Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9a1b7496-b916-471e-be55-e180367c84ee.roa
File:                     9a1b7496-b916-471e-be55-e180367c84ee.roa (raw, json)
Hash identifier:          A854lRB+PLYA29hSt65p/SZ7otNvgigZys9FV4qC3Zk=
Subject key identifier:   9E:0C:67:A4:1F:35:29:0F:D3:57:C1:A7:98:BD:9F:C2:9A:47:7F:36
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       18537DB0AB81D89CCEF0688AB23853E65B3FF412
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9a1b7496-b916-471e-be55-e180367c84ee.roa
Signing time:             Wed 08 Oct 2025 00:22:08 +0000
ROA not before:           Wed 08 Oct 2025 00:22:08 +0000
ROA not after:            Wed 12 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.30.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:53:7d:b0:ab:81:d8:9c:ce:f0:68:8a:b2:38:53:e6:5b:3f:f4:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  8 00:22:08 2025 GMT
            Not After : Nov 12 23:59:59 2025 GMT
        Subject: serialNumber=967c468ec623a7fd0f5520590c9469c1c20001469c4fafb2bfb3e9a8a724a2dc, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:62:0f:30:84:21:eb:d0:53:ba:74:ab:43:74:
                    ed:88:82:d1:8d:d9:ed:91:a0:8e:c5:a6:34:8d:62:
                    ad:df:35:50:67:ef:de:d9:3d:fa:dc:00:96:1c:f0:
                    9a:8d:d3:68:be:92:64:6e:ee:e6:c1:50:ab:b3:8a:
                    1a:4c:fa:52:e8:1c:4f:76:07:06:26:9a:01:e5:e5:
                    59:ff:be:8d:c7:fd:b3:15:d8:42:bd:0a:26:3e:86:
                    66:72:dd:42:9d:24:9a:ec:5e:19:e3:8b:50:df:44:
                    36:5e:5a:f7:7f:32:b7:33:6b:55:77:81:ef:e4:90:
                    8b:b5:a3:3c:f8:3a:15:80:be:e1:d7:c4:5b:ec:6c:
                    af:bd:81:46:ee:46:ce:fd:e9:6e:86:af:fc:62:0b:
                    96:27:76:fd:5e:4f:1a:01:4c:66:ff:62:d3:60:b5:
                    ea:4a:b5:20:b5:8e:2e:02:3d:f7:ed:31:b4:21:69:
                    ac:aa:e7:02:aa:05:da:74:2d:37:3c:d1:4a:82:07:
                    fd:e9:62:4f:aa:2b:46:54:ff:37:6c:6a:19:bc:f1:
                    2b:ae:70:3a:96:45:9f:52:99:81:27:07:75:bc:f3:
                    00:9d:04:4b:6b:9b:51:f8:dc:de:5f:4a:e4:70:3a:
                    1b:2d:f9:ca:a5:44:1e:a2:f8:78:1b:d3:56:6f:79:
                    ec:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:0C:67:A4:1F:35:29:0F:D3:57:C1:A7:98:BD:9F:C2:9A:47:7F:36
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9a1b7496-b916-471e-be55-e180367c84ee.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.30.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         c2:32:ad:c7:fc:36:c5:f1:7e:1d:20:ec:7e:ba:14:c4:1b:1f:
         08:f8:01:92:a2:14:79:6a:9c:b3:de:83:e4:3f:65:39:8f:0e:
         ac:83:a0:1b:27:db:92:04:2b:98:06:20:2e:c4:ce:ce:41:99:
         04:cf:6a:1b:90:d8:d6:b7:52:f5:7d:cb:bc:75:fc:77:a1:01:
         ae:5f:6a:4a:36:d0:8d:77:0c:79:0a:cb:a6:c8:a5:60:aa:a4:
         04:db:bc:b6:0a:9d:3d:bd:6a:25:d1:10:15:0a:26:11:98:4d:
         88:c2:e5:f2:21:62:19:46:8b:c8:2d:67:a2:67:1d:67:de:99:
         19:de:87:e4:0c:9c:63:07:a9:08:a0:46:15:2b:79:5b:e2:9f:
         46:e0:f8:06:66:29:fa:f1:1e:a1:e9:59:fc:ba:42:1b:04:5f:
         67:5f:ff:85:59:c1:95:33:62:d6:4c:eb:dc:dc:fd:bc:47:8d:
         f3:0e:b1:6d:b8:db:2e:9d:3e:f5:3e:3a:1f:90:59:9c:06:2e:
         8d:41:14:37:4d:3b:30:45:d1:40:cf:eb:bd:df:72:78:42:85:
         28:2b:bb:d8:3e:e0:e0:c3:e0:ba:37:b8:54:a2:76:37:a5:b0:
         81:21:c5:78:49:46:94:2a:fc:01:08:99:42:46:87:a4:6a:0b:
         6a:eb:96:71
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUGFN9sKuB2JzO8GiKsjhT5ls/9BIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA4MDAyMjA4WhcNMjUxMTEyMjM1OTU5
WjB6MUkwRwYDVQQFE0A5NjdjNDY4ZWM2MjNhN2ZkMGY1NTIwNTkwYzk0NjljMWMy
MDAwMTQ2OWM0ZmFmYjJiZmIzZTlhOGE3MjRhMmRjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJYg8whCHr0FO6dKtDdO2IgtGN2e2RoI7FpjSNYq3fNVBn
797ZPfrcAJYc8JqN02i+kmRu7ubBUKuzihpM+lLoHE92BwYmmgHl5Vn/vo3H/bMV
2EK9CiY+hmZy3UKdJJrsXhnji1DfRDZeWvd/Mrcza1V3ge/kkIu1ozz4OhWAvuHX
xFvsbK+9gUbuRs796W6Gr/xiC5Yndv1eTxoBTGb/YtNgtepKtSC1ji4CPfftMbQh
aayq5wKqBdp0LTc80UqCB/3pYk+qK0ZU/zdsahm88SuucDqWRZ9SmYEnB3W88wCd
BEtrm1H43N5fSuRwOhst+cqlRB6i+Hgb01ZveeyDAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUngxnpB81KQ/TV8GnmL2fwppHfzYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzlhMWI3NDk2LWI5MTYtNDcxZS1iZTU1LWUxODAzNjdjODRlZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4HjANBgkqhkiG9w0BAQsFAAOCAQEAwjKtx/w2xfF+HSDsfroUxBsfCPgB
kqIUeWqcs96D5D9lOY8OrIOgGyfbkgQrmAYgLsTOzkGZBM9qG5DY1rdS9X3LvHX8
d6EBrl9qSjbQjXcMeQrLpsilYKqkBNu8tgqdPb1qJdEQFQomEZhNiMLl8iFiGUaL
yC1nomcdZ96ZGd6H5AycYwepCKBGFSt5W+KfRuD4BmYp+vEeoelZ/LpCGwRfZ1//
hVnBlTNi1kzr3Nz9vEeN8w6xbbjbLp0+9T46H5BZnAYujUEUN007MEXRQM/rvd9y
eEKFKCu72D7g4MPguje4VKJ2N6WwgSHFeElGlCr8AQiZQkaHpGoLauuWcQ==
-----END CERTIFICATE-----