Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8380d874-2759-4ba1-806c-9326aa7dfe55.roa
File:                     8380d874-2759-4ba1-806c-9326aa7dfe55.roa (raw, json)
Hash identifier:          o+Opg0lNwMC4yX989hTdMnCtEuINkn34NFLhn3+uUXY=
Subject key identifier:   54:64:99:EF:C4:2E:84:83:53:68:36:33:02:89:AA:C5:CF:DE:7F:3A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4FBA4DC91C0D0B28452C3AAC70E1AA2EBD8CFA97
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8380d874-2759-4ba1-806c-9326aa7dfe55.roa
Signing time:             Tue 07 Oct 2025 00:52:37 +0000
ROA not before:           Tue 07 Oct 2025 00:52:37 +0000
ROA not after:            Tue 11 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        50.17.192.0/18 maxlen: 18
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:ba:4d:c9:1c:0d:0b:28:45:2c:3a:ac:70:e1:aa:2e:bd:8c:fa:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  7 00:52:37 2025 GMT
            Not After : Nov 11 23:59:59 2025 GMT
        Subject: serialNumber=18b0309b976471447a77eec5ab4e4966f9748980758aabc94cb19568bb10f73c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:ab:45:45:24:03:69:7c:b7:8e:08:16:a6:49:
                    33:b1:e1:59:be:5f:59:dc:d9:e8:08:0f:d0:c9:0a:
                    eb:1a:0d:6f:9d:98:33:3f:57:d1:ac:47:4b:ff:0c:
                    68:ee:a9:30:bb:26:2d:90:70:3d:e5:e3:5e:bd:75:
                    fc:3a:ab:c1:92:2a:c4:26:6f:ac:eb:fc:22:79:87:
                    7b:62:8a:98:24:5e:16:83:8d:9b:00:08:58:d7:1f:
                    19:c8:91:3d:d0:1d:cc:b6:e3:69:fe:99:05:9a:de:
                    ad:0d:6d:39:67:68:7d:fa:74:e0:10:a2:90:a6:fd:
                    55:6e:dc:16:14:bd:0b:37:d5:32:6f:67:c0:cb:4c:
                    70:5c:8a:31:22:63:ec:5d:60:f2:5f:08:45:80:fd:
                    f6:ec:46:fa:c4:d0:42:2a:18:29:17:63:08:a2:72:
                    b2:06:c1:34:d1:df:28:0a:69:cc:62:4e:bc:c1:60:
                    6a:00:b9:af:ca:48:bf:c6:05:c9:54:86:0a:74:40:
                    60:7f:51:f8:2a:75:25:e0:00:5f:d3:65:d1:88:41:
                    c7:63:85:19:f9:06:e1:ec:7f:eb:8f:df:79:aa:fb:
                    6d:64:6d:3d:5a:ec:02:dd:fa:33:d3:38:23:2e:f8:
                    f5:97:a1:c3:44:8a:00:bb:70:65:ef:43:06:3c:d2:
                    c7:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:64:99:EF:C4:2E:84:83:53:68:36:33:02:89:AA:C5:CF:DE:7F:3A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8380d874-2759-4ba1-806c-9326aa7dfe55.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  50.17.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         b3:e8:60:1a:7d:f2:a9:7d:79:cb:b2:32:b5:b2:41:39:77:fb:
         31:fd:ef:dd:05:68:37:4f:63:d7:b5:6e:ba:2c:57:aa:61:14:
         42:6a:35:ef:67:79:f6:05:66:04:14:ab:58:20:9e:93:af:4b:
         43:c4:cc:94:f4:68:3c:da:7d:5b:fd:72:4c:50:09:2b:90:ba:
         08:a1:12:ac:98:79:d9:0c:2b:69:39:35:e6:1e:6a:d1:71:04:
         db:26:2a:c5:9d:39:86:c9:d5:49:6b:25:ce:b7:08:f8:36:98:
         75:7f:2b:91:d5:5a:e5:31:4b:d0:16:4e:6f:02:a5:8b:c1:7f:
         e9:bf:8a:fb:9b:04:c8:5c:7e:b4:6e:0e:1f:a6:c2:10:50:cb:
         b7:a8:8b:9d:d9:fe:e4:ef:c4:f6:37:dc:fa:02:e3:98:ab:54:
         69:b7:65:f8:2c:8c:6c:f9:a9:9d:ac:fa:6b:38:5d:3e:37:97:
         1a:e8:87:d4:30:0d:7c:89:47:7f:fb:bb:25:94:a9:d6:f1:25:
         1e:c9:19:f9:16:99:ca:44:35:bc:b0:9e:a5:7f:45:de:8a:30:
         5d:e9:86:5e:47:42:43:ca:10:d6:ae:5d:7b:bd:27:a5:3b:52:
         ce:d3:8d:e3:2f:7a:5a:5e:bf:b5:92:3a:c9:28:36:c8:65:5b:
         d4:5c:3b:04
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUT7pNyRwNCyhFLDqscOGqLr2M+pcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA3MDA1MjM3WhcNMjUxMTExMjM1OTU5
WjB6MUkwRwYDVQQFE0AxOGIwMzA5Yjk3NjQ3MTQ0N2E3N2VlYzVhYjRlNDk2NmY5
NzQ4OTgwNzU4YWFiYzk0Y2IxOTU2OGJiMTBmNzNjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0q0VFJANpfLeOCBamSTOx4Vm+X1nc2egID9DJCusaDW+d
mDM/V9GsR0v/DGjuqTC7Ji2QcD3l4169dfw6q8GSKsQmb6zr/CJ5h3tiipgkXhaD
jZsACFjXHxnIkT3QHcy242n+mQWa3q0NbTlnaH36dOAQopCm/VVu3BYUvQs31TJv
Z8DLTHBcijEiY+xdYPJfCEWA/fbsRvrE0EIqGCkXYwiicrIGwTTR3ygKacxiTrzB
YGoAua/KSL/GBclUhgp0QGB/UfgqdSXgAF/TZdGIQcdjhRn5BuHsf+uP33mq+21k
bT1a7ALd+jPTOCMu+PWXocNEigC7cGXvQwY80seRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUVGSZ78QuhINTaDYzAomqxc/efzowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzgzODBkODc0LTI3NTktNGJhMS04MDZjLTkzMjZhYTdkZmU1NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAYyEcAwDQYJKoZIhvcNAQELBQADggEBALPoYBp98ql9ecuyMrWyQTl3+zH9
790FaDdPY9e1brosV6phFEJqNe9nefYFZgQUq1ggnpOvS0PEzJT0aDzafVv9ckxQ
CSuQugihEqyYedkMK2k5NeYeatFxBNsmKsWdOYbJ1UlrJc63CPg2mHV/K5HVWuUx
S9AWTm8CpYvBf+m/ivubBMhcfrRuDh+mwhBQy7eoi53Z/uTvxPY33PoC45irVGm3
ZfgsjGz5qZ2s+ms4XT43lxroh9QwDXyJR3/7uyWUqdbxJR7JGfkWmcpENbywnqV/
Rd6KMF3phl5HQkPKENauXXu9J6U7Us7TjeMvelpev7WSOskoNshlW9RcOwQ=
-----END CERTIFICATE-----