Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7ce12edc-d9e5-4134-8d2a-6df36d0b2515.roa
File:                     7ce12edc-d9e5-4134-8d2a-6df36d0b2515.roa (raw, json)
Hash identifier:          q5La0cA4D8ZEuoJriK7oU8NRNznXNyv0FCaurHR6WqA=
Subject key identifier:   36:6F:15:D9:F9:3D:41:35:2D:F6:9C:66:31:8E:6F:50:8F:7E:16:48
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       20AEE648F6D8A68F3ECDA1209B9559D45B6B6993
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7ce12edc-d9e5-4134-8d2a-6df36d0b2515.roa
Signing time:             Mon 06 Oct 2025 16:12:00 +0000
ROA not before:           Mon 06 Oct 2025 16:12:00 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        44.215.76.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:ae:e6:48:f6:d8:a6:8f:3e:cd:a1:20:9b:95:59:d4:5b:6b:69:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  6 16:12:00 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=4f3bf0f6fb884efe7e804cfc89d89d773f66a5894053d3ccebf915a4b5b3a7ab, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:e9:0f:d0:90:67:fa:7b:ed:a2:5e:cb:bb:75:
                    82:cb:d5:90:9b:81:b8:b0:9b:f2:1c:08:9f:29:a0:
                    03:5d:82:ea:23:18:0c:15:77:00:67:89:88:68:9c:
                    75:6a:ef:21:77:4f:3c:de:0a:65:e0:a4:74:9d:2a:
                    5b:04:03:00:16:5e:8e:a6:4e:da:23:2d:95:76:15:
                    91:e3:bc:da:ed:6e:03:cd:b0:3e:e9:8b:c5:76:ed:
                    da:26:a9:37:93:59:b2:11:e4:df:c4:38:7b:05:8f:
                    67:e9:38:76:c9:41:fb:71:0b:3f:76:12:8c:99:d8:
                    82:d2:6b:f5:45:28:04:42:43:f3:da:37:fc:8b:0d:
                    03:dc:32:f0:3d:ed:90:17:b3:15:ce:42:23:93:1b:
                    00:39:cf:ae:c6:6e:d0:42:8c:87:21:0b:d0:f6:e7:
                    d1:ed:67:4b:ee:fa:a0:4c:8a:c9:83:41:94:c5:df:
                    c0:7a:3a:d2:7d:f6:90:f9:88:e1:4e:e4:c4:1d:2a:
                    e9:e8:42:c9:b0:90:c1:f2:f7:f3:12:68:92:07:57:
                    de:2f:11:7f:3f:a8:a9:e5:7d:15:fd:ce:36:ab:24:
                    62:11:21:12:f6:46:79:94:e3:c6:12:bf:3b:11:f1:
                    bd:b3:62:e3:5d:80:16:7d:21:9f:90:85:0e:36:ca:
                    ca:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:6F:15:D9:F9:3D:41:35:2D:F6:9C:66:31:8E:6F:50:8F:7E:16:48
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7ce12edc-d9e5-4134-8d2a-6df36d0b2515.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  44.215.76.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b1:9a:c1:69:ec:14:14:2f:3c:03:06:b9:22:43:e6:c8:71:9e:
         39:33:70:30:15:25:c0:54:76:20:87:6f:80:8c:1c:40:38:81:
         ee:17:60:09:ae:dc:43:1c:eb:ee:52:46:0b:4a:aa:9e:fb:54:
         25:1a:72:a5:92:98:92:ef:0d:98:f2:c9:ef:f9:7c:81:c5:1c:
         bd:77:34:c3:ed:81:1e:d2:c9:e2:af:28:e1:7d:22:7a:bc:ed:
         72:b5:e0:4e:11:ee:40:08:17:6e:03:dc:26:12:f9:61:4e:cf:
         4f:a8:f6:72:dc:16:7d:7d:af:53:0c:ca:8c:44:1e:57:74:42:
         5d:29:72:18:19:c2:80:d0:f9:d6:c6:0b:59:8e:dd:bc:8e:16:
         59:9c:a4:9b:ab:7a:04:da:4d:9e:08:8c:cf:ef:fa:83:de:9a:
         8b:bc:9c:27:0c:39:b8:ba:13:a6:27:65:ff:f1:ee:25:9a:2f:
         d6:b9:cd:ca:f0:a6:b6:25:f0:a7:3e:d0:00:81:04:f3:4d:3c:
         7b:5c:d8:37:dd:82:8e:67:3c:45:0e:1e:c7:f3:16:22:50:0a:
         47:06:4c:53:99:26:c3:0e:c8:18:0f:63:57:49:ba:9f:db:11:
         80:aa:7b:19:eb:f4:82:59:97:2f:52:98:90:f3:77:85:61:55:
         97:64:60:67
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIK7mSPbYpo8+zaEgm5VZ1FtraZMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA2MTYxMjAwWhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A0ZjNiZjBmNmZiODg0ZWZlN2U4MDRjZmM4OWQ4OWQ3NzNm
NjZhNTg5NDA1M2QzY2NlYmY5MTVhNGI1YjNhN2FiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCo6Q/QkGf6e+2iXsu7dYLL1ZCbgbiwm/IcCJ8poANdguoj
GAwVdwBniYhonHVq7yF3TzzeCmXgpHSdKlsEAwAWXo6mTtojLZV2FZHjvNrtbgPN
sD7pi8V27domqTeTWbIR5N/EOHsFj2fpOHbJQftxCz92EoyZ2ILSa/VFKARCQ/Pa
N/yLDQPcMvA97ZAXsxXOQiOTGwA5z67GbtBCjIchC9D259HtZ0vu+qBMismDQZTF
38B6OtJ99pD5iOFO5MQdKunoQsmwkMHy9/MSaJIHV94vEX8/qKnlfRX9zjarJGIR
IRL2RnmU48YSvzsR8b2zYuNdgBZ9IZ+QhQ42ysr3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUNm8V2fk9QTUt9pxmMY5vUI9+FkgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdjZTEyZWRjLWQ5ZTUtNDEzNC04ZDJhLTZkZjM2ZDBiMjUxNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAs10wwDQYJKoZIhvcNAQELBQADggEBALGawWnsFBQvPAMGuSJD5shxnjkz
cDAVJcBUdiCHb4CMHEA4ge4XYAmu3EMc6+5SRgtKqp77VCUacqWSmJLvDZjyye/5
fIHFHL13NMPtgR7SyeKvKOF9Inq87XK14E4R7kAIF24D3CYS+WFOz0+o9nLcFn19
r1MMyoxEHld0Ql0pchgZwoDQ+dbGC1mO3byOFlmcpJuregTaTZ4IjM/v+oPemou8
nCcMObi6E6YnZf/x7iWaL9a5zcrwprYl8Kc+0ACBBPNNPHtc2Dfdgo5nPEUOHsfz
FiJQCkcGTFOZJsMOyBgPY1dJup/bEYCqexnr9IJZly9SmJDzd4VhVZdkYGc=
-----END CERTIFICATE-----