Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6a459199-d80a-4790-b99e-d7e340b000a0.roa
File:                     6a459199-d80a-4790-b99e-d7e340b000a0.roa (raw, json)
Hash identifier:          qlcBHDJPevD3Kjd/4iizLh7wME8D9Ij/xm8MqJKr4rg=
Subject key identifier:   84:32:D7:12:F4:33:83:23:BB:D4:A0:AC:60:34:82:79:75:4C:1E:CA
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       550043B4258FB7761B423B188F6B41F08CE5D2EE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6a459199-d80a-4790-b99e-d7e340b000a0.roa
Signing time:             Wed 01 Oct 2025 00:40:29 +0000
ROA not before:           Wed 01 Oct 2025 00:40:29 +0000
ROA not after:            Wed 05 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.184.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:00:43:b4:25:8f:b7:76:1b:42:3b:18:8f:6b:41:f0:8c:e5:d2:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  1 00:40:29 2025 GMT
            Not After : Nov  5 23:59:59 2025 GMT
        Subject: serialNumber=38c13dace3ee499a1d9e3cf92e5d566dbca6d950336aee97a0a257582367e99f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:12:1e:53:db:80:57:6c:10:ad:b2:39:23:69:
                    bf:1d:da:32:94:e9:77:00:7e:79:f0:dd:0c:e3:a5:
                    27:86:96:08:83:aa:30:40:60:31:0e:7f:1e:43:27:
                    d7:03:e1:66:21:d7:31:52:f8:1e:a1:a8:58:11:2a:
                    4e:0a:dc:c1:47:99:f6:19:39:bf:b3:58:cd:6f:49:
                    2f:d3:86:6c:72:6e:5a:46:20:fd:20:71:bd:6e:68:
                    f5:ee:27:7a:cf:1b:58:18:98:da:19:0e:df:85:ef:
                    ac:07:82:79:5c:2c:4f:70:c6:bb:1f:89:40:75:56:
                    3c:f9:87:63:38:3d:95:c9:50:17:43:bc:be:ca:84:
                    36:bd:d4:54:57:51:ea:7b:31:84:d0:25:49:bc:64:
                    7d:fc:b1:e6:90:ab:22:89:f6:4a:40:38:29:09:93:
                    9f:08:0b:36:02:c6:6b:11:4c:ae:23:ff:20:0b:12:
                    93:dd:db:59:82:b4:df:1a:f0:81:f1:02:00:dc:6f:
                    ef:1b:44:48:b5:93:9c:45:22:91:8e:b9:5a:f9:68:
                    52:d3:de:0b:db:41:45:b0:53:6e:4a:53:6e:d8:b5:
                    0a:2b:1e:62:36:67:a6:05:74:95:ec:1a:48:c2:17:
                    e7:03:b6:2c:d4:ed:f2:c0:78:c3:41:91:40:57:a1:
                    3c:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:32:D7:12:F4:33:83:23:BB:D4:A0:AC:60:34:82:79:75:4C:1E:CA
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6a459199-d80a-4790-b99e-d7e340b000a0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.184.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         08:95:3d:db:59:bb:57:7f:3a:58:a5:4f:a0:ce:3d:ea:4c:bb:
         75:2f:1c:c3:20:f1:3b:89:fa:36:0f:f0:ef:9b:09:f2:d8:f0:
         3a:5d:2e:42:73:e7:49:fe:88:8f:02:fc:0a:61:38:89:b2:24:
         6e:29:f5:01:7a:9a:d1:24:97:c7:b7:1f:00:06:23:02:32:87:
         29:26:d0:17:76:8f:27:2b:73:c8:b9:60:f9:11:2b:39:02:e1:
         32:0c:c5:b6:7b:03:51:9b:c5:32:a6:5e:0c:94:25:26:4c:9f:
         d6:d6:68:4f:3c:0d:1d:72:62:2d:65:b9:2d:70:87:8e:50:68:
         90:58:ae:21:2d:69:0f:86:c4:a8:15:17:da:f6:1e:b9:0b:1b:
         27:91:e9:ed:13:cb:b1:6f:2a:f8:f1:f9:5c:71:7f:23:12:98:
         42:e5:98:86:fa:df:25:72:fe:c3:fe:fb:68:48:e3:c6:b3:a7:
         65:da:11:71:35:9a:fc:c4:d0:93:8a:6d:65:83:e8:33:00:17:
         aa:e3:98:7e:22:7b:db:72:5f:78:e7:d9:66:61:b2:43:2d:dd:
         6e:9f:6f:73:2b:96:4d:47:c3:dd:e6:fc:f1:b9:36:9a:f1:8c:
         30:78:3e:c3:1e:14:08:14:02:d4:a2:36:cc:13:ac:fe:35:36:
         f1:7a:e9:9c
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUVQBDtCWPt3YbQjsYj2tB8Izl0u4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDA0MDI5WhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0AzOGMxM2RhY2UzZWU0OTlhMWQ5ZTNjZjkyZTVkNTY2ZGJj
YTZkOTUwMzM2YWVlOTdhMGEyNTc1ODIzNjdlOTlmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQChEh5T24BXbBCtsjkjab8d2jKU6XcAfnnw3QzjpSeGlgiD
qjBAYDEOfx5DJ9cD4WYh1zFS+B6hqFgRKk4K3MFHmfYZOb+zWM1vSS/ThmxyblpG
IP0gcb1uaPXuJ3rPG1gYmNoZDt+F76wHgnlcLE9wxrsfiUB1Vjz5h2M4PZXJUBdD
vL7KhDa91FRXUep7MYTQJUm8ZH38seaQqyKJ9kpAOCkJk58ICzYCxmsRTK4j/yAL
EpPd21mCtN8a8IHxAgDcb+8bREi1k5xFIpGOuVr5aFLT3gvbQUWwU25KU27YtQor
HmI2Z6YFdJXsGkjCF+cDtizU7fLAeMNBkUBXoTwhAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUhDLXEvQzgyO71KCsYDSCeXVMHsowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZhNDU5MTk5LWQ4MGEtNDc5MC1iOTllLWQ3ZTM0MGIwMDBhMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4uDANBgkqhkiG9w0BAQsFAAOCAQEACJU921m7V386WKVPoM496ky7dS8c
wyDxO4n6Ng/w75sJ8tjwOl0uQnPnSf6IjwL8CmE4ibIkbin1AXqa0SSXx7cfAAYj
AjKHKSbQF3aPJytzyLlg+RErOQLhMgzFtnsDUZvFMqZeDJQlJkyf1tZoTzwNHXJi
LWW5LXCHjlBokFiuIS1pD4bEqBUX2vYeuQsbJ5Hp7RPLsW8q+PH5XHF/IxKYQuWY
hvrfJXL+w/77aEjjxrOnZdoRcTWa/MTQk4ptZYPoMwAXquOYfiJ723JfeOfZZmGy
Qy3dbp9vcyuWTUfD3eb88bk2mvGMMHg+wx4UCBQC1KI2zBOs/jU28XrpnA==
-----END CERTIFICATE-----