Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/52057d71-5d70-4bf9-9f91-73b8bd0a4176.roa
File:                     52057d71-5d70-4bf9-9f91-73b8bd0a4176.roa (raw, json)
Hash identifier:          64VTOEjl8PM0PxH3MUj31W0PXArH+AopqQB/vmW6AX4=
Subject key identifier:   2F:6D:7E:44:98:FC:B4:09:EF:0D:E3:3E:B6:39:51:DB:9E:91:02:9A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2E970CD1B7988B5FE5097AB7C77B0303413FEF8D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/52057d71-5d70-4bf9-9f91-73b8bd0a4176.roa
Signing time:             Tue 14 Oct 2025 15:23:12 +0000
ROA not before:           Tue 14 Oct 2025 15:23:12 +0000
ROA not after:            Tue 18 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        130.176.55.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:97:0c:d1:b7:98:8b:5f:e5:09:7a:b7:c7:7b:03:03:41:3f:ef:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 14 15:23:12 2025 GMT
            Not After : Nov 18 23:59:59 2025 GMT
        Subject: serialNumber=34f66d9e236d5d0bafbe46d6d498bc1d4a5b3a38e8928e04f85d4afd65209a0a, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:c1:9e:08:28:a4:14:03:5f:d4:73:58:06:2a:
                    71:0f:1a:86:5a:50:fe:50:7a:c0:a0:98:56:81:1c:
                    3e:a9:6e:82:8f:cd:5e:c9:6c:fb:86:a9:af:a9:a4:
                    74:78:e8:78:fb:30:55:6e:83:29:22:52:d9:d4:1a:
                    8f:e4:22:38:97:20:da:1b:75:19:14:e2:b9:4c:fc:
                    ce:81:8b:95:6d:93:34:a3:fb:48:42:3f:5e:9d:b0:
                    2c:6d:dc:c7:1c:6d:15:12:1f:44:0a:18:56:4b:b5:
                    7e:d6:95:8c:7a:c5:80:4d:46:39:15:30:f1:26:f9:
                    92:af:fa:c4:10:c1:e8:15:84:4f:e7:c1:6b:63:95:
                    10:e7:de:8d:ab:fd:3e:bf:04:4d:ef:66:d8:78:23:
                    e8:f3:64:f7:32:f7:a1:37:f8:ac:e5:8b:a5:e4:37:
                    8f:fd:2d:dd:ab:4e:af:c1:1a:35:a8:6b:ef:28:70:
                    e6:11:22:4a:bb:6d:83:d1:09:10:30:91:21:74:e1:
                    9a:ac:cb:4a:0a:83:31:6e:6e:00:df:be:aa:3f:e4:
                    d9:6c:33:37:f3:c2:f2:f9:7b:e0:1a:06:ad:8c:a3:
                    c9:f4:39:6c:8e:6e:48:47:21:51:b1:0e:6e:82:69:
                    b6:55:e7:5b:46:b9:a4:5e:3f:04:6e:fc:c4:d7:6b:
                    f9:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:6D:7E:44:98:FC:B4:09:EF:0D:E3:3E:B6:39:51:DB:9E:91:02:9A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/52057d71-5d70-4bf9-9f91-73b8bd0a4176.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  130.176.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:22:0e:92:d7:47:a1:a9:ea:28:28:fd:24:21:6a:0f:da:88:
         fe:5d:f0:20:48:b9:39:86:17:ed:f1:43:16:8b:7a:d3:23:7e:
         26:16:3f:10:76:28:73:c2:de:37:da:a0:8f:b7:7f:5f:c2:e5:
         09:e9:03:33:87:a8:af:3c:bb:d0:6d:a0:f6:95:c2:d1:f0:cb:
         64:04:04:e5:5d:31:9a:f4:9d:5b:13:2d:d6:fc:d9:a0:1e:6d:
         b9:24:d2:30:b9:c1:a5:21:76:f5:45:73:3d:95:08:42:27:2b:
         5d:61:31:7a:14:a7:23:05:91:a0:84:a3:41:93:af:a9:a8:cd:
         f8:68:4b:61:8a:56:37:40:6b:16:c3:8c:15:82:74:40:c5:2b:
         06:9f:f7:f6:0b:6f:98:b5:91:e9:cd:32:3a:42:ab:98:f3:fc:
         46:31:57:39:45:b2:42:d1:6b:de:d3:01:7a:e8:bd:02:55:c9:
         3c:9b:9e:5e:df:e7:5f:36:57:11:78:d1:21:7b:5f:72:88:bd:
         54:69:8d:dc:ad:64:d4:3e:9f:01:1f:1c:35:0a:ec:57:0f:a6:
         d9:69:b4:a6:4c:ca:a9:96:70:05:bd:dc:97:c0:6e:66:5d:87:
         27:29:b1:02:6a:9e:28:12:a6:55:e2:e9:22:a0:da:4b:a9:70:
         41:d3:aa:08
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULpcM0beYi1/lCXq3x3sDA0E/740wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE0MTUyMzEyWhcNMjUxMTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNGY2NmQ5ZTIzNmQ1ZDBiYWZiZTQ2ZDZkNDk4YmMxZDRh
NWIzYTM4ZTg5MjhlMDRmODVkNGFmZDY1MjA5YTBhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCWwZ4IKKQUA1/Uc1gGKnEPGoZaUP5QesCgmFaBHD6pboKP
zV7JbPuGqa+ppHR46Hj7MFVugykiUtnUGo/kIjiXINobdRkU4rlM/M6Bi5VtkzSj
+0hCP16dsCxt3MccbRUSH0QKGFZLtX7WlYx6xYBNRjkVMPEm+ZKv+sQQwegVhE/n
wWtjlRDn3o2r/T6/BE3vZth4I+jzZPcy96E3+Kzli6XkN4/9Ld2rTq/BGjWoa+8o
cOYRIkq7bYPRCRAwkSF04Zqsy0oKgzFubgDfvqo/5NlsMzfzwvL5e+AaBq2Mo8n0
OWyObkhHIVGxDm6CabZV51tGuaRePwRu/MTXa/n5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUL21+RJj8tAnvDeM+tjlR256RApowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzUyMDU3ZDcxLTVkNzAtNGJmOS05ZjkxLTczYjhiZDBhNDE3Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACCsDcwDQYJKoZIhvcNAQELBQADggEBACciDpLXR6Gp6igo/SQhag/aiP5d
8CBIuTmGF+3xQxaLetMjfiYWPxB2KHPC3jfaoI+3f1/C5QnpAzOHqK88u9BtoPaV
wtHwy2QEBOVdMZr0nVsTLdb82aAebbkk0jC5waUhdvVFcz2VCEInK11hMXoUpyMF
kaCEo0GTr6mozfhoS2GKVjdAaxbDjBWCdEDFKwaf9/YLb5i1kenNMjpCq5jz/EYx
VzlFskLRa97TAXrovQJVyTybnl7f5182VxF40SF7X3KIvVRpjdytZNQ+nwEfHDUK
7FcPptlptKZMyqmWcAW93JfAbmZdhycpsQJqnigSplXi6SKg2kupcEHTqgg=
-----END CERTIFICATE-----