Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/47451a7d-9c77-4016-a3e5-88cd310f0fdf.roa
File:                     47451a7d-9c77-4016-a3e5-88cd310f0fdf.roa (raw, json)
Hash identifier:          I1dUN4KwDz3hZ+et3YbrDaid7rdewlZC65USbEm7D08=
Subject key identifier:   16:4B:62:C6:2C:8B:EC:49:D2:BC:21:F9:85:E3:51:BC:E9:57:39:03
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       75EC067B48F34F8F01DD7CE3A996B1365E249BED
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/47451a7d-9c77-4016-a3e5-88cd310f0fdf.roa
Signing time:             Tue 07 Oct 2025 00:40:24 +0000
ROA not before:           Tue 07 Oct 2025 00:40:24 +0000
ROA not after:            Tue 11 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        192.210.48.0/20 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:ec:06:7b:48:f3:4f:8f:01:dd:7c:e3:a9:96:b1:36:5e:24:9b:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  7 00:40:24 2025 GMT
            Not After : Nov 11 23:59:59 2025 GMT
        Subject: serialNumber=6120f7f50e02433402d155e3b3b061961199ed0b521181ee9bf521c740865374, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:8d:8d:9e:4c:8a:f2:0f:97:bd:8d:10:5a:59:
                    26:5d:3f:cf:72:d8:4d:1c:df:58:24:0b:2f:d8:0e:
                    fc:c1:9e:40:e6:0d:db:8b:01:64:7d:5f:a7:73:9e:
                    a9:89:e3:d3:81:a3:dc:97:55:91:32:17:54:3b:a8:
                    06:71:c1:27:2e:93:c8:bb:7b:36:dd:61:1b:b5:1f:
                    1b:aa:7b:34:2f:75:07:e2:7e:51:2e:f4:2a:1a:4d:
                    52:70:8c:f8:86:a4:df:f6:69:00:f3:40:11:65:4d:
                    2f:ac:aa:3b:f5:48:4f:82:66:b5:80:1a:2d:d1:7e:
                    66:b8:00:82:4c:ed:c6:3b:fa:10:aa:88:38:09:65:
                    e8:3e:c4:b2:20:ae:a8:0b:82:dc:31:50:41:c0:c6:
                    95:bf:ff:e4:45:17:57:f7:ff:52:4c:9b:cd:fe:24:
                    65:ab:d3:75:12:fc:dc:f1:9b:1f:7a:10:1d:84:f7:
                    f6:4e:9d:5b:fd:c1:2e:37:43:f5:80:bf:b8:4a:39:
                    32:ca:93:f4:6f:e3:f1:04:c7:ca:99:54:31:02:f2:
                    4c:a6:d6:7d:7d:19:88:b3:78:45:21:fd:da:7b:89:
                    b0:89:6d:d7:7d:9b:7e:eb:a6:9d:2d:fb:61:c8:23:
                    0f:f2:23:e3:41:96:94:51:de:ba:7c:f7:a2:27:40:
                    88:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:4B:62:C6:2C:8B:EC:49:D2:BC:21:F9:85:E3:51:BC:E9:57:39:03
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/47451a7d-9c77-4016-a3e5-88cd310f0fdf.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.210.48.0/20

    Signature Algorithm: sha256WithRSAEncryption
         d6:71:5d:15:18:6c:e3:99:df:40:35:7c:d2:7a:41:2f:60:e1:
         a5:a0:74:43:73:39:61:18:4d:6a:f0:cb:c2:e0:15:c0:68:40:
         e1:39:b0:62:11:d9:c7:09:8c:fc:91:ed:52:6a:68:49:69:9b:
         c0:9a:da:78:7d:12:1f:b1:f4:11:e8:3c:cf:52:78:e2:bd:93:
         99:dc:50:6a:0a:e2:1c:55:b0:cf:e1:98:63:34:25:82:ae:5b:
         4a:d0:04:e6:5e:08:a2:a1:a0:9a:1b:39:62:62:81:93:73:45:
         f2:9f:6d:be:30:5e:f2:a0:93:e0:19:11:c2:58:d6:81:cb:02:
         9f:d2:29:cd:ca:45:20:2d:1e:1c:55:92:91:4f:e3:e5:f9:31:
         81:ab:d2:bb:9b:00:7d:67:14:8b:5b:11:2a:96:72:a5:ae:d7:
         85:a9:be:d4:53:5f:e9:5e:59:a1:00:46:2b:07:2f:be:73:2e:
         ee:54:15:f8:e7:9a:c8:e9:f9:40:ae:be:2b:4f:d0:26:bf:67:
         fb:93:55:b8:7f:1c:00:2a:f3:f4:dd:eb:23:70:86:8e:ff:ff:
         32:84:15:6d:4a:04:56:2f:3f:40:dd:0f:27:27:bc:f0:60:e9:
         3f:77:02:04:84:f8:53:da:d9:51:2d:c4:d0:3d:89:aa:73:14:
         1c:0d:5e:6f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdewGe0jzT48B3XzjqZaxNl4km+0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA3MDA0MDI0WhcNMjUxMTExMjM1OTU5
WjB6MUkwRwYDVQQFE0A2MTIwZjdmNTBlMDI0MzM0MDJkMTU1ZTNiM2IwNjE5NjEx
OTllZDBiNTIxMTgxZWU5YmY1MjFjNzQwODY1Mzc0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+jY2eTIryD5e9jRBaWSZdP89y2E0c31gkCy/YDvzBnkDm
DduLAWR9X6dznqmJ49OBo9yXVZEyF1Q7qAZxwScuk8i7ezbdYRu1HxuqezQvdQfi
flEu9CoaTVJwjPiGpN/2aQDzQBFlTS+sqjv1SE+CZrWAGi3Rfma4AIJM7cY7+hCq
iDgJZeg+xLIgrqgLgtwxUEHAxpW//+RFF1f3/1JMm83+JGWr03US/Nzxmx96EB2E
9/ZOnVv9wS43Q/WAv7hKOTLKk/Rv4/EEx8qZVDEC8kym1n19GYizeEUh/dp7ibCJ
bdd9m37rpp0t+2HIIw/yI+NBlpRR3rp896InQIixAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUFktixiyL7EnSvCH5heNRvOlXOQMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ3NDUxYTdkLTljNzctNDAxNi1hM2U1LTg4Y2QzMTBmMGZkZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBATA0jAwDQYJKoZIhvcNAQELBQADggEBANZxXRUYbOOZ30A1fNJ6QS9g4aWg
dENzOWEYTWrwy8LgFcBoQOE5sGIR2ccJjPyR7VJqaElpm8Ca2nh9Eh+x9BHoPM9S
eOK9k5ncUGoK4hxVsM/hmGM0JYKuW0rQBOZeCKKhoJobOWJigZNzRfKfbb4wXvKg
k+AZEcJY1oHLAp/SKc3KRSAtHhxVkpFP4+X5MYGr0rubAH1nFItbESqWcqWu14Wp
vtRTX+leWaEARisHL75zLu5UFfjnmsjp+UCuvitP0Ca/Z/uTVbh/HAAq8/Td6yNw
ho7//zKEFW1KBFYvP0DdDycnvPBg6T93AgSE+FPa2VEtxNA9iapzFBwNXm8=
-----END CERTIFICATE-----