Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4b05e238-05bc-4024-8f4e-9e39e735bfb9.roa
File:                     4b05e238-05bc-4024-8f4e-9e39e735bfb9.roa (raw, json)
Hash identifier:          +oKA6xp+wmf2vjrxPqciI6T6O3jjGRp0FDQy39W4vdg=
Subject key identifier:   7C:C6:3E:7C:E3:11:05:46:1E:CF:C6:62:60:7F:74:0D:BB:C2:22:5D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7D738056AED47E718863DDE51B038620AC529C27
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4b05e238-05bc-4024-8f4e-9e39e735bfb9.roa
Signing time:             Sat 11 Oct 2025 00:38:41 +0000
ROA not before:           Sat 11 Oct 2025 00:38:41 +0000
ROA not after:            Sat 15 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        216.246.196.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:73:80:56:ae:d4:7e:71:88:63:dd:e5:1b:03:86:20:ac:52:9c:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 11 00:38:41 2025 GMT
            Not After : Nov 15 23:59:59 2025 GMT
        Subject: serialNumber=c2a18ff4cf46a9f971b7ff2dc2c47594a7939869392d0b065768062c5fb46645, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:d4:1f:d2:9c:4f:9b:a8:92:18:53:b0:ab:0e:
                    72:bd:9c:ec:17:00:36:c8:e8:dc:7b:ce:17:47:0e:
                    98:22:bd:90:c4:29:50:38:95:6e:bc:be:e7:ed:db:
                    3d:49:95:d0:b3:38:f6:04:71:7d:e1:97:25:15:22:
                    0a:0c:b2:cb:5a:1c:25:36:92:ac:25:cb:bd:b8:f1:
                    2f:2b:ca:7b:e7:01:3a:07:7f:23:ce:b5:a6:94:af:
                    78:99:73:d2:81:a7:1d:33:75:66:97:5a:41:73:17:
                    1c:70:94:e7:7c:5c:53:10:e9:ee:f8:dd:0d:14:08:
                    78:c2:07:8a:95:d2:11:c4:16:3d:3d:32:96:d6:2a:
                    f3:e1:b9:9a:51:2d:1a:20:fd:84:30:c9:0f:60:85:
                    78:5d:99:66:23:8f:62:62:3c:46:96:7f:cb:49:3e:
                    9b:83:b8:ff:96:b8:16:71:f6:8f:ff:f8:ba:8a:6a:
                    d8:d5:2a:93:5b:a8:00:07:71:39:89:0e:ec:e4:27:
                    f9:24:b2:8f:47:ed:84:8f:25:35:6c:84:c3:cf:6a:
                    2f:16:09:e3:31:e3:0a:97:16:48:e5:4c:ae:06:67:
                    e0:eb:0e:7a:26:ec:87:9a:d1:32:8c:21:31:f6:89:
                    99:1b:1e:e3:af:a0:8f:43:19:7f:62:e8:f1:00:b4:
                    41:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:C6:3E:7C:E3:11:05:46:1E:CF:C6:62:60:7F:74:0D:BB:C2:22:5D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4b05e238-05bc-4024-8f4e-9e39e735bfb9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.246.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c2:d5:00:cd:2f:a5:32:85:01:88:af:70:37:8f:34:1e:8b:65:
         51:85:b3:ee:26:e7:09:7e:9e:35:fa:ee:5b:9d:b0:ad:46:ab:
         bf:0e:fc:cb:5d:0c:2f:0a:76:35:9b:57:d4:49:be:9f:76:4d:
         41:f0:05:1a:65:3f:b2:8e:58:8b:18:b2:85:48:2b:df:90:c8:
         39:31:5e:9d:c7:44:e9:6b:b6:ef:e1:02:79:57:6d:9f:cf:c5:
         c2:db:b5:11:0d:5d:56:b9:ad:9b:2d:7c:bb:8b:da:7a:1c:2f:
         38:d9:a5:0f:52:b8:7c:a9:36:0e:f3:58:e4:34:f9:1d:7b:74:
         40:b2:de:68:6a:2d:27:3e:a3:8b:ee:8b:81:56:cd:7b:f1:41:
         92:55:bc:d6:25:d6:87:4c:3a:7f:dd:71:9e:54:27:1c:70:2b:
         2b:d7:6f:81:22:85:3a:9f:88:8e:9e:fa:d6:d3:b5:3c:1b:97:
         a4:98:c4:8c:71:ec:62:ce:10:23:51:07:cf:44:4f:ff:a8:2a:
         60:31:07:8f:6a:c4:fd:e1:45:bc:b9:45:ca:30:4c:9d:ca:66:
         5a:c7:5f:62:97:49:16:73:0e:95:b5:e2:39:78:49:8b:1b:15:
         6f:ec:43:e6:44:d1:ab:b0:9d:22:8f:30:59:d7:bd:91:fd:63:
         1e:e0:39:ed
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfXOAVq7UfnGIY93lGwOGIKxSnCcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDExMDAzODQxWhcNMjUxMTE1MjM1OTU5
WjB6MUkwRwYDVQQFE0BjMmExOGZmNGNmNDZhOWY5NzFiN2ZmMmRjMmM0NzU5NGE3
OTM5ODY5MzkyZDBiMDY1NzY4MDYyYzVmYjQ2NjQ1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC21B/SnE+bqJIYU7CrDnK9nOwXADbI6Nx7zhdHDpgivZDE
KVA4lW68vuft2z1JldCzOPYEcX3hlyUVIgoMsstaHCU2kqwly7248S8rynvnAToH
fyPOtaaUr3iZc9KBpx0zdWaXWkFzFxxwlOd8XFMQ6e743Q0UCHjCB4qV0hHEFj09
MpbWKvPhuZpRLRog/YQwyQ9ghXhdmWYjj2JiPEaWf8tJPpuDuP+WuBZx9o//+LqK
atjVKpNbqAAHcTmJDuzkJ/kkso9H7YSPJTVshMPPai8WCeMx4wqXFkjlTK4GZ+Dr
Dnom7Iea0TKMITH2iZkbHuOvoI9DGX9i6PEAtEFLAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUfMY+fOMRBUYez8ZiYH90DbvCIl0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRiMDVlMjM4LTA1YmMtNDAyNC04ZjRlLTllMzllNzM1YmZiOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALY9sQwDQYJKoZIhvcNAQELBQADggEBAMLVAM0vpTKFAYivcDePNB6LZVGF
s+4m5wl+njX67ludsK1Gq78O/MtdDC8KdjWbV9RJvp92TUHwBRplP7KOWIsYsoVI
K9+QyDkxXp3HROlrtu/hAnlXbZ/PxcLbtRENXVa5rZstfLuL2nocLzjZpQ9SuHyp
Ng7zWOQ0+R17dECy3mhqLSc+o4vui4FWzXvxQZJVvNYl1odMOn/dcZ5UJxxwKyvX
b4EihTqfiI6e+tbTtTwbl6SYxIxx7GLOECNRB89ET/+oKmAxB49qxP3hRby5Rcow
TJ3KZlrHX2KXSRZzDpW14jl4SYsbFW/sQ+ZE0auwnSKPMFnXvZH9Yx7gOe0=
-----END CERTIFICATE-----