Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6b2ba44e-fd81-42fb-85ce-0e8a0c8d5c37.roa
File:                     6b2ba44e-fd81-42fb-85ce-0e8a0c8d5c37.roa (raw, json)
Hash identifier:          44lLukv1ukmXIqBh3yDo1Md4viyPRrSKYLPiEWKsSUs=
Subject key identifier:   35:C0:7F:61:57:5C:95:60:0F:E8:60:E6:18:99:60:A6:26:5B:49:AF
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       714AAE6FB6C32D3FB8C42A191F5729DD7BBFFDA6
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6b2ba44e-fd81-42fb-85ce-0e8a0c8d5c37.roa
Signing time:             Tue 30 Sep 2025 00:02:07 +0000
ROA not before:           Tue 30 Sep 2025 00:02:07 +0000
ROA not after:            Tue 04 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.166.0.0/15 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:4a:ae:6f:b6:c3:2d:3f:b8:c4:2a:19:1f:57:29:dd:7b:bf:fd:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 30 00:02:07 2025 GMT
            Not After : Nov  4 23:59:59 2025 GMT
        Subject: serialNumber=9db781ee53803063167ac87cbc7d0189341b7a5bfde0d6d7f5ba65f260a35c03, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:a3:d0:ea:71:f4:37:66:76:1a:11:90:cd:90:
                    6c:49:61:54:1b:6b:a8:bc:98:3b:55:cb:5b:5c:ac:
                    9e:da:5c:48:66:37:d3:e9:73:ed:8d:c7:7f:90:86:
                    fb:d0:6f:be:ec:6e:43:8e:2f:3b:48:b0:a0:79:8a:
                    89:fa:b3:e6:42:9b:22:15:db:97:b5:50:f7:10:98:
                    ae:03:18:4a:8f:01:01:76:5b:1b:9d:a5:1a:86:11:
                    fa:64:97:a5:61:8c:74:a5:22:2d:0d:c4:9e:9f:73:
                    a2:9a:21:f0:f0:d6:12:a7:c8:91:0a:04:c0:3d:62:
                    a5:79:b5:54:a9:3f:65:98:00:51:be:01:ef:1e:f4:
                    02:33:95:5e:81:b1:44:4e:7b:03:f1:94:a1:ea:e7:
                    66:a6:1b:2c:53:a0:67:78:1a:e5:c6:b8:20:66:69:
                    c8:35:8f:bd:8d:69:a1:f1:77:72:db:55:49:db:65:
                    03:e5:ed:a6:8d:9b:2f:8d:4b:b2:fa:9e:64:d3:ef:
                    24:cc:4e:4a:d7:3b:59:9b:b8:31:4a:c6:76:dc:7e:
                    63:27:6e:a7:35:85:53:ba:4c:45:93:5e:87:53:a9:
                    c7:80:e4:28:ec:9b:6e:3f:6c:a3:0b:10:c0:fe:99:
                    98:73:eb:3b:2e:7d:bc:84:33:20:b6:fc:c0:0f:ed:
                    22:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:C0:7F:61:57:5C:95:60:0F:E8:60:E6:18:99:60:A6:26:5B:49:AF
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6b2ba44e-fd81-42fb-85ce-0e8a0c8d5c37.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.166.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         7d:91:0e:bf:49:e6:95:de:20:43:91:0e:5b:64:79:8d:98:10:
         dd:e3:83:aa:29:4f:7b:b8:cd:39:54:c0:2f:b7:d7:e4:11:d6:
         44:cd:fb:77:28:f0:31:b4:17:fd:67:10:7e:34:58:8b:29:b7:
         ba:7e:d5:be:2b:71:93:2b:64:74:41:a3:21:71:cc:f5:81:12:
         a2:51:36:05:9f:5a:40:e5:b1:1e:60:37:0d:9f:37:10:cd:ea:
         8e:5b:06:3f:4a:da:14:c7:70:e6:dd:b1:36:cc:fe:a1:ca:a9:
         8d:25:ba:4c:ee:65:b7:cd:75:63:cb:c5:22:f1:34:9c:1c:14:
         c9:7c:69:73:d0:cb:d4:4a:cc:93:7b:ef:90:c8:94:3f:21:ba:
         5f:40:d1:72:fe:e7:34:6d:01:89:6b:59:b1:cc:ac:00:f1:51:
         1e:c9:a8:87:8b:1b:82:1f:de:18:30:82:60:cb:73:cd:c4:a8:
         3c:99:64:46:f4:ab:b7:47:f0:ea:86:be:02:54:df:05:b7:0a:
         f8:7f:c4:46:66:4a:67:38:4e:64:48:94:10:75:43:b2:53:8e:
         26:53:d8:75:0e:98:ac:92:65:24:e7:10:a8:ba:c8:26:ea:d3:
         02:51:0f:82:b3:f5:89:0a:52:79:a7:7a:bb:fe:17:1e:7f:0d:
         ff:1d:e0:18
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUcUqub7bDLT+4xCoZH1cp3Xu//aYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTMwMDAwMjA3WhcNMjUxMTA0MjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZGI3ODFlZTUzODAzMDYzMTY3YWM4N2NiYzdkMDE4OTM0
MWI3YTViZmRlMGQ2ZDdmNWJhNjVmMjYwYTM1YzAzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCio9DqcfQ3ZnYaEZDNkGxJYVQba6i8mDtVy1tcrJ7aXEhm
N9Ppc+2Nx3+QhvvQb77sbkOOLztIsKB5ion6s+ZCmyIV25e1UPcQmK4DGEqPAQF2
WxudpRqGEfpkl6VhjHSlIi0NxJ6fc6KaIfDw1hKnyJEKBMA9YqV5tVSpP2WYAFG+
Ae8e9AIzlV6BsUROewPxlKHq52amGyxToGd4GuXGuCBmacg1j72NaaHxd3LbVUnb
ZQPl7aaNmy+NS7L6nmTT7yTMTkrXO1mbuDFKxnbcfmMnbqc1hVO6TEWTXodTqceA
5Cjsm24/bKMLEMD+mZhz6zsufbyEMyC2/MAP7SIVAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUNcB/YVdclWAP6GDmGJlgpiZbSa8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZiMmJhNDRlLWZkODEtNDJmYi04NWNlLTBlOGEwYzhkNWMzNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwENpjANBgkqhkiG9w0BAQsFAAOCAQEAfZEOv0nmld4gQ5EOW2R5jZgQ3eOD
qilPe7jNOVTAL7fX5BHWRM37dyjwMbQX/WcQfjRYiym3un7VvitxkytkdEGjIXHM
9YESolE2BZ9aQOWxHmA3DZ83EM3qjlsGP0raFMdw5t2xNsz+ocqpjSW6TO5lt811
Y8vFIvE0nBwUyXxpc9DL1ErMk3vvkMiUPyG6X0DRcv7nNG0BiWtZscysAPFRHsmo
h4sbgh/eGDCCYMtzzcSoPJlkRvSrt0fw6oa+AlTfBbcK+H/ERmZKZzhOZEiUEHVD
slOOJlPYdQ6YrJJlJOcQqLrIJurTAlEPgrP1iQpSead6u/4XHn8N/x3gGA==
-----END CERTIFICATE-----