Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3648dfb3-3fba-44c3-a005-f8fd5930f9b0.roa
File:                     3648dfb3-3fba-44c3-a005-f8fd5930f9b0.roa (raw, json)
Hash identifier:          hlQOY8AmaeRotDzm8scAjmWeihH5+W3ASc5M//NZTNY=
Subject key identifier:   93:84:48:A5:C6:7B:B0:EA:AB:15:CE:84:B4:62:B5:5F:13:FD:B3:9D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       661FB8E010D568558BA0B683EE33349CEE9BE6EB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3648dfb3-3fba-44c3-a005-f8fd5930f9b0.roa
Signing time:             Mon 29 Sep 2025 15:02:04 +0000
ROA not before:           Mon 29 Sep 2025 15:02:04 +0000
ROA not after:            Mon 03 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.62.0.0/15 maxlen: 15
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:1f:b8:e0:10:d5:68:55:8b:a0:b6:83:ee:33:34:9c:ee:9b:e6:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 29 15:02:04 2025 GMT
            Not After : Nov  3 23:59:59 2025 GMT
        Subject: serialNumber=3496907b966e02f61d361565d70c7e54006b34b78c635b4b7fbda042384c39e5, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:4d:f2:da:e3:a4:c6:a7:1e:c3:0e:a0:86:3c:
                    5a:13:98:2a:1e:77:33:d3:ed:c5:e5:99:37:76:a7:
                    3e:3e:f2:e4:bf:f5:73:54:f7:ed:80:9a:5d:b7:c9:
                    67:4b:aa:14:77:b6:03:51:cc:3b:d7:dd:18:9a:20:
                    61:8f:6b:50:a7:ce:13:bd:ef:b0:50:61:23:84:5b:
                    2a:76:27:59:03:88:84:99:df:b6:a9:b3:0f:4d:ba:
                    61:7f:c2:26:20:a8:6b:87:09:f3:48:6b:7f:09:30:
                    89:ff:12:d6:f2:3a:fa:c5:08:ae:9d:a2:39:e1:7c:
                    aa:b8:28:0d:d4:e3:5b:a9:55:3a:68:58:ea:15:a3:
                    b5:fb:01:60:cd:63:2e:30:ff:c5:af:b7:2f:42:f5:
                    94:b1:8c:fe:fc:f7:4e:fd:54:31:e9:ff:00:6e:72:
                    7e:c7:55:30:a9:77:02:01:d2:a5:8c:8b:d1:8f:02:
                    ed:e3:74:54:12:60:29:20:86:48:d8:2a:44:86:e1:
                    f8:11:7f:a9:83:14:dd:42:0d:42:b3:08:df:5e:75:
                    34:a0:ea:c3:56:d3:de:82:0a:c8:6d:52:a0:f9:24:
                    f2:9f:24:2a:55:66:7c:73:63:9f:57:e7:6e:ee:3a:
                    7d:f2:a9:83:a9:be:22:2a:34:6a:87:39:70:14:ac:
                    14:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:84:48:A5:C6:7B:B0:EA:AB:15:CE:84:B4:62:B5:5F:13:FD:B3:9D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3648dfb3-3fba-44c3-a005-f8fd5930f9b0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.62.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         d7:e7:10:c9:07:f2:5f:c7:81:7a:e2:99:43:01:09:6f:dd:ea:
         13:c4:3d:9c:7b:f4:d2:5c:55:79:35:f1:c6:0c:ef:28:4a:af:
         78:a9:5f:99:71:4f:0c:de:50:8a:06:32:fe:c3:85:f0:e2:d6:
         30:3e:f3:c6:3a:7d:42:d6:dc:a5:b4:4a:03:f8:54:cf:51:04:
         9f:42:ee:8e:94:6b:bb:e7:86:b1:be:49:de:20:23:fd:29:5b:
         b5:8a:24:dd:72:51:fd:1b:d8:b8:99:a0:5f:3d:f2:22:c9:b4:
         9c:f8:23:7c:8c:02:3b:d5:0a:f9:63:52:cf:ba:df:e0:16:6f:
         a0:7d:4c:f8:e0:4a:44:68:02:5e:66:28:2e:43:14:c8:90:a3:
         ce:a8:11:f5:55:6f:fd:10:11:d2:38:01:ba:37:bb:c2:8c:de:
         f9:6c:34:64:58:e0:54:21:b7:c2:6e:cb:6f:a5:8b:a3:e2:3e:
         71:bd:97:a9:8c:17:a5:14:70:ee:c2:55:c4:68:8b:05:e3:a4:
         b9:2c:b6:95:6d:eb:5b:6f:6e:00:b3:c5:ba:ec:c5:fd:ce:d2:
         85:2b:81:47:7b:7d:f4:1e:25:a5:1e:98:f0:78:79:1f:c2:7b:
         9f:34:a1:8d:cd:21:11:fd:e8:13:2c:8d:bd:58:b3:19:b1:4e:
         a1:95:cf:94
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUZh+44BDVaFWLoLaD7jM0nO6b5uswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI5MTUwMjA0WhcNMjUxMTAzMjM1OTU5
WjB6MUkwRwYDVQQFE0AzNDk2OTA3Yjk2NmUwMmY2MWQzNjE1NjVkNzBjN2U1NDAw
NmIzNGI3OGM2MzViNGI3ZmJkYTA0MjM4NGMzOWU1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDdTfLa46TGpx7DDqCGPFoTmCoedzPT7cXlmTd2pz4+8uS/
9XNU9+2Aml23yWdLqhR3tgNRzDvX3RiaIGGPa1CnzhO977BQYSOEWyp2J1kDiISZ
37apsw9NumF/wiYgqGuHCfNIa38JMIn/EtbyOvrFCK6dojnhfKq4KA3U41upVTpo
WOoVo7X7AWDNYy4w/8Wvty9C9ZSxjP789079VDHp/wBucn7HVTCpdwIB0qWMi9GP
Au3jdFQSYCkghkjYKkSG4fgRf6mDFN1CDUKzCN9edTSg6sNW096CCshtUqD5JPKf
JCpVZnxzY59X527uOn3yqYOpviIqNGqHOXAUrBTTAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUk4RIpcZ7sOqrFc6EtGK1XxP9s50wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM2NDhkZmIzLTNmYmEtNDRjMy1hMDA1LWY4ZmQ1OTMwZjliMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwENPjANBgkqhkiG9w0BAQsFAAOCAQEA1+cQyQfyX8eBeuKZQwEJb93qE8Q9
nHv00lxVeTXxxgzvKEqveKlfmXFPDN5QigYy/sOF8OLWMD7zxjp9QtbcpbRKA/hU
z1EEn0LujpRru+eGsb5J3iAj/SlbtYok3XJR/RvYuJmgXz3yIsm0nPgjfIwCO9UK
+WNSz7rf4BZvoH1M+OBKRGgCXmYoLkMUyJCjzqgR9VVv/RAR0jgBuje7woze+Ww0
ZFjgVCG3wm7Lb6WLo+I+cb2XqYwXpRRw7sJVxGiLBeOkuSy2lW3rW29uALPFuuzF
/c7ShSuBR3t99B4lpR6Y8Hh5H8J7nzShjc0hEf3oEyyNvVizGbFOoZXPlA==
-----END CERTIFICATE-----