Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/74262974-ff83-4dd1-b926-8b9b458163a4.roa
File:                     74262974-ff83-4dd1-b926-8b9b458163a4.roa (raw, json)
Hash identifier:          mVoqOdsuWEeu92IFyL+ExpO8SuuH9qa4oQkkbIl2mfU=
Subject key identifier:   1B:14:35:B5:C2:86:FA:64:6C:91:38:5B:B4:8F:16:A0:2D:61:B7:03
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6AB36189C9805A0FD4DE1C3051862DB5F1F2A6AB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/74262974-ff83-4dd1-b926-8b9b458163a4.roa
Signing time:             Tue 07 Oct 2025 15:01:14 +0000
ROA not before:           Tue 07 Oct 2025 15:01:14 +0000
ROA not after:            Tue 11 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.32.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:b3:61:89:c9:80:5a:0f:d4:de:1c:30:51:86:2d:b5:f1:f2:a6:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  7 15:01:14 2025 GMT
            Not After : Nov 11 23:59:59 2025 GMT
        Subject: serialNumber=e36d1e3410d06c4d452613f29e05bcedb065b0fc09d2fb78342860d8a6f090d6, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:0c:cf:71:6f:8f:c4:73:2b:75:4a:50:ca:13:
                    ae:40:96:e3:ce:6c:97:c8:ff:1d:dd:d1:e9:07:e9:
                    df:49:9e:8c:ab:5e:30:56:69:ab:cb:da:2e:a4:59:
                    66:50:b1:4c:af:7d:2d:d5:45:6e:b8:40:35:ba:36:
                    f6:5b:6f:4a:f6:06:19:67:93:b0:fa:b4:a9:45:a2:
                    f3:7a:b9:88:69:e8:42:8d:4f:2c:e7:76:e7:ab:c5:
                    29:ce:04:f0:46:ca:c0:c2:47:34:ac:b9:a6:a6:85:
                    67:91:fb:78:45:31:29:e9:84:73:4a:22:af:2f:1a:
                    42:b3:d8:84:10:d7:3f:52:79:2f:22:d7:5d:85:d1:
                    ca:c9:bd:db:f2:f0:c4:9e:14:b3:e2:1b:2a:21:37:
                    87:7c:0b:f6:63:5d:59:33:fd:f9:8a:64:c3:ae:1d:
                    54:b1:59:ff:ce:57:f5:c7:dc:8a:e0:25:89:fa:a9:
                    36:90:28:98:a3:af:9c:44:15:93:f5:a8:38:f9:6e:
                    83:d6:69:07:c1:08:b0:25:5e:04:ef:43:00:23:b7:
                    2c:c8:c6:4b:6e:36:c6:7a:94:77:82:51:ec:5a:bf:
                    18:59:d9:2f:2b:1c:05:5e:ee:a7:21:52:52:b3:e0:
                    9f:2c:88:bd:23:55:05:8c:52:e0:6f:e5:0e:47:b3:
                    42:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:14:35:B5:C2:86:FA:64:6C:91:38:5B:B4:8F:16:A0:2D:61:B7:03
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/74262974-ff83-4dd1-b926-8b9b458163a4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.32.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         1d:53:c3:46:d0:28:b0:f1:64:04:b8:7b:50:43:4e:75:69:b5:
         81:c4:b2:20:91:03:97:8d:8c:8c:25:87:a5:43:06:6f:8e:0a:
         32:c3:c5:b8:d5:92:96:e6:44:dd:5d:ed:63:5b:a4:52:76:49:
         bb:6a:c8:6c:04:35:b6:66:f3:06:f6:0d:b7:1d:00:99:1c:ea:
         f0:0f:cb:81:ba:65:2f:68:a4:cb:13:a3:8e:eb:a3:64:c6:24:
         73:2a:1c:e8:87:39:23:18:9c:29:36:e3:15:8e:ed:31:15:5b:
         b7:9e:8a:62:12:10:31:12:7f:b8:61:69:02:cc:aa:2f:ec:d5:
         02:b5:90:3a:aa:ff:22:f6:24:d1:3f:84:ac:68:99:f6:8b:48:
         78:65:83:f0:88:ef:f4:33:46:4b:e4:89:87:40:b6:db:0a:08:
         0c:45:c8:fa:d1:1f:ea:d3:96:d9:8f:38:00:0a:f8:23:0a:51:
         a8:8f:2a:09:3a:68:c3:d7:97:67:23:48:c6:42:f8:a5:72:28:
         02:4b:5e:04:1f:2c:69:b6:96:a6:97:30:19:92:dd:70:19:bb:
         fc:cd:14:a4:4d:71:b2:6d:8d:03:d6:12:a3:fa:38:79:da:f5:
         b3:27:a4:41:0f:74:53:e4:08:e9:07:1a:e4:c0:ae:8a:a4:fb:
         6a:41:1e:30
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUarNhicmAWg/U3hwwUYYttfHypqswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA3MTUwMTE0WhcNMjUxMTExMjM1OTU5
WjB6MUkwRwYDVQQFE0BlMzZkMWUzNDEwZDA2YzRkNDUyNjEzZjI5ZTA1YmNlZGIw
NjViMGZjMDlkMmZiNzgzNDI4NjBkOGE2ZjA5MGQ2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDVDM9xb4/Ecyt1SlDKE65AluPObJfI/x3d0ekH6d9Jnoyr
XjBWaavL2i6kWWZQsUyvfS3VRW64QDW6NvZbb0r2Bhlnk7D6tKlFovN6uYhp6EKN
TyznduerxSnOBPBGysDCRzSsuaamhWeR+3hFMSnphHNKIq8vGkKz2IQQ1z9SeS8i
112F0crJvdvy8MSeFLPiGyohN4d8C/ZjXVkz/fmKZMOuHVSxWf/OV/XH3IrgJYn6
qTaQKJijr5xEFZP1qDj5boPWaQfBCLAlXgTvQwAjtyzIxktuNsZ6lHeCUexavxhZ
2S8rHAVe7qchUlKz4J8siL0jVQWMUuBv5Q5Hs0IxAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUGxQ1tcKG+mRskThbtI8WoC1htwMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc0MjYyOTc0LWZmODMtNGRkMS1iOTI2LThiOWI0NTgxNjNhNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4IDANBgkqhkiG9w0BAQsFAAOCAQEAHVPDRtAosPFkBLh7UENOdWm1gcSy
IJEDl42MjCWHpUMGb44KMsPFuNWSluZE3V3tY1ukUnZJu2rIbAQ1tmbzBvYNtx0A
mRzq8A/LgbplL2ikyxOjjuujZMYkcyoc6Ic5IxicKTbjFY7tMRVbt56KYhIQMRJ/
uGFpAsyqL+zVArWQOqr/IvYk0T+ErGiZ9otIeGWD8Ijv9DNGS+SJh0C22woIDEXI
+tEf6tOW2Y84AAr4IwpRqI8qCTpow9eXZyNIxkL4pXIoAkteBB8sabaWppcwGZLd
cBm7/M0UpE1xsm2NA9YSo/o4edr1syekQQ90U+QI6Qca5MCuiqT7akEeMA==
-----END CERTIFICATE-----