Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/75dc0196-dbba-412b-92e6-c3cb6a606623.roa
File:                     75dc0196-dbba-412b-92e6-c3cb6a606623.roa (raw, json)
Hash identifier:          qC4aE3cOWWE8IHVnE2wgoewJzPMNVHLVBE8Wc9Q2Uy8=
Subject key identifier:   72:59:85:35:23:6C:6D:A0:38:C3:12:59:A2:F9:63:92:A3:CB:4B:65
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5AC6F0C89FB86B4BCF9C7EE7CB631B019917078D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/75dc0196-dbba-412b-92e6-c3cb6a606623.roa
Signing time:             Tue 07 Oct 2025 00:51:52 +0000
ROA not before:           Tue 07 Oct 2025 00:51:52 +0000
ROA not after:            Tue 11 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.145.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:c6:f0:c8:9f:b8:6b:4b:cf:9c:7e:e7:cb:63:1b:01:99:17:07:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  7 00:51:52 2025 GMT
            Not After : Nov 11 23:59:59 2025 GMT
        Subject: serialNumber=9d985dffd8544ab8c06923d7ac164a4982f0ee0f65d3b0edd1983ff4bcfd1430, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:18:b7:07:47:fb:e4:2b:8e:db:7d:e1:3a:eb:
                    dd:38:26:fa:51:66:1c:66:ed:72:bb:3d:3d:a4:b0:
                    e8:f5:b5:3c:ac:3b:f8:e0:de:63:a2:cd:14:5b:dc:
                    9c:3c:37:49:8e:c4:66:fe:d4:9b:e6:b7:a7:c8:e1:
                    45:61:c4:af:23:7c:88:3b:b9:95:41:2a:25:b5:b8:
                    a2:e0:7e:da:e4:13:89:d9:03:96:ef:4d:66:0c:44:
                    28:dd:0a:f2:6b:d6:d7:6a:31:16:b2:be:ea:f8:3d:
                    15:d4:f1:d7:47:40:dd:67:86:c7:d3:80:12:35:57:
                    e1:c9:16:be:fc:af:88:78:34:9e:e5:bd:e4:20:9c:
                    c2:fc:b2:f1:9c:e1:3e:1c:fe:c6:cb:3f:48:0d:dc:
                    ee:de:66:65:c9:92:b1:39:ef:29:57:46:12:67:63:
                    d8:82:74:a5:42:d5:37:59:88:10:a9:b0:63:8c:cd:
                    26:ca:3c:69:f7:07:e0:27:8b:89:d1:bd:43:be:49:
                    a5:15:fa:08:b2:04:3e:c8:e3:cf:ca:e7:92:4f:1f:
                    f7:f3:e4:8e:73:dc:f5:30:0f:76:36:a5:35:7a:2d:
                    9f:94:38:5a:80:89:3a:b8:4e:b2:c8:31:f0:2a:94:
                    9b:78:8e:a0:c1:24:df:b2:1f:62:df:10:48:f3:f4:
                    bf:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:59:85:35:23:6C:6D:A0:38:C3:12:59:A2:F9:63:92:A3:CB:4B:65
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/75dc0196-dbba-412b-92e6-c3cb6a606623.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.145.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         c9:88:62:e4:e7:22:66:ce:7a:7c:18:fa:74:99:05:f0:3d:89:
         0f:7f:53:06:92:35:56:69:2f:de:d4:0f:8d:0e:bf:a1:c2:7b:
         b4:8a:07:a2:ca:9a:db:87:28:22:96:f0:60:ad:19:c1:03:c7:
         a6:94:56:68:7a:00:39:70:79:ec:be:f9:60:b1:23:06:4c:1f:
         a4:fd:c0:58:e6:e9:d9:ca:93:e2:4c:b2:fc:80:a5:f1:86:91:
         66:cb:30:7c:d0:fc:2a:e7:2f:07:8d:37:0c:3e:4a:06:c2:ed:
         cd:2c:1f:18:a8:51:a2:68:14:b1:97:60:5c:47:75:37:66:c7:
         51:79:44:be:ef:d4:92:21:98:5c:bc:a3:19:c7:1c:d5:91:85:
         7f:29:23:cc:ff:ca:cf:25:25:25:7d:90:aa:01:d3:de:e4:a2:
         ab:da:c5:4a:e5:61:94:b8:3e:b3:ee:20:65:42:7d:79:f5:fc:
         8c:75:92:bb:f9:cc:0d:9f:69:db:af:0d:9d:19:a3:3c:52:60:
         9e:a3:bf:d7:9f:fb:b7:e8:96:5e:7a:ae:ff:5e:76:8a:ec:9a:
         06:53:d7:bd:30:2f:6a:fe:e9:49:c6:a4:1b:12:eb:60:46:59:
         26:15:70:4b:95:7c:e9:c9:fe:98:b1:39:23:1e:5e:c7:24:48:
         0f:53:b7:69
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUWsbwyJ+4a0vPnH7ny2MbAZkXB40wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA3MDA1MTUyWhcNMjUxMTExMjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZDk4NWRmZmQ4NTQ0YWI4YzA2OTIzZDdhYzE2NGE0OTgy
ZjBlZTBmNjVkM2IwZWRkMTk4M2ZmNGJjZmQxNDMwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCkGLcHR/vkK47bfeE66904JvpRZhxm7XK7PT2ksOj1tTys
O/jg3mOizRRb3Jw8N0mOxGb+1Jvmt6fI4UVhxK8jfIg7uZVBKiW1uKLgftrkE4nZ
A5bvTWYMRCjdCvJr1tdqMRayvur4PRXU8ddHQN1nhsfTgBI1V+HJFr78r4h4NJ7l
veQgnML8svGc4T4c/sbLP0gN3O7eZmXJkrE57ylXRhJnY9iCdKVC1TdZiBCpsGOM
zSbKPGn3B+Ani4nRvUO+SaUV+giyBD7I48/K55JPH/fz5I5z3PUwD3Y2pTV6LZ+U
OFqAiTq4TrLIMfAqlJt4jqDBJN+yH2LfEEjz9L/lAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUclmFNSNsbaA4wxJZovljkqPLS2UwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc1ZGMwMTk2LWRiYmEtNDEyYi05MmU2LWMzY2I2YTYwNjYyMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4kTANBgkqhkiG9w0BAQsFAAOCAQEAyYhi5OciZs56fBj6dJkF8D2JD39T
BpI1Vmkv3tQPjQ6/ocJ7tIoHosqa24coIpbwYK0ZwQPHppRWaHoAOXB57L75YLEj
BkwfpP3AWObp2cqT4kyy/ICl8YaRZsswfND8KucvB403DD5KBsLtzSwfGKhRomgU
sZdgXEd1N2bHUXlEvu/UkiGYXLyjGccc1ZGFfykjzP/KzyUlJX2QqgHT3uSiq9rF
SuVhlLg+s+4gZUJ9efX8jHWSu/nMDZ9p268NnRmjPFJgnqO/15/7t+iWXnqu/152
iuyaBlPXvTAvav7pScakGxLrYEZZJhVwS5V86cn+mLE5Ix5exyRID1O3aQ==
-----END CERTIFICATE-----