Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4e472895-b434-4391-8576-749405dc5ab2.roa
File:                     4e472895-b434-4391-8576-749405dc5ab2.roa (raw, json)
Hash identifier:          VvpCfdweSq0y2CyMxRajJ0YRQ+e2dGAjiuS+L92SdFY=
Subject key identifier:   2E:2B:52:0B:8A:4B:91:8F:2B:D2:9C:AA:CD:54:0E:DE:02:50:82:D7
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7804B2BFCE9EE8150E1FFC6879E85EA2DE6B450A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4e472895-b434-4391-8576-749405dc5ab2.roa
Signing time:             Wed 01 Oct 2025 00:38:53 +0000
ROA not before:           Wed 01 Oct 2025 00:38:53 +0000
ROA not after:            Wed 05 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.104.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:04:b2:bf:ce:9e:e8:15:0e:1f:fc:68:79:e8:5e:a2:de:6b:45:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  1 00:38:53 2025 GMT
            Not After : Nov  5 23:59:59 2025 GMT
        Subject: serialNumber=d7dbaea1183829c088ea6b8aebb44ad142c29f6895d91107789a8b916adbf10c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:4d:82:20:61:04:83:31:47:65:ee:c8:67:e4:
                    42:3b:3a:5a:1b:71:ea:21:31:3f:b7:16:88:9c:6d:
                    b5:6b:86:e6:72:8d:70:e5:e2:99:68:5a:b7:8f:93:
                    05:5a:2b:d7:c6:b8:f6:3b:3c:00:c7:5e:bc:eb:f7:
                    e3:96:a3:1b:19:5e:08:45:1e:ea:63:96:04:fb:e2:
                    b1:66:ea:2b:61:6e:02:c7:96:39:fd:31:e1:54:1a:
                    81:a9:04:cb:fb:fa:2b:0f:06:28:f3:09:62:5b:3e:
                    d3:b2:5e:99:ae:3d:58:e3:64:09:24:07:27:92:53:
                    a2:5e:f9:24:83:28:e2:b8:13:94:11:6b:59:f0:7a:
                    4e:11:40:e6:06:d6:b3:ef:47:68:99:32:57:d9:7f:
                    75:37:86:63:9b:12:84:08:25:fc:6d:b4:3b:68:a9:
                    e5:60:e2:95:0e:db:be:d9:95:cb:02:e0:9f:43:0c:
                    bb:2a:86:e0:76:7a:84:34:cb:8b:07:1d:50:bf:31:
                    8e:8c:74:b6:82:a4:d5:27:6a:2b:39:38:4e:93:38:
                    78:85:5b:f2:01:b0:f7:7b:c4:7c:61:90:b8:0a:76:
                    f0:bd:b1:a1:5d:60:b9:37:d8:87:32:b9:92:45:ee:
                    dd:3f:78:f9:fd:f2:c0:c3:dc:80:10:56:d9:49:b7:
                    17:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:2B:52:0B:8A:4B:91:8F:2B:D2:9C:AA:CD:54:0E:DE:02:50:82:D7
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4e472895-b434-4391-8576-749405dc5ab2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.104.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         11:79:cd:ed:b0:53:c6:d7:74:7e:e1:0b:f2:53:e6:b4:e5:dd:
         67:0a:71:7e:6a:5c:f6:94:94:7d:64:84:d2:80:18:86:d1:1a:
         e3:6e:26:8d:44:4b:0a:5f:5c:01:f7:8c:c2:52:48:3b:51:6f:
         36:ee:5a:e6:20:2d:45:1c:a7:eb:ba:5b:6e:54:20:3b:d1:33:
         7e:7e:d9:0d:35:ed:65:76:5d:c9:d1:b9:f5:bc:eb:5b:42:f7:
         98:dc:fb:18:93:24:99:cc:ba:d7:a0:88:29:54:5b:27:de:66:
         cc:7e:21:a3:37:6c:45:c5:0f:c9:ef:5b:ef:eb:80:9f:28:16:
         c8:73:88:33:91:5c:c7:50:63:fe:5e:a0:f1:a8:dc:2f:85:e5:
         a2:d1:1d:59:60:17:4c:fe:f4:74:bb:a8:c8:f9:bc:bf:4b:a0:
         42:03:ff:82:2d:f3:fe:d2:08:a2:07:03:23:ad:66:5a:24:88:
         14:b6:ff:38:86:da:da:24:bf:76:03:ee:ba:39:f0:78:ae:05:
         97:70:be:c0:9a:f2:65:f8:c4:bf:03:bc:fc:97:62:7a:2b:4f:
         fe:e6:43:cc:eb:d2:f7:19:1f:ab:e1:27:b4:d9:63:89:93:2e:
         a1:97:1b:48:3f:12:68:2a:1e:fc:31:4b:e3:15:d7:65:5f:23:
         bd:64:54:a3
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUeASyv86e6BUOH/xoeeheot5rRQowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDAzODUzWhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BkN2RiYWVhMTE4MzgyOWMwODhlYTZiOGFlYmI0NGFkMTQy
YzI5ZjY4OTVkOTExMDc3ODlhOGI5MTZhZGJmMTBjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpTYIgYQSDMUdl7shn5EI7OlobceohMT+3FoicbbVrhuZy
jXDl4ploWrePkwVaK9fGuPY7PADHXrzr9+OWoxsZXghFHupjlgT74rFm6ithbgLH
ljn9MeFUGoGpBMv7+isPBijzCWJbPtOyXpmuPVjjZAkkByeSU6Je+SSDKOK4E5QR
a1nwek4RQOYG1rPvR2iZMlfZf3U3hmObEoQIJfxttDtoqeVg4pUO277ZlcsC4J9D
DLsqhuB2eoQ0y4sHHVC/MY6MdLaCpNUnais5OE6TOHiFW/IBsPd7xHxhkLgKdvC9
saFdYLk32IcyuZJF7t0/ePn98sDD3IAQVtlJtxf5AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQULitSC4pLkY8r0pyqzVQO3gJQgtcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRlNDcyODk1LWI0MzQtNDM5MS04NTc2LTc0OTQwNWRjNWFiMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4aDANBgkqhkiG9w0BAQsFAAOCAQEAEXnN7bBTxtd0fuEL8lPmtOXdZwpx
fmpc9pSUfWSE0oAYhtEa424mjURLCl9cAfeMwlJIO1FvNu5a5iAtRRyn67pbblQg
O9Ezfn7ZDTXtZXZdydG59bzrW0L3mNz7GJMkmcy616CIKVRbJ95mzH4hozdsRcUP
ye9b7+uAnygWyHOIM5Fcx1Bj/l6g8ajcL4XlotEdWWAXTP70dLuoyPm8v0ugQgP/
gi3z/tIIogcDI61mWiSIFLb/OIba2iS/dgPuujnweK4Fl3C+wJryZfjEvwO8/Jdi
eitP/uZDzOvS9xkfq+EntNljiZMuoZcbSD8SaCoe/DFL4xXXZV8jvWRUow==
-----END CERTIFICATE-----