Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3b0a8b46-f8a6-4f03-81cc-e42817a6a82d.roa
File:                     3b0a8b46-f8a6-4f03-81cc-e42817a6a82d.roa (raw, json)
Hash identifier:          J/N4nGKE0zZWuoR6gbb3CdLFdYqsMKQm+ETxB3EDe2I=
Subject key identifier:   BA:A6:59:EF:3D:48:C8:D3:1E:29:1B:61:DC:33:2D:10:A8:92:18:1B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4993C97B3A4CCE042A0C9DFBF41A5771AEFF613F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3b0a8b46-f8a6-4f03-81cc-e42817a6a82d.roa
Signing time:             Sat 27 Sep 2025 00:21:21 +0000
ROA not before:           Sat 27 Sep 2025 00:21:21 +0000
ROA not after:            Sat 01 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        46.215.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:93:c9:7b:3a:4c:ce:04:2a:0c:9d:fb:f4:1a:57:71:ae:ff:61:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 27 00:21:21 2025 GMT
            Not After : Nov  1 23:59:59 2025 GMT
        Subject: serialNumber=b7f06269dbb5381298f2c70884841304fa6c912af87b6b5929e8666d365e91f6, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:45:a9:41:2e:82:cc:6a:7c:99:4f:ee:9d:7c:
                    ae:92:f6:ac:32:b3:8f:0c:b4:bc:fa:c5:85:70:cc:
                    da:08:e7:36:49:08:83:d3:7b:a0:76:90:84:67:d3:
                    0a:3c:8f:1f:c5:7b:39:6d:4c:45:3b:20:4f:9c:ee:
                    b7:54:8f:72:85:b6:a0:d8:77:6b:43:03:50:91:c1:
                    7f:51:fe:8e:19:03:85:43:dc:18:96:91:e9:42:41:
                    35:d6:db:c5:12:3f:15:a7:cf:10:07:4c:6d:5b:05:
                    10:40:9b:d4:99:da:ca:0f:4f:73:dd:ec:ce:67:f7:
                    ce:56:37:65:d4:28:29:64:93:23:b1:c1:d4:0e:f5:
                    e4:5e:20:d6:b2:8f:3e:5f:2b:bc:5d:80:ee:20:e1:
                    bc:f6:17:99:da:de:99:19:5b:0d:08:49:07:a1:b6:
                    fb:4b:49:3d:fc:77:da:86:cb:47:e8:6c:ad:82:8c:
                    eb:17:61:23:14:3c:5e:86:79:f4:b7:aa:48:4f:ae:
                    29:3c:bf:f8:b9:3b:cc:f8:e3:8d:f3:85:c9:f5:cb:
                    75:1e:c6:1f:27:9c:09:a6:41:47:cf:73:fc:a8:8d:
                    eb:2b:b6:35:7e:58:c4:2d:ec:52:6f:7c:f1:27:33:
                    ad:9b:5a:72:a8:ff:ee:3c:95:53:c5:f2:75:ab:23:
                    e4:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:A6:59:EF:3D:48:C8:D3:1E:29:1B:61:DC:33:2D:10:A8:92:18:1B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3b0a8b46-f8a6-4f03-81cc-e42817a6a82d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.215.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         b2:90:59:ad:08:ae:ee:cd:33:ff:09:46:46:5b:72:32:e2:59:
         ed:fc:55:be:8b:5a:1f:60:ab:77:7c:a9:1d:b0:d6:08:46:84:
         b9:ad:61:af:9a:2c:8b:4f:02:44:a0:31:ba:0f:38:63:b4:41:
         df:f3:32:af:10:07:a0:eb:59:14:31:ef:c0:f0:5b:97:7e:03:
         af:f5:e2:25:f3:66:d2:10:dc:26:b1:1a:0d:26:45:dd:f4:68:
         74:0f:26:7b:e3:e3:64:45:6b:dd:fa:b0:01:fd:2a:a0:cc:eb:
         65:22:fb:00:2b:69:73:2f:d7:f8:a9:64:80:37:3c:66:19:fd:
         9c:7d:f4:c5:e1:a8:9d:0f:af:db:11:ee:6e:9c:4f:28:88:e1:
         1f:40:81:94:33:d4:17:d5:9e:03:03:93:7e:43:37:66:a7:ab:
         60:15:ba:f3:95:fd:d7:1d:b3:5b:5b:e9:67:df:ed:91:2c:a4:
         fb:0c:26:27:39:3c:fe:02:23:20:8e:78:58:12:bf:ef:3c:ef:
         1d:6b:5b:48:4a:66:38:67:aa:35:7b:64:71:f6:d4:94:03:d3:
         d1:bc:f8:ed:52:27:1c:11:ce:1d:f2:12:f8:0c:b8:ed:1c:25:
         5b:18:f1:8c:1d:e8:73:2e:a0:ff:b1:da:ab:80:2e:6c:6c:3f:
         f3:49:87:93
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUSZPJezpMzgQqDJ379BpXca7/YT8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI3MDAyMTIxWhcNMjUxMTAxMjM1OTU5
WjB6MUkwRwYDVQQFE0BiN2YwNjI2OWRiYjUzODEyOThmMmM3MDg4NDg0MTMwNGZh
NmM5MTJhZjg3YjZiNTkyOWU4NjY2ZDM2NWU5MWY2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDBRalBLoLManyZT+6dfK6S9qwys48MtLz6xYVwzNoI5zZJ
CIPTe6B2kIRn0wo8jx/FezltTEU7IE+c7rdUj3KFtqDYd2tDA1CRwX9R/o4ZA4VD
3BiWkelCQTXW28USPxWnzxAHTG1bBRBAm9SZ2soPT3Pd7M5n985WN2XUKClkkyOx
wdQO9eReINayjz5fK7xdgO4g4bz2F5na3pkZWw0ISQehtvtLST38d9qGy0fobK2C
jOsXYSMUPF6GefS3qkhPrik8v/i5O8z4443zhcn1y3Uexh8nnAmmQUfPc/yojesr
tjV+WMQt7FJvfPEnM62bWnKo/+48lVPF8nWrI+QZAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUuqZZ7z1IyNMeKRth3DMtEKiSGBswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNiMGE4YjQ2LWY4YTYtNGYwMy04MWNjLWU0MjgxN2E2YTgyZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAu1zANBgkqhkiG9w0BAQsFAAOCAQEAspBZrQiu7s0z/wlGRltyMuJZ7fxV
votaH2Crd3ypHbDWCEaEua1hr5osi08CRKAxug84Y7RB3/MyrxAHoOtZFDHvwPBb
l34Dr/XiJfNm0hDcJrEaDSZF3fRodA8me+PjZEVr3fqwAf0qoMzrZSL7ACtpcy/X
+KlkgDc8Zhn9nH30xeGonQ+v2xHubpxPKIjhH0CBlDPUF9WeAwOTfkM3ZqerYBW6
85X91x2zW1vpZ9/tkSyk+wwmJzk8/gIjII54WBK/7zzvHWtbSEpmOGeqNXtkcfbU
lAPT0bz47VInHBHOHfIS+Ay47RwlWxjxjB3ocy6g/7Haq4AubGw/80mHkw==
-----END CERTIFICATE-----