Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4fee6d78-1728-44bd-b799-ca975927c66a.roa
File:                     4fee6d78-1728-44bd-b799-ca975927c66a.roa (raw, json)
Hash identifier:          U7ecA3E/LWvwE8Cj5QAqwrrbP38ECqXz+7Hv2j8G35s=
Subject key identifier:   B6:E9:0E:AE:BF:B9:88:32:80:BC:ED:69:78:63:AC:95:1B:AB:91:9A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3A4D59939FDFD6BB2B99D005E46772A7C5D762B8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4fee6d78-1728-44bd-b799-ca975927c66a.roa
Signing time:             Wed 01 Oct 2025 00:40:30 +0000
ROA not before:           Wed 01 Oct 2025 00:40:30 +0000
ROA not after:            Wed 05 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.186.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:4d:59:93:9f:df:d6:bb:2b:99:d0:05:e4:67:72:a7:c5:d7:62:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  1 00:40:30 2025 GMT
            Not After : Nov  5 23:59:59 2025 GMT
        Subject: serialNumber=7132ee985270311ca85eed2335a8caeec9a214c194ea28c976727ab18c489cb3, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:ee:14:c3:d3:47:6d:6c:3d:3e:6b:dd:f4:18:
                    9e:b2:ad:0f:85:37:d0:ae:74:0d:09:36:f6:f5:87:
                    0d:23:25:34:04:7f:2e:be:b9:27:8b:c0:65:38:05:
                    bc:82:0b:3c:5a:36:68:1a:d7:30:94:11:2e:76:f8:
                    a3:46:1b:84:d1:46:a4:48:dc:18:d4:d4:3d:e3:b9:
                    0a:4c:46:7d:61:ad:43:3e:a0:1b:8f:7b:9e:eb:f7:
                    3c:1e:4c:d6:72:72:ed:41:4e:bf:23:c0:f3:3c:e7:
                    25:78:98:b8:2d:a4:57:ab:29:32:47:91:8f:e0:3b:
                    03:f1:89:6b:6c:af:91:cc:5a:ea:b5:f2:b2:30:d4:
                    a3:4e:5c:8f:fb:c6:f1:36:bf:e5:39:39:a7:85:53:
                    13:1f:ae:44:cd:fb:17:24:b3:2f:95:64:d3:59:66:
                    14:43:9d:d1:20:54:8b:fc:5a:76:c8:26:b8:11:9a:
                    71:c7:bf:e4:7e:ce:62:01:71:97:95:eb:6c:7d:69:
                    d5:4e:57:be:5e:78:6d:84:84:c9:d2:d7:d9:56:2f:
                    eb:68:7f:71:43:2d:54:57:02:71:9a:8c:e9:90:01:
                    50:5f:90:67:1d:d9:51:fd:d3:29:17:14:65:29:b1:
                    2a:fb:4b:f5:ee:05:fb:3e:80:0f:bf:34:98:b6:5e:
                    02:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:E9:0E:AE:BF:B9:88:32:80:BC:ED:69:78:63:AC:95:1B:AB:91:9A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4fee6d78-1728-44bd-b799-ca975927c66a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.186.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         2c:0b:83:73:49:63:b6:ca:05:ee:8c:8c:c8:ba:53:09:45:3d:
         18:a5:f5:87:a0:f0:00:2b:8a:04:49:bb:98:38:77:57:15:d2:
         0e:42:ea:14:0a:dd:a8:32:4a:9b:a2:73:e7:fd:a8:96:c1:bd:
         a1:1e:fc:14:fa:9a:8a:f0:e8:bd:41:8c:73:08:52:33:13:c7:
         5e:cc:e7:3c:40:c8:e6:3e:9d:dd:21:b4:82:f5:93:37:ac:1e:
         41:f2:a1:c6:3d:f8:00:93:05:f4:c1:50:d4:fb:3f:a9:5b:1b:
         63:95:8a:13:ae:41:c1:3b:e1:2d:2c:09:09:06:9d:6a:58:6d:
         02:11:52:f3:84:3a:0a:c2:5f:45:8d:93:01:29:bc:e2:bd:22:
         27:76:85:1f:3e:8a:58:b0:75:c3:b4:ea:0b:39:95:a1:89:23:
         eb:1e:50:71:b3:7d:c3:29:55:7d:bc:b9:b7:6c:1f:19:bf:15:
         a9:db:88:a5:a2:f0:b0:3b:db:2a:1e:c9:9e:fd:18:4b:cd:b6:
         b2:ee:9c:17:29:e0:22:e5:73:4e:aa:8f:eb:e2:e3:7c:42:a0:
         b1:a3:cb:6a:10:15:23:bd:77:09:34:f7:26:bb:26:3a:09:ad:
         2a:90:c2:59:0a:dc:42:4b:b2:4d:5e:16:40:c7:0e:1e:19:db:
         d7:70:95:d0
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUOk1Zk5/f1rsrmdAF5Gdyp8XXYrgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDA0MDMwWhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A3MTMyZWU5ODUyNzAzMTFjYTg1ZWVkMjMzNWE4Y2FlZWM5
YTIxNGMxOTRlYTI4Yzk3NjcyN2FiMThjNDg5Y2IzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCS7hTD00dtbD0+a930GJ6yrQ+FN9CudA0JNvb1hw0jJTQE
fy6+uSeLwGU4BbyCCzxaNmga1zCUES52+KNGG4TRRqRI3BjU1D3juQpMRn1hrUM+
oBuPe57r9zweTNZycu1BTr8jwPM85yV4mLgtpFerKTJHkY/gOwPxiWtsr5HMWuq1
8rIw1KNOXI/7xvE2v+U5OaeFUxMfrkTN+xcksy+VZNNZZhRDndEgVIv8WnbIJrgR
mnHHv+R+zmIBcZeV62x9adVOV75eeG2EhMnS19lWL+tof3FDLVRXAnGajOmQAVBf
kGcd2VH90ykXFGUpsSr7S/XuBfs+gA+/NJi2XgJPAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUtukOrr+5iDKAvO1peGOslRurkZowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRmZWU2ZDc4LTE3MjgtNDRiZC1iNzk5LWNhOTc1OTI3YzY2YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4ujANBgkqhkiG9w0BAQsFAAOCAQEALAuDc0ljtsoF7oyMyLpTCUU9GKX1
h6DwACuKBEm7mDh3VxXSDkLqFArdqDJKm6Jz5/2olsG9oR78FPqaivDovUGMcwhS
MxPHXsznPEDI5j6d3SG0gvWTN6weQfKhxj34AJMF9MFQ1Ps/qVsbY5WKE65BwTvh
LSwJCQadalhtAhFS84Q6CsJfRY2TASm84r0iJ3aFHz6KWLB1w7TqCzmVoYkj6x5Q
cbN9wylVfby5t2wfGb8VqduIpaLwsDvbKh7Jnv0YS822su6cFyngIuVzTqqP6+Lj
fEKgsaPLahAVI713CTT3JrsmOgmtKpDCWQrcQkuyTV4WQMcOHhnb13CV0A==
-----END CERTIFICATE-----