Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3076cf1e-83f7-445d-b25c-dfb7b558c7d5.roa
File:                     3076cf1e-83f7-445d-b25c-dfb7b558c7d5.roa (raw, json)
Hash identifier:          7DY1clsx1itU8pYAolycUAt4/fjXC6czZfHQH4dOhXs=
Subject key identifier:   12:75:A6:D9:28:F2:6A:C1:3B:64:71:EE:BF:6A:C5:F1:93:11:B1:C3
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5E0A84274182F063B5EB1A065BB585F8F1F39D15
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3076cf1e-83f7-445d-b25c-dfb7b558c7d5.roa
Signing time:             Sat 27 Sep 2025 00:41:37 +0000
ROA not before:           Sat 27 Sep 2025 00:41:37 +0000
ROA not after:            Sat 01 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        63.246.116.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:0a:84:27:41:82:f0:63:b5:eb:1a:06:5b:b5:85:f8:f1:f3:9d:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 27 00:41:37 2025 GMT
            Not After : Nov  1 23:59:59 2025 GMT
        Subject: serialNumber=f350ee858a490bc529569bacf7e087f3ddbfc2101d11cec141f967ea70cd62bd, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:b6:26:c1:f4:3d:95:0c:21:f4:0f:75:87:bc:
                    1f:f7:dc:be:25:2a:12:e3:fe:52:dc:9c:b9:f3:56:
                    05:5d:fe:f4:bd:01:a9:0c:5d:51:89:8d:31:37:f8:
                    28:d6:37:86:c5:09:bf:bd:33:2d:cd:bb:f7:d7:cc:
                    b7:ba:2e:f7:6e:02:5a:e9:86:5e:1d:0d:70:69:57:
                    c8:61:40:8a:a0:6b:1e:b3:7e:e4:83:f7:bb:c8:80:
                    20:62:71:ea:9e:15:a8:5f:d6:a5:49:6f:99:81:b3:
                    15:94:b5:42:8c:09:25:0c:87:3f:55:66:7a:b9:23:
                    27:ba:4a:d5:99:f5:d4:cc:7d:b7:b0:7a:1d:c3:ab:
                    b0:0e:c3:f8:3e:12:81:3e:e2:7a:20:f1:29:d9:4a:
                    00:95:54:6e:ec:f5:1b:62:5c:3a:d8:2d:9b:2d:d8:
                    83:c4:9a:d2:3b:50:5a:8e:e4:19:53:ab:5e:8a:d8:
                    71:47:84:a0:6a:f6:10:ef:57:50:22:08:2f:34:32:
                    ae:66:6b:2e:13:69:5b:3c:8b:2d:d1:fa:ee:e1:3e:
                    bc:65:52:1f:e5:4b:32:b5:12:dd:00:10:dd:c0:51:
                    20:40:02:0f:0f:c5:52:93:f3:4a:c4:85:c7:53:c4:
                    9f:54:0a:68:6e:e7:66:6c:78:31:4f:ae:70:cb:e1:
                    5a:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:75:A6:D9:28:F2:6A:C1:3B:64:71:EE:BF:6A:C5:F1:93:11:B1:C3
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3076cf1e-83f7-445d-b25c-dfb7b558c7d5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  63.246.116.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:cd:63:af:6a:ef:ae:94:48:5c:ec:4f:6a:73:4a:b9:27:ab:
         4c:eb:b9:3f:e5:46:99:66:c7:34:04:7d:f1:1c:5e:fc:b2:64:
         04:1d:f4:26:02:a2:1f:f9:28:a1:db:e8:db:83:d1:f3:5e:1b:
         d2:09:ba:dd:57:55:99:28:4e:1b:55:94:c2:57:da:04:17:32:
         5d:8e:78:42:13:5e:57:66:4a:31:43:7c:ab:03:c9:1a:4f:75:
         5d:90:7e:c9:4c:33:82:62:49:1c:0d:0d:fa:12:87:b6:7d:db:
         eb:53:79:34:6c:40:c3:3d:1a:e0:e3:f3:0a:3e:d9:92:2c:c8:
         15:61:99:09:79:fb:b2:a0:8f:16:d9:cb:45:8b:03:49:27:d2:
         3d:d8:6b:a7:60:51:4a:d8:d9:e4:92:32:26:35:ac:fd:6b:27:
         73:79:52:1b:3a:8e:31:e6:3e:20:ea:85:8c:9b:c1:2c:5e:1f:
         56:61:66:f8:f6:27:30:84:bf:39:ee:8a:cf:5a:7b:87:11:ba:
         40:b3:45:37:5b:3a:91:b1:e9:9a:95:84:3c:35:3b:80:3e:98:
         f3:d3:48:eb:c7:d4:71:7f:53:71:0d:09:a8:a8:35:c8:4d:1d:
         e3:d0:c7:0c:8c:8c:61:4a:2e:7d:7e:73:65:45:77:cf:93:58:
         18:b5:bb:06
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXgqEJ0GC8GO16xoGW7WF+PHznRUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI3MDA0MTM3WhcNMjUxMTAxMjM1OTU5
WjB6MUkwRwYDVQQFE0BmMzUwZWU4NThhNDkwYmM1Mjk1NjliYWNmN2UwODdmM2Rk
YmZjMjEwMWQxMWNlYzE0MWY5NjdlYTcwY2Q2MmJkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCttibB9D2VDCH0D3WHvB/33L4lKhLj/lLcnLnzVgVd/vS9
AakMXVGJjTE3+CjWN4bFCb+9My3Nu/fXzLe6LvduAlrphl4dDXBpV8hhQIqgax6z
fuSD97vIgCBiceqeFahf1qVJb5mBsxWUtUKMCSUMhz9VZnq5Iye6StWZ9dTMfbew
eh3Dq7AOw/g+EoE+4nog8SnZSgCVVG7s9RtiXDrYLZst2IPEmtI7UFqO5BlTq16K
2HFHhKBq9hDvV1AiCC80Mq5may4TaVs8iy3R+u7hPrxlUh/lSzK1Et0AEN3AUSBA
Ag8PxVKT80rEhcdTxJ9UCmhu52ZseDFPrnDL4VrNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUEnWm2SjyasE7ZHHuv2rF8ZMRscMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzMwNzZjZjFlLTgzZjctNDQ1ZC1iMjVjLWRmYjdiNTU4YzdkNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA/9nQwDQYJKoZIhvcNAQELBQADggEBAJXNY69q766USFzsT2pzSrknq0zr
uT/lRplmxzQEffEcXvyyZAQd9CYCoh/5KKHb6NuD0fNeG9IJut1XVZkoThtVlMJX
2gQXMl2OeEITXldmSjFDfKsDyRpPdV2QfslMM4JiSRwNDfoSh7Z92+tTeTRsQMM9
GuDj8wo+2ZIsyBVhmQl5+7KgjxbZy0WLA0kn0j3Ya6dgUUrY2eSSMiY1rP1rJ3N5
Uhs6jjHmPiDqhYybwSxeH1ZhZvj2JzCEvznuis9ae4cRukCzRTdbOpGx6ZqVhDw1
O4A+mPPTSOvH1HF/U3ENCaioNchNHePQxwyMjGFKLn1+c2VFd8+TWBi1uwY=
-----END CERTIFICATE-----