Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/659a7dac-a1b2-4360-8ae9-98a0f88aabb9.roa
File:                     659a7dac-a1b2-4360-8ae9-98a0f88aabb9.roa (raw, json)
Hash identifier:          /2JX5qtaZdgK2gi65Yu0yOQZ1J2Yv6fo4vCh3xGo1p0=
Subject key identifier:   EF:0B:C2:79:23:95:6A:0A:CA:56:D1:C9:05:5C:8D:E6:4E:3F:2A:24
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       529B4C6D7E29040A90FE904A793944226532EDDA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/659a7dac-a1b2-4360-8ae9-98a0f88aabb9.roa
Signing time:             Wed 08 Oct 2025 00:12:45 +0000
ROA not before:           Wed 08 Oct 2025 00:12:45 +0000
ROA not after:            Wed 12 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.11.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:9b:4c:6d:7e:29:04:0a:90:fe:90:4a:79:39:44:22:65:32:ed:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  8 00:12:45 2025 GMT
            Not After : Nov 12 23:59:59 2025 GMT
        Subject: serialNumber=b4f4a932ef6d63becb9ff9b7ac41a8a144c07c9bfa1b0f3812ec82656cce127c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:5a:b9:52:81:87:98:6e:55:fe:1c:a9:46:52:
                    30:64:d4:56:a7:9a:7f:19:e7:c8:f4:3a:f2:5b:57:
                    2b:11:68:07:12:8d:f5:7f:0a:01:72:d3:08:23:93:
                    7f:ec:27:de:c6:d7:75:21:98:d1:53:d1:62:ba:01:
                    f6:27:73:c4:5b:bb:2c:ac:7f:91:cb:8a:e5:4b:08:
                    90:da:ef:c2:01:6c:87:a1:48:78:26:a7:e6:5e:0d:
                    02:50:9a:e0:9e:eb:f6:01:1b:5c:54:f1:c8:cf:80:
                    57:54:e1:f4:95:fc:52:c2:85:5a:f2:59:c1:9e:38:
                    46:39:a2:78:ba:f8:f4:61:e2:08:46:c0:74:0f:22:
                    ac:27:9c:ff:df:3e:8a:46:11:2d:f1:7f:22:9c:2a:
                    8b:0e:8d:30:c7:06:11:ed:14:f5:64:bc:a4:e7:e5:
                    89:3e:ce:8e:28:c6:ba:8b:18:02:da:c1:86:0a:4f:
                    bc:b1:f9:fc:fb:92:ad:c6:cd:4b:44:d3:c1:03:e0:
                    45:53:33:54:ec:21:f1:ba:82:ec:74:a6:ad:d8:9e:
                    13:4b:79:89:d4:8f:51:32:11:dd:32:45:6e:ea:31:
                    d4:6c:42:ce:d4:48:6b:2b:a4:5a:1f:4a:3c:a0:73:
                    75:d1:90:58:7f:a4:36:18:a4:7b:e9:4e:1c:f5:60:
                    98:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:0B:C2:79:23:95:6A:0A:CA:56:D1:C9:05:5C:8D:E6:4E:3F:2A:24
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/659a7dac-a1b2-4360-8ae9-98a0f88aabb9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.11.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         9c:ce:aa:62:e8:c8:db:2a:ed:aa:ef:bb:88:69:99:45:c0:8a:
         04:12:b9:08:f7:83:bd:f7:a8:17:cf:58:2b:ca:37:f8:0d:73:
         1e:62:54:97:2e:94:d5:22:6f:25:19:4a:dc:1a:0b:7a:ef:40:
         65:8a:e1:82:2d:e0:0f:24:75:cf:cc:84:5d:ea:f7:9c:ca:43:
         2e:c0:f6:ef:75:64:92:8d:18:27:97:b2:a5:7c:fa:78:a2:9e:
         3f:4a:bd:55:cb:69:e9:3f:ac:b1:73:b4:54:4c:ff:da:81:76:
         88:f7:03:d2:82:9c:99:88:f3:c6:08:7a:29:ab:f4:6e:03:e8:
         77:44:df:74:b8:36:3b:69:60:39:30:d2:61:a6:3d:7b:7d:bc:
         31:6a:6a:35:60:f7:92:38:ca:3e:3b:38:d1:44:9a:9c:3f:78:
         3d:31:1b:49:bd:bd:b9:cb:6c:02:e6:29:7d:81:c3:d7:0b:5c:
         7c:5b:f3:a7:be:d6:f0:82:4a:c3:03:fd:c7:12:e8:4c:5e:55:
         bc:40:55:a1:48:3d:1d:c8:15:99:59:f4:20:ed:e0:cb:5c:ea:
         b3:a5:8d:d6:c3:fd:7a:66:30:eb:5d:34:c4:95:f9:fc:d3:63:
         05:f2:38:b9:ce:f2:62:13:b0:a8:47:cd:1e:9b:34:91:46:f0:
         ed:24:01:60
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUUptMbX4pBAqQ/pBKeTlEImUy7dowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA4MDAxMjQ1WhcNMjUxMTEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BiNGY0YTkzMmVmNmQ2M2JlY2I5ZmY5YjdhYzQxYThhMTQ0
YzA3YzliZmExYjBmMzgxMmVjODI2NTZjY2UxMjdjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCgWrlSgYeYblX+HKlGUjBk1Fanmn8Z58j0OvJbVysRaAcS
jfV/CgFy0wgjk3/sJ97G13UhmNFT0WK6AfYnc8Rbuyysf5HLiuVLCJDa78IBbIeh
SHgmp+ZeDQJQmuCe6/YBG1xU8cjPgFdU4fSV/FLChVryWcGeOEY5oni6+PRh4ghG
wHQPIqwnnP/fPopGES3xfyKcKosOjTDHBhHtFPVkvKTn5Yk+zo4oxrqLGALawYYK
T7yx+fz7kq3GzUtE08ED4EVTM1TsIfG6gux0pq3YnhNLeYnUj1EyEd0yRW7qMdRs
Qs7USGsrpFofSjygc3XRkFh/pDYYpHvpThz1YJh5AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU7wvCeSOVagrKVtHJBVyN5k4/KiQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY1OWE3ZGFjLWExYjItNDM2MC04YWU5LTk4YTBmODhhYWJiOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4CzANBgkqhkiG9w0BAQsFAAOCAQEAnM6qYujI2yrtqu+7iGmZRcCKBBK5
CPeDvfeoF89YK8o3+A1zHmJUly6U1SJvJRlK3BoLeu9AZYrhgi3gDyR1z8yEXer3
nMpDLsD273Vkko0YJ5eypXz6eKKeP0q9Vctp6T+ssXO0VEz/2oF2iPcD0oKcmYjz
xgh6Kav0bgPod0TfdLg2O2lgOTDSYaY9e328MWpqNWD3kjjKPjs40USanD94PTEb
Sb29uctsAuYpfYHD1wtcfFvzp77W8IJKwwP9xxLoTF5VvEBVoUg9HcgVmVn0IO3g
y1zqs6WN1sP9emYw6100xJX5/NNjBfI4uc7yYhOwqEfNHps0kUbw7SQBYA==
-----END CERTIFICATE-----