Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7e937c6a-8e10-4e53-9373-621e5d8a7276.roa
File:                     7e937c6a-8e10-4e53-9373-621e5d8a7276.roa (raw, json)
Hash identifier:          9D4hMml59ouaqxgb/3s4iDfA46EuSu+7BhPRwta69Jw=
Subject key identifier:   44:D4:D6:DE:03:2F:15:17:2E:DE:D3:DA:7D:4F:25:F8:B7:91:AF:DA
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       42D831C420E89BD8AC3036BD88BDB712AA35615C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7e937c6a-8e10-4e53-9373-621e5d8a7276.roa
Signing time:             Sun 19 Oct 2025 02:31:59 +0000
ROA not before:           Sun 19 Oct 2025 02:31:59 +0000
ROA not after:            Sun 23 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.216.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:d8:31:c4:20:e8:9b:d8:ac:30:36:bd:88:bd:b7:12:aa:35:61:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 19 02:31:59 2025 GMT
            Not After : Nov 23 23:59:59 2025 GMT
        Subject: serialNumber=a35944121da58ff95b479934a2b150c1afed2a7c858f7e5d8227ebae07549f31, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:3b:ee:7b:6f:e8:7d:58:3c:29:6b:dd:03:df:
                    af:95:65:d3:8e:b1:40:53:aa:ba:43:ed:ed:aa:07:
                    82:bf:83:85:b0:06:3d:c5:ce:04:be:5f:14:a8:94:
                    a4:49:56:10:f1:4a:c0:db:62:23:63:24:40:19:6c:
                    3b:96:7e:40:70:7f:f0:d7:a1:e1:84:ed:c3:f1:5f:
                    db:45:0c:08:b2:93:48:b0:a9:6f:e4:b7:a1:a8:e9:
                    4f:02:b1:57:a3:1a:a5:09:40:e6:91:dc:88:ef:a0:
                    d4:89:e9:39:85:7d:cc:4d:4e:12:a5:27:e8:57:31:
                    4a:18:86:e6:54:19:d4:10:a3:15:fb:2b:97:fe:70:
                    2a:f7:29:97:5c:0d:c2:be:03:e6:4c:93:56:13:73:
                    06:3d:e6:ae:51:fe:e3:9f:1e:97:3f:f9:5a:d2:98:
                    0f:92:93:14:75:43:9d:9a:c0:a6:0b:9b:22:21:71:
                    96:97:fe:1f:99:de:55:60:7b:b4:12:9d:79:5c:e6:
                    6d:e9:82:f6:62:88:fd:99:df:71:be:63:29:89:83:
                    5c:46:1d:42:80:45:a3:e1:b6:5b:6b:a3:84:97:ee:
                    47:55:c6:2d:ca:a6:b3:52:38:9c:73:57:d6:ec:3d:
                    53:7d:29:65:5e:e7:20:53:4f:cb:43:74:7e:5e:f1:
                    f8:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:D4:D6:DE:03:2F:15:17:2E:DE:D3:DA:7D:4F:25:F8:B7:91:AF:DA
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7e937c6a-8e10-4e53-9373-621e5d8a7276.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.216.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         c9:9a:ed:1d:ce:da:87:57:e5:3d:e3:32:e3:d5:cc:8f:13:4a:
         90:39:e5:fe:7c:53:ca:b9:af:e5:bb:6b:0b:e9:29:78:d1:58:
         ca:15:1b:d4:c3:1b:73:68:d9:7e:30:7e:f3:73:e0:a8:dc:2a:
         00:e8:bd:a3:d7:3e:46:71:99:51:99:41:90:f0:cf:fa:26:56:
         fc:22:e7:8b:b0:d1:77:c5:e8:a2:9d:39:35:80:f4:01:0f:27:
         b4:6d:c0:3d:9c:c8:83:66:8a:c8:57:cb:6c:8a:95:4a:3e:a1:
         cf:ef:36:86:c7:d6:bf:6e:e3:72:04:e7:52:67:42:d2:df:f6:
         7d:8a:41:61:a8:60:e4:15:71:17:97:1d:9c:55:0b:27:59:a1:
         2e:4a:a5:b8:12:37:ac:e5:91:ec:8d:fb:16:13:7e:90:5d:7f:
         89:f4:c2:ca:19:a9:15:7b:ac:8e:6e:02:20:76:c8:df:e7:f9:
         04:8e:28:67:93:e3:21:f3:d5:b4:bc:4d:b0:d3:6d:32:82:a2:
         cf:77:b7:ce:77:6a:e5:cd:23:a4:16:00:5a:c6:d5:bc:28:d1:
         e4:0e:bc:b1:8a:40:e4:ed:31:f9:33:a3:28:6a:73:32:17:92:
         cc:76:9c:86:21:ea:ee:4c:91:af:0a:40:ea:9a:63:7a:17:19:
         73:35:fd:d6
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUQtgxxCDom9isMDa9iL23Eqo1YVwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE5MDIzMTU5WhcNMjUxMTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BhMzU5NDQxMjFkYTU4ZmY5NWI0Nzk5MzRhMmIxNTBjMWFm
ZWQyYTdjODU4ZjdlNWQ4MjI3ZWJhZTA3NTQ5ZjMxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDsO+57b+h9WDwpa90D36+VZdOOsUBTqrpD7e2qB4K/g4Ww
Bj3FzgS+XxSolKRJVhDxSsDbYiNjJEAZbDuWfkBwf/DXoeGE7cPxX9tFDAiyk0iw
qW/kt6Go6U8CsVejGqUJQOaR3IjvoNSJ6TmFfcxNThKlJ+hXMUoYhuZUGdQQoxX7
K5f+cCr3KZdcDcK+A+ZMk1YTcwY95q5R/uOfHpc/+VrSmA+SkxR1Q52awKYLmyIh
cZaX/h+Z3lVge7QSnXlc5m3pgvZiiP2Z33G+YymJg1xGHUKARaPhtltro4SX7kdV
xi3KprNSOJxzV9bsPVN9KWVe5yBTT8tDdH5e8fgpAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQURNTW3gMvFRcu3tPafU8l+LeRr9owHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdlOTM3YzZhLThlMTAtNGU1My05MzczLTYyMWU1ZDhhNzI3Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA42DANBgkqhkiG9w0BAQsFAAOCAQEAyZrtHc7ah1flPeMy49XMjxNKkDnl
/nxTyrmv5btrC+kpeNFYyhUb1MMbc2jZfjB+83PgqNwqAOi9o9c+RnGZUZlBkPDP
+iZW/CLni7DRd8Xoop05NYD0AQ8ntG3APZzIg2aKyFfLbIqVSj6hz+82hsfWv27j
cgTnUmdC0t/2fYpBYahg5BVxF5cdnFULJ1mhLkqluBI3rOWR7I37FhN+kF1/ifTC
yhmpFXusjm4CIHbI3+f5BI4oZ5PjIfPVtLxNsNNtMoKiz3e3zndq5c0jpBYAWsbV
vCjR5A68sYpA5O0x+TOjKGpzMheSzHachiHq7kyRrwpA6ppjehcZczX91g==
-----END CERTIFICATE-----