Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/694cc990-6ba0-42d8-90f9-1c5d8b78a034.roa
File:                     694cc990-6ba0-42d8-90f9-1c5d8b78a034.roa (raw, json)
Hash identifier:          KHCei/LG9MjBwGGs+MG2oT8sC22XMg/KQcJdCpUisQA=
Subject key identifier:   96:D4:72:E9:A4:58:B8:4C:E5:CB:62:96:31:1F:56:CE:16:B9:CB:75
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6E3D7A095B46768B59900BDC902B7E778C8810C1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/694cc990-6ba0-42d8-90f9-1c5d8b78a034.roa
Signing time:             Sat 18 Oct 2025 01:20:58 +0000
ROA not before:           Sat 18 Oct 2025 01:20:58 +0000
ROA not after:            Sat 22 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        69.81.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:3d:7a:09:5b:46:76:8b:59:90:0b:dc:90:2b:7e:77:8c:88:10:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 18 01:20:58 2025 GMT
            Not After : Nov 22 23:59:59 2025 GMT
        Subject: serialNumber=a12b3e64bcc69a49dfb5246e7c387b1140250904720cdf5c9f3db754e7e37d08, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:4b:5d:25:6a:8c:47:33:f7:c4:7b:56:b1:de:
                    bd:0f:86:17:63:8f:13:20:1b:3e:f8:cb:5a:0e:49:
                    21:40:7c:0b:25:17:3d:7b:55:0a:4f:ec:64:f8:cf:
                    e7:e4:55:39:f3:7f:c6:67:ae:3c:0b:32:ff:63:c7:
                    08:58:0f:ec:34:bc:6e:0a:d5:33:02:ab:f9:71:d5:
                    df:9e:67:92:b3:f8:c9:18:bd:87:75:13:68:20:44:
                    f1:81:09:3e:b2:9b:ec:8f:79:fc:9c:ff:00:9c:aa:
                    51:62:90:fa:dd:d0:b0:d3:4e:c4:8e:17:21:0e:64:
                    b2:48:b2:4e:da:58:59:74:2e:b7:55:0a:dc:ae:cf:
                    cd:89:4d:4f:2c:f5:25:24:86:c5:10:b6:a5:c4:cd:
                    87:ba:8b:b5:7c:39:16:75:e3:f5:4d:a5:16:3b:cd:
                    e5:f7:a6:7a:70:27:fc:cb:3a:2a:7c:85:a2:b7:75:
                    51:f4:b8:ef:8b:c2:a6:7e:88:31:a5:ba:11:61:42:
                    a9:b4:34:66:13:43:32:a4:0d:5e:ec:eb:ba:4d:e9:
                    6a:a2:a9:7f:00:a9:11:50:0e:06:aa:7b:8c:d4:4e:
                    69:25:d8:fe:9b:b2:57:7f:29:02:9d:63:7a:c8:e7:
                    e5:d1:fe:ae:a3:59:8f:77:d3:57:97:f5:82:3f:49:
                    04:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:D4:72:E9:A4:58:B8:4C:E5:CB:62:96:31:1F:56:CE:16:B9:CB:75
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/694cc990-6ba0-42d8-90f9-1c5d8b78a034.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  69.81.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         c9:f9:2d:1a:c5:11:0d:75:95:af:0c:78:6e:31:41:ec:dc:9c:
         31:9f:29:60:21:cb:ad:05:6d:55:30:a0:6c:6a:9f:64:af:98:
         bf:70:a4:32:39:12:c3:03:51:94:1e:ba:40:33:a7:91:28:74:
         fa:98:15:c1:fa:41:6b:28:bd:4d:9e:04:02:c5:ad:ef:f7:81:
         ae:da:fc:db:a3:85:26:89:8a:1d:78:a6:0d:0e:31:77:cd:fb:
         3d:54:da:88:f4:cc:28:14:29:7f:c8:1a:68:52:2a:ee:93:4a:
         7d:4f:ff:03:a0:3a:c2:03:9b:6c:a9:d4:0d:fa:51:e9:19:03:
         87:45:08:5d:ed:3a:bd:8b:5b:9b:0b:2b:56:02:56:25:c9:91:
         fd:ac:31:00:dc:c1:d2:b5:c5:cf:79:b1:97:68:f3:9e:9f:6c:
         ad:ab:4b:45:39:a5:c8:12:79:d7:f6:d2:62:c0:8b:00:f6:06:
         f4:c9:59:69:59:36:d1:e1:a9:26:c5:23:28:04:14:10:e5:af:
         23:7a:3a:87:51:ba:a8:d7:2f:83:ea:22:79:be:f7:77:14:b6:
         29:3d:cc:93:65:25:fe:45:0a:82:fd:78:0f:0d:86:33:29:e3:
         83:4a:2b:f8:ae:2c:15:4c:da:c2:80:27:c2:09:60:33:88:7a:
         b7:6e:a9:7b
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUbj16CVtGdotZkAvckCt+d4yIEMEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE4MDEyMDU4WhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0BhMTJiM2U2NGJjYzY5YTQ5ZGZiNTI0NmU3YzM4N2IxMTQw
MjUwOTA0NzIwY2RmNWM5ZjNkYjc1NGU3ZTM3ZDA4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFS10laoxHM/fEe1ax3r0PhhdjjxMgGz74y1oOSSFAfAsl
Fz17VQpP7GT4z+fkVTnzf8ZnrjwLMv9jxwhYD+w0vG4K1TMCq/lx1d+eZ5Kz+MkY
vYd1E2ggRPGBCT6ym+yPefyc/wCcqlFikPrd0LDTTsSOFyEOZLJIsk7aWFl0LrdV
Ctyuz82JTU8s9SUkhsUQtqXEzYe6i7V8ORZ14/VNpRY7zeX3pnpwJ/zLOip8haK3
dVH0uO+LwqZ+iDGluhFhQqm0NGYTQzKkDV7s67pN6WqiqX8AqRFQDgaqe4zUTmkl
2P6bsld/KQKdY3rI5+XR/q6jWY9301eX9YI/SQT1AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUltRy6aRYuEzly2KWMR9Wzha5y3UwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY5NGNjOTkwLTZiYTAtNDJkOC05MGY5LTFjNWQ4Yjc4YTAzNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBFUTANBgkqhkiG9w0BAQsFAAOCAQEAyfktGsURDXWVrwx4bjFB7NycMZ8p
YCHLrQVtVTCgbGqfZK+Yv3CkMjkSwwNRlB66QDOnkSh0+pgVwfpBayi9TZ4EAsWt
7/eBrtr826OFJomKHXimDQ4xd837PVTaiPTMKBQpf8gaaFIq7pNKfU//A6A6wgOb
bKnUDfpR6RkDh0UIXe06vYtbmwsrVgJWJcmR/awxANzB0rXFz3mxl2jznp9sratL
RTmlyBJ51/bSYsCLAPYG9MlZaVk20eGpJsUjKAQUEOWvI3o6h1G6qNcvg+oieb73
dxS2KT3Mk2Ul/kUKgv14Dw2GMynjg0or+K4sFUzawoAnwglgM4h6t26pew==
-----END CERTIFICATE-----