Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2af70416-397a-4ea4-b7b1-ad7e045c72b6.roa
File:                     2af70416-397a-4ea4-b7b1-ad7e045c72b6.roa (raw, json)
Hash identifier:          FUjyRWyJgaKi2D6Li/YGyhxdyjLjp9PittMEvP8mjUo=
Subject key identifier:   77:9B:6A:07:13:3B:0C:55:98:BA:DF:A1:E2:00:C4:AF:CD:AE:70:28
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1E86B23E626D6CF4B5809ADF661A9A44CA3FDF32
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2af70416-397a-4ea4-b7b1-ad7e045c72b6.roa
Signing time:             Sat 27 Sep 2025 00:21:23 +0000
ROA not before:           Sat 27 Sep 2025 00:21:23 +0000
ROA not after:            Sat 01 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.134.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:86:b2:3e:62:6d:6c:f4:b5:80:9a:df:66:1a:9a:44:ca:3f:df:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 27 00:21:23 2025 GMT
            Not After : Nov  1 23:59:59 2025 GMT
        Subject: serialNumber=3bc78726e2802f0ed55587879d8912a68591867fb4fd878339f7692277cc93fa, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:c5:b0:e8:0b:2c:61:21:7a:31:6c:3b:bf:e7:
                    61:c0:de:b5:4c:15:71:cd:cb:ca:0a:d5:f1:b0:62:
                    58:83:c8:d1:11:90:b3:a3:47:59:ca:00:02:b3:cb:
                    ee:33:26:37:9f:bf:10:08:69:8b:2e:61:f4:1c:8a:
                    1a:5e:8a:72:87:54:75:52:57:3e:d8:6b:b3:8d:0b:
                    39:39:ee:93:a9:85:fd:c2:65:37:63:71:49:b7:57:
                    ea:eb:55:23:a9:9a:f2:4c:be:06:c8:d2:b9:ee:4f:
                    54:cc:ca:19:46:24:20:03:b4:42:94:c1:02:96:77:
                    cc:98:bc:ed:02:1d:ce:aa:af:a4:af:ff:30:a5:c8:
                    a0:3e:14:68:94:25:79:3e:35:e4:67:03:00:e4:e6:
                    30:15:c8:be:81:79:3d:0c:12:77:53:3c:f2:1e:25:
                    de:b8:4f:8b:ff:87:72:4f:e1:5c:90:6d:9d:56:1d:
                    b0:be:f5:99:72:62:40:72:ff:87:b5:be:04:d9:38:
                    c7:b2:7a:68:0d:71:00:04:68:7c:0c:93:26:62:36:
                    7f:d2:6e:70:b1:c1:32:43:8d:76:4d:cb:18:d0:61:
                    fa:9b:cd:b0:c8:89:4f:c1:27:ec:8d:76:ea:b4:f9:
                    c0:90:c2:1c:27:03:62:67:cc:38:9a:2e:65:5c:e9:
                    24:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:9B:6A:07:13:3B:0C:55:98:BA:DF:A1:E2:00:C4:AF:CD:AE:70:28
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2af70416-397a-4ea4-b7b1-ad7e045c72b6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.134.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         58:a7:7b:2a:f1:12:f4:63:f5:5e:e2:83:0e:47:d8:9c:46:a8:
         f2:1e:ef:6a:49:18:46:5c:21:e8:f5:59:01:13:c0:01:e5:83:
         6b:99:70:77:a6:78:b7:7d:d7:77:2a:09:f0:4a:bc:cb:ac:ba:
         13:ad:47:d0:50:ed:1d:16:02:30:39:b3:29:12:2b:53:fe:bd:
         88:30:8d:62:3c:54:50:08:b6:96:7f:49:43:6c:ab:d5:5b:2f:
         85:73:50:3d:e3:f6:cb:fa:79:67:df:9d:d7:e9:d3:32:4f:03:
         81:6c:d5:d5:03:f4:71:1b:bf:53:af:74:62:9c:51:21:0a:47:
         89:ed:3c:56:f6:2f:62:aa:5f:47:2a:d5:58:75:75:1c:dd:b0:
         e5:73:d8:9c:55:e5:24:02:b1:6a:dd:36:09:58:50:18:2f:4f:
         4f:bc:ec:d6:b0:26:e3:23:71:e3:5f:f7:19:6b:b2:89:08:6b:
         c9:3c:ee:e2:e5:9d:c3:41:a1:5b:b8:fa:ba:79:d0:ca:8f:30:
         af:ff:89:bc:5f:fe:00:6e:2b:7a:5a:6e:dd:8c:ce:96:0e:94:
         0e:51:eb:8d:56:26:a9:7b:7b:cb:90:5a:98:83:3a:c9:20:1a:
         9e:fe:e4:c3:7d:72:3f:e2:e2:e0:45:63:1c:25:69:30:20:6e:
         c6:3e:d7:7f
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUHoayPmJtbPS1gJrfZhqaRMo/3zIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI3MDAyMTIzWhcNMjUxMTAxMjM1OTU5
WjB6MUkwRwYDVQQFE0AzYmM3ODcyNmUyODAyZjBlZDU1NTg3ODc5ZDg5MTJhNjg1
OTE4NjdmYjRmZDg3ODMzOWY3NjkyMjc3Y2M5M2ZhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2xbDoCyxhIXoxbDu/52HA3rVMFXHNy8oK1fGwYliDyNER
kLOjR1nKAAKzy+4zJjefvxAIaYsuYfQcihpeinKHVHVSVz7Ya7ONCzk57pOphf3C
ZTdjcUm3V+rrVSOpmvJMvgbI0rnuT1TMyhlGJCADtEKUwQKWd8yYvO0CHc6qr6Sv
/zClyKA+FGiUJXk+NeRnAwDk5jAVyL6BeT0MEndTPPIeJd64T4v/h3JP4VyQbZ1W
HbC+9ZlyYkBy/4e1vgTZOMeyemgNcQAEaHwMkyZiNn/SbnCxwTJDjXZNyxjQYfqb
zbDIiU/BJ+yNduq0+cCQwhwnA2JnzDiaLmVc6SS5AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUd5tqBxM7DFWYut+h4gDEr82ucCgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJhZjcwNDE2LTM5N2EtNGVhNC1iN2IxLWFkN2UwNDVjNzJiNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA2hjANBgkqhkiG9w0BAQsFAAOCAQEAWKd7KvES9GP1XuKDDkfYnEao8h7v
akkYRlwh6PVZARPAAeWDa5lwd6Z4t33XdyoJ8Eq8y6y6E61H0FDtHRYCMDmzKRIr
U/69iDCNYjxUUAi2ln9JQ2yr1VsvhXNQPeP2y/p5Z9+d1+nTMk8DgWzV1QP0cRu/
U690YpxRIQpHie08VvYvYqpfRyrVWHV1HN2w5XPYnFXlJAKxat02CVhQGC9PT7zs
1rAm4yNx41/3GWuyiQhryTzu4uWdw0GhW7j6unnQyo8wr/+JvF/+AG4relpu3YzO
lg6UDlHrjVYmqXt7y5BamIM6ySAanv7kw31yP+Li4EVjHCVpMCBuxj7Xfw==
-----END CERTIFICATE-----