Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9a8d5db4-e57a-43d4-b37b-f75971c4a85c.roa
File:                     9a8d5db4-e57a-43d4-b37b-f75971c4a85c.roa (raw, json)
Hash identifier:          h6Vh36VsjsXSTU6O4wwmNC5zFr72sCnNURsNajnZa3o=
Subject key identifier:   C3:94:30:A9:E2:BA:E9:F3:53:0B:FF:E7:4D:AA:9F:C5:E6:49:6A:27
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6F53748C8274FF057F5E754FA7C11CE84E5D7DFC
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9a8d5db4-e57a-43d4-b37b-f75971c4a85c.roa
Signing time:             Sat 27 Sep 2025 00:41:31 +0000
ROA not before:           Sat 27 Sep 2025 00:41:31 +0000
ROA not after:            Sat 01 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        57.251.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6f:53:74:8c:82:74:ff:05:7f:5e:75:4f:a7:c1:1c:e8:4e:5d:7d:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 27 00:41:31 2025 GMT
            Not After : Nov  1 23:59:59 2025 GMT
        Subject: serialNumber=036bc1a9493a9709a28e58fe733bfd3fd1e0a867af0bbafa75eddfa03cc652cb, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:f5:d6:7d:98:1f:d2:d6:45:f7:b1:f0:3f:3d:
                    66:48:d0:45:02:91:91:4b:d8:61:bb:53:3b:43:ea:
                    ab:7e:20:25:e1:f5:96:7d:5a:f1:36:ec:85:05:36:
                    64:d8:90:a3:07:98:9b:66:9d:1d:d8:ac:82:57:f4:
                    86:9e:60:3f:e3:e2:33:e3:d4:20:68:ca:dc:07:36:
                    60:73:7b:05:35:ac:bb:1f:98:fc:ef:0f:44:a4:48:
                    7b:1e:cd:90:50:96:a4:8a:00:79:dd:12:1b:b8:b8:
                    4a:72:07:65:93:49:e3:0a:27:23:da:0d:fc:22:5c:
                    17:d5:99:20:32:11:c3:7a:77:92:a1:f5:40:91:27:
                    7e:43:10:78:f1:0b:05:dc:58:de:5b:a5:c8:68:c4:
                    70:bb:9c:f5:52:93:fc:0a:97:f8:b3:2f:96:ed:74:
                    9e:0a:d8:1b:c3:14:d1:b8:3b:0d:33:c9:3c:14:4c:
                    e6:b5:4e:39:6a:7b:a0:a2:cd:b2:f3:8d:8c:f8:db:
                    b5:d8:14:65:c2:9f:9c:29:08:1b:7c:0e:38:bc:28:
                    67:91:1f:5b:47:9b:81:5e:fd:5e:aa:05:12:5a:c5:
                    57:bc:e8:ad:c8:ff:5e:8e:7f:9e:77:52:d7:0c:ed:
                    48:e5:8e:0e:a1:7e:43:81:33:be:13:cb:72:b1:6f:
                    3a:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:94:30:A9:E2:BA:E9:F3:53:0B:FF:E7:4D:AA:9F:C5:E6:49:6A:27
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9a8d5db4-e57a-43d4-b37b-f75971c4a85c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  57.251.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         75:32:4c:3a:89:92:3b:5a:bc:0d:75:5f:35:6d:c9:a9:fb:01:
         63:2a:81:ad:2d:89:ea:43:a8:52:0e:21:a2:18:7e:c7:cb:a7:
         b4:fe:06:6c:8f:4a:84:59:74:99:27:d9:a5:a6:bb:0e:68:4d:
         8f:08:f2:9b:7d:e2:b5:02:d3:c2:be:01:a2:92:96:af:d6:55:
         85:49:64:e8:ae:e8:af:5e:5b:f5:07:07:5c:98:5f:67:22:68:
         96:b3:ae:91:bc:8d:5b:84:5d:26:a4:4a:26:af:22:5e:e5:2a:
         84:9e:7c:4a:ff:c1:75:44:0c:0e:1c:e5:0f:58:ff:7a:34:ba:
         b3:3b:d0:ae:16:0d:b6:ab:70:d1:b1:98:54:33:37:9d:67:5e:
         47:81:61:d8:e9:ea:03:d2:19:a1:9d:05:bc:77:e1:fa:2a:df:
         e2:51:7f:5a:4e:59:ed:e3:c4:d6:2d:df:f3:15:eb:4d:a9:93:
         f1:67:41:eb:63:04:93:0a:f7:79:a6:a1:d5:b3:ef:bb:0f:c3:
         08:93:6d:d3:0e:06:6c:64:4c:43:bc:a9:9f:c3:7d:a3:e9:90:
         11:d4:2a:e9:b4:db:16:46:a1:06:0c:00:39:73:af:54:a8:97:
         a3:a4:3f:27:f1:4f:98:e6:14:de:ea:3f:d4:d2:f6:ff:ed:0d:
         fc:62:53:ba
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUb1N0jIJ0/wV/XnVPp8Ec6E5dffwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI3MDA0MTMxWhcNMjUxMTAxMjM1OTU5
WjB6MUkwRwYDVQQFE0AwMzZiYzFhOTQ5M2E5NzA5YTI4ZTU4ZmU3MzNiZmQzZmQx
ZTBhODY3YWYwYmJhZmE3NWVkZGZhMDNjYzY1MmNiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDT9dZ9mB/S1kX3sfA/PWZI0EUCkZFL2GG7UztD6qt+ICXh
9ZZ9WvE27IUFNmTYkKMHmJtmnR3YrIJX9IaeYD/j4jPj1CBoytwHNmBzewU1rLsf
mPzvD0SkSHsezZBQlqSKAHndEhu4uEpyB2WTSeMKJyPaDfwiXBfVmSAyEcN6d5Kh
9UCRJ35DEHjxCwXcWN5bpchoxHC7nPVSk/wKl/izL5btdJ4K2BvDFNG4Ow0zyTwU
TOa1Tjlqe6CizbLzjYz427XYFGXCn5wpCBt8Dji8KGeRH1tHm4Fe/V6qBRJaxVe8
6K3I/16Of553UtcM7Ujljg6hfkOBM74Ty3KxbzpHAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUw5QwqeK66fNTC//nTaqfxeZJaicwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzlhOGQ1ZGI0LWU1N2EtNDNkNC1iMzdiLWY3NTk3MWM0YTg1Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA5+zANBgkqhkiG9w0BAQsFAAOCAQEAdTJMOomSO1q8DXVfNW3JqfsBYyqB
rS2J6kOoUg4hohh+x8untP4GbI9KhFl0mSfZpaa7DmhNjwjym33itQLTwr4BopKW
r9ZVhUlk6K7or15b9QcHXJhfZyJolrOukbyNW4RdJqRKJq8iXuUqhJ58Sv/BdUQM
DhzlD1j/ejS6szvQrhYNtqtw0bGYVDM3nWdeR4Fh2OnqA9IZoZ0FvHfh+irf4lF/
Wk5Z7ePE1i3f8xXrTamT8WdB62MEkwr3eaah1bPvuw/DCJNt0w4GbGRMQ7ypn8N9
o+mQEdQq6bTbFkahBgwAOXOvVKiXo6Q/J/FPmOYU3uo/1NL2/+0N/GJTug==
-----END CERTIFICATE-----