:af:09:
         4f:ff:1b:13:55:37:5b:65:ad:ed:7b:d4:8f:09:e0:b7:21:5a:
         f3:36:74:11:0b:c5:9b:ef:78:57:5a:fc:2c:28:3c:a8:3f:d9:
         26:bc:be:88:6a:be:f9:10:39:53:b6:70:78:b0:ee:d4:2d:41:
         81:2b:e2:00:40:8e:b4:cd:d7:76:77:a9:c2:f8:af:74:b0:f5:
         e6:13:79:e5:b0:0a:0f:46:f2:c3:61:72:f1:ff:91:b5:f1:62:
         d8:4b:19:fb:55:6b:a6:1c:2d:62:49:d7:43:68:3b:41:a3:5e:
         f2:4f:0c:9b
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUU8yZpptg8fWxQAJBzjSjHCMiRO8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA2MTUyMjAyWhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A0Mzk5MGI2NjhlZGIwMGMyZDA3Y2FmYzhkMjQ0MDg4MzAz
ZDY4MDg5YTNmODU2ZTAwNmY5YTViZDIxOTQ3ODY1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDH8ibLfFigUODnPpUT+q9m/UhCMbzTHa+3MB7Z0qjli5a1
AvIb+9MtFlScysBS/mKFmy9KrywSIyaILnW34nRh++wBWbiBoXdoVW/jJv3A1ZCu
1b0w7Ks2qwAuYwlHKvj0kKL/DzMBY4PAny3jGVSAPzxAjQNAhb1/eMNqGfXNEh00
QP4H6GGmh1XbNVp1fxZhSOlAcl2d0CIbVRXI2JTLVOQqOKTOEnHMkSi8tetbiQJP
LwySgEnYuCGjSPnzJCblWxUUehrRsTApMCzNtJlx14zTTRCE6AVL7pc0fG3LIU21
NqPlk5xvKrUm2IB8Kyef+a2f3mTYSa6OaJLTYiwNAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU9tu53B8yRC7Vu1K8XNiw/NL0wL4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzExYWFiNTQ5LWNlZDAtNGFkYS05NzQ4LTlkNThjYjBjMWViNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwANkjANBgkqhkiG9w0BAQsFAAOCAQEAja9sO+6XT78CbvbqAenxCxIDTyvD
mU09xzFxJKsdaf43DjMLkvgTeAjhb1c7dJObdJFqYl0sup5gaTOz6q5KY26kQ9L5
E1SbjRhmdqd+vSaOr08L+c3l48UiQ+PS2+6YSXQtp5DfPOEJOrCR85Sbut2fffFR
uRNoZiZTf2oSpXcxDKizLWPypDOyKGXe0K8JT/8bE1U3W2Wt7XvUjwngtyFa8zZ0
EQvFm+94V1r8LCg8qD/ZJry+iGq++RA5U7ZweLDu1C1BgSviAECOtM3Xdnepwviv
dLD15hN55bAKD0byw2Fy8f+RtfFi2EsZ+1VrphwtYknXQ2g7QaNe8k8Mmw==
-----END CERTIFICATE-----