Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/24fc63bc-3295-48be-b7b8-25e6b313cd42.roa
File:                     24fc63bc-3295-48be-b7b8-25e6b313cd42.roa (raw, json)
Hash identifier:          Gd1IZjkNzgM7x7NietElc5qAftWXYPNzmGUzvcAadJ0=
Subject key identifier:   FA:43:01:A8:96:6B:96:80:62:55:3F:83:57:88:A3:BF:9E:91:AD:08
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       667038CB9D1D38C70CC0613D5FA4E9E2E5671E82
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/24fc63bc-3295-48be-b7b8-25e6b313cd42.roa
Signing time:             Tue 07 Oct 2025 15:01:13 +0000
ROA not before:           Tue 07 Oct 2025 15:01:13 +0000
ROA not after:            Tue 11 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.227.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:70:38:cb:9d:1d:38:c7:0c:c0:61:3d:5f:a4:e9:e2:e5:67:1e:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  7 15:01:13 2025 GMT
            Not After : Nov 11 23:59:59 2025 GMT
        Subject: serialNumber=5f61ec4df6bf9db6c37dee9048e42582be6f1babdb24577008a1e9f58b25baa5, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:76:a3:c5:3b:8c:d5:0b:39:8c:c7:35:64:81:
                    f0:f0:f4:bf:96:63:7b:82:ed:50:85:c3:8a:36:34:
                    8e:ed:3d:78:f2:32:7d:62:60:2c:06:ab:2b:3e:d3:
                    78:85:d5:30:4d:73:51:bd:ab:d3:59:ec:bb:77:b5:
                    b2:f1:5a:e5:33:5f:d4:51:90:ac:92:c4:44:6b:4f:
                    cc:c3:e0:62:b7:e0:9e:73:7c:63:8e:5b:7a:c7:0f:
                    dd:8f:22:09:58:95:3f:01:89:5e:6c:72:e6:a9:d1:
                    11:f0:a8:6e:16:9c:fd:06:6a:30:18:a3:b3:af:fe:
                    b7:96:74:5e:f7:14:f6:9e:1c:6a:17:a2:4a:52:5c:
                    ba:7f:ff:c6:2b:13:76:aa:ac:e9:8e:7f:7d:84:3c:
                    d1:9a:4f:05:7e:ff:6e:bf:f7:6c:47:48:a9:55:d6:
                    17:6b:68:eb:9b:67:81:aa:26:38:85:e7:a0:66:c5:
                    c5:63:b3:00:ba:53:55:2e:e1:9a:c5:80:f7:88:ad:
                    26:06:9a:d9:9c:9e:cb:a8:95:e9:bf:4d:81:b5:34:
                    3a:66:60:a3:57:61:2c:5b:41:60:1b:4b:a9:7d:55:
                    5a:53:6e:7e:9f:9c:5b:a3:62:50:76:25:c9:0b:14:
                    da:64:bc:ef:4c:ba:75:5e:06:42:e9:64:4a:f0:94:
                    63:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:43:01:A8:96:6B:96:80:62:55:3F:83:57:88:A3:BF:9E:91:AD:08
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/24fc63bc-3295-48be-b7b8-25e6b313cd42.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.227.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         6f:d1:8c:0e:06:20:3c:6b:63:da:bf:16:03:2b:c1:f6:89:15:
         6d:62:03:71:bc:6b:4d:b2:74:df:ef:eb:89:7d:69:22:c0:14:
         00:d1:d3:5e:39:2e:af:24:41:06:ca:0d:04:c3:bd:bc:28:4c:
         5a:55:80:92:e8:11:ba:45:35:be:cc:1a:9a:b7:fc:3f:7e:20:
         e3:b8:27:2d:40:07:7f:b7:1d:04:5b:38:ac:77:89:75:b3:fa:
         da:7c:f5:df:04:4e:5e:26:09:68:ea:b8:8b:49:ed:bc:61:ce:
         c4:22:08:27:37:d5:c1:0b:36:06:4b:92:03:df:c9:3c:c1:9c:
         43:ef:ab:bb:bb:39:f7:43:4e:75:be:42:93:72:07:aa:39:df:
         3e:62:58:a2:6a:0d:d7:bc:b8:4b:bd:8a:48:90:1c:90:04:a4:
         5e:aa:2f:17:69:d1:33:59:c1:9c:03:e6:a3:13:a9:af:19:ab:
         d0:4b:fd:e1:40:73:38:67:b8:31:ea:e9:fb:c9:31:41:75:0d:
         08:63:49:c7:b4:31:f0:c5:78:47:de:8c:6c:81:f6:bb:f9:fd:
         32:b8:68:3d:70:93:24:dc:e1:cf:cf:05:b8:df:6f:94:45:f3:
         ed:11:4d:11:8f:29:d1:7f:1d:2b:91:9f:a4:8c:77:bf:8a:f1:
         3e:a8:6b:47
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUZnA4y50dOMcMwGE9X6Tp4uVnHoIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA3MTUwMTEzWhcNMjUxMTExMjM1OTU5
WjB6MUkwRwYDVQQFE0A1ZjYxZWM0ZGY2YmY5ZGI2YzM3ZGVlOTA0OGU0MjU4MmJl
NmYxYmFiZGIyNDU3NzAwOGExZTlmNThiMjViYWE1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCgdqPFO4zVCzmMxzVkgfDw9L+WY3uC7VCFw4o2NI7tPXjy
Mn1iYCwGqys+03iF1TBNc1G9q9NZ7Lt3tbLxWuUzX9RRkKySxERrT8zD4GK34J5z
fGOOW3rHD92PIglYlT8BiV5scuap0RHwqG4WnP0GajAYo7Ov/reWdF73FPaeHGoX
okpSXLp//8YrE3aqrOmOf32EPNGaTwV+/26/92xHSKlV1hdraOubZ4GqJjiF56Bm
xcVjswC6U1Uu4ZrFgPeIrSYGmtmcnsuolem/TYG1NDpmYKNXYSxbQWAbS6l9VVpT
bn6fnFujYlB2JckLFNpkvO9MunVeBkLpZErwlGPbAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU+kMBqJZrloBiVT+DV4ijv56RrQgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI0ZmM2M2JjLTMyOTUtNDhiZS1iN2I4LTI1ZTZiMzEzY2Q0Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA44zANBgkqhkiG9w0BAQsFAAOCAQEAb9GMDgYgPGtj2r8WAyvB9okVbWID
cbxrTbJ03+/riX1pIsAUANHTXjkuryRBBsoNBMO9vChMWlWAkugRukU1vswamrf8
P34g47gnLUAHf7cdBFs4rHeJdbP62nz13wROXiYJaOq4i0ntvGHOxCIIJzfVwQs2
BkuSA9/JPMGcQ++ru7s590NOdb5Ck3IHqjnfPmJYomoN17y4S72KSJAckASkXqov
F2nRM1nBnAPmoxOprxmr0Ev94UBzOGe4Merp+8kxQXUNCGNJx7Qx8MV4R96MbIH2
u/n9MrhoPXCTJNzhz88FuN9vlEXz7RFNEY8p0X8dK5GfpIx3v4rxPqhrRw==
-----END CERTIFICATE-----