Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5db31593-d4f8-4d80-8920-1f55638e5662.roa
File:                     5db31593-d4f8-4d80-8920-1f55638e5662.roa (raw, json)
Hash identifier:          ZSNumr5FVdwq0ep7cvTwHi2S8R5OOMP5kjIXfLLR71k=
Subject key identifier:   8E:F4:61:28:ED:D8:F8:F3:C9:E6:31:39:80:17:FD:B8:55:A0:4B:C5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0B5C63B8B7746561E8316267D90F5F8FEC806B5C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5db31593-d4f8-4d80-8920-1f55638e5662.roa
Signing time:             Sat 04 Oct 2025 00:37:42 +0000
ROA not before:           Sat 04 Oct 2025 00:37:42 +0000
ROA not after:            Sat 08 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.186.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:5c:63:b8:b7:74:65:61:e8:31:62:67:d9:0f:5f:8f:ec:80:6b:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  4 00:37:42 2025 GMT
            Not After : Nov  8 23:59:59 2025 GMT
        Subject: serialNumber=bc62da5fe7591cf3051cedc5a7f088df177dc3bd4a5e8e7ee339749fd7422f83, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:b6:f5:c2:3c:94:3d:ca:75:74:91:a2:15:6f:
                    1f:87:49:12:b6:dc:9f:4e:0c:a5:5d:51:55:ef:1d:
                    48:62:fb:e9:18:94:e7:98:57:63:ce:9c:2c:ff:2c:
                    19:5a:2c:70:69:64:32:18:ea:5b:ed:4b:73:d2:73:
                    f5:6f:75:48:f8:82:8b:1e:c1:16:e3:d2:c4:5e:5f:
                    ac:47:a1:dc:23:27:80:f6:a1:73:bc:fd:b4:be:b2:
                    9c:32:3c:f1:f9:76:77:d7:fb:57:9c:d7:5b:16:6a:
                    3f:cc:19:cd:2a:5e:81:e6:10:c5:71:6a:28:c5:08:
                    2e:4d:85:14:ed:5b:d4:56:de:c1:3b:e2:f0:47:c0:
                    6f:e7:32:74:ed:f8:6a:24:0f:58:58:9a:e1:3e:80:
                    39:16:81:08:b2:98:f3:f2:57:0c:33:6b:e8:2f:21:
                    3f:86:fb:18:3f:d9:13:e4:4f:f2:7e:ec:ec:ba:1f:
                    6f:ab:96:df:a0:a0:2f:46:64:0f:91:e2:85:61:85:
                    47:50:ac:e4:1f:89:c7:62:42:d9:ad:3e:5d:92:78:
                    f6:b1:59:c4:a8:08:52:07:42:f2:78:0e:29:10:8c:
                    74:e1:e5:3a:4c:b8:76:fa:32:c7:4a:9f:ed:c3:80:
                    1b:17:6e:92:c5:e9:88:4b:85:51:cd:7f:95:02:2e:
                    2d:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:F4:61:28:ED:D8:F8:F3:C9:E6:31:39:80:17:FD:B8:55:A0:4B:C5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5db31593-d4f8-4d80-8920-1f55638e5662.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.186.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         86:f8:be:77:5c:4d:8d:3c:76:35:80:8f:de:4f:ee:51:0d:47:
         35:ec:dc:0f:2b:85:d1:a6:d1:4b:3f:dd:b6:18:01:9b:6c:db:
         65:21:8b:85:5d:3c:04:93:74:35:66:96:e2:65:60:7d:05:0c:
         ee:a7:a2:c3:c6:b9:04:56:a4:f8:33:79:6d:a8:6c:0b:3a:89:
         f8:a2:fa:da:53:ac:55:1a:25:53:36:bd:de:de:ad:3d:1b:ec:
         80:94:b7:02:0d:18:49:cf:8d:d7:34:9e:ff:1a:6b:e1:de:8b:
         07:ba:8d:db:a6:d2:bc:39:52:93:a8:a9:ef:91:81:96:d1:9a:
         3f:4b:bd:8e:1a:89:e8:b5:ca:80:dd:69:27:ed:b4:e4:81:98:
         24:67:47:58:27:63:ff:36:1c:56:35:a0:38:17:1e:ba:8f:bd:
         b5:6d:10:5f:dc:98:29:ff:6a:c4:28:e6:92:af:10:03:62:f0:
         76:2d:46:df:26:99:73:a9:c6:1b:e4:e5:24:19:95:36:86:8a:
         c8:6e:dd:2f:69:90:5f:0e:7e:e9:0f:4b:7f:9f:da:a8:6d:9a:
         a0:a3:92:72:0e:3d:4f:b3:5e:10:ec:ab:fe:e3:22:e0:11:11:
         ee:30:8d:d0:26:f7:a8:34:59:9b:17:ee:f4:5b:c6:06:1f:b3:
         b3:08:d0:50
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUC1xjuLd0ZWHoMWJn2Q9fj+yAa1wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA0MDAzNzQyWhcNMjUxMTA4MjM1OTU5
WjB6MUkwRwYDVQQFE0BiYzYyZGE1ZmU3NTkxY2YzMDUxY2VkYzVhN2YwODhkZjE3
N2RjM2JkNGE1ZThlN2VlMzM5NzQ5ZmQ3NDIyZjgzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCmtvXCPJQ9ynV0kaIVbx+HSRK23J9ODKVdUVXvHUhi++kY
lOeYV2POnCz/LBlaLHBpZDIY6lvtS3PSc/VvdUj4gosewRbj0sReX6xHodwjJ4D2
oXO8/bS+spwyPPH5dnfX+1ec11sWaj/MGc0qXoHmEMVxaijFCC5NhRTtW9RW3sE7
4vBHwG/nMnTt+GokD1hYmuE+gDkWgQiymPPyVwwza+gvIT+G+xg/2RPkT/J+7Oy6
H2+rlt+goC9GZA+R4oVhhUdQrOQficdiQtmtPl2SePaxWcSoCFIHQvJ4DikQjHTh
5TpMuHb6MsdKn+3DgBsXbpLF6YhLhVHNf5UCLi1HAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUjvRhKO3Y+PPJ5jE5gBf9uFWgS8UwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzVkYjMxNTkzLWQ0ZjgtNGQ4MC04OTIwLTFmNTU2MzhlNTY2Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQujANBgkqhkiG9w0BAQsFAAOCAQEAhvi+d1xNjTx2NYCP3k/uUQ1HNezc
DyuF0abRSz/dthgBm2zbZSGLhV08BJN0NWaW4mVgfQUM7qeiw8a5BFak+DN5bahs
CzqJ+KL62lOsVRolUza93t6tPRvsgJS3Ag0YSc+N1zSe/xpr4d6LB7qN26bSvDlS
k6ip75GBltGaP0u9jhqJ6LXKgN1pJ+205IGYJGdHWCdj/zYcVjWgOBceuo+9tW0Q
X9yYKf9qxCjmkq8QA2Lwdi1G3yaZc6nGG+TlJBmVNoaKyG7dL2mQXw5+6Q9Lf5/a
qG2aoKOScg49T7NeEOyr/uMi4BER7jCN0Cb3qDRZmxfu9FvGBh+zswjQUA==
-----END CERTIFICATE-----