Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a45d5e2a-b38d-4e66-86d3-7a039177d46e.roa
File:                     a45d5e2a-b38d-4e66-86d3-7a039177d46e.roa (raw, json)
Hash identifier:          3Ka2iVoOtKsNf/8I58hBUTWuad6HN4iEZoiENlvMK+I=
Subject key identifier:   6E:13:3D:11:2C:BD:61:DC:D4:35:72:E2:0E:E2:7F:BE:55:E9:35:18
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       16B40F45D47A04C0064A40FB0BC9783FC263CF61
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a45d5e2a-b38d-4e66-86d3-7a039177d46e.roa
Signing time:             Mon 06 Oct 2025 15:22:38 +0000
ROA not before:           Mon 06 Oct 2025 15:22:38 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        13.130.0.0/21 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:b4:0f:45:d4:7a:04:c0:06:4a:40:fb:0b:c9:78:3f:c2:63:cf:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  6 15:22:38 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=e489967cb75eb2c01812d34b4b7b9e1427e70f9eb8334fb67f7c7fbdb8a6f170, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:3e:27:28:71:24:86:14:fe:df:16:ac:21:ce:
                    fb:04:fb:52:ca:98:81:bd:b0:95:37:03:8e:df:5a:
                    a2:c2:ff:70:32:f4:62:f3:eb:a8:b3:24:11:39:2b:
                    6e:f6:ac:d8:c6:c4:a3:13:f0:3e:6c:c2:93:35:1d:
                    be:b4:f6:a7:44:1c:0a:f2:8c:d1:58:ec:6c:59:18:
                    75:b0:b9:62:37:00:fa:23:3c:14:ae:b7:4c:b8:2f:
                    0f:03:01:3f:d7:da:88:5a:1f:de:a0:9c:bc:10:09:
                    d3:17:32:05:da:5b:4e:b6:6a:85:6e:ab:c3:60:49:
                    c9:1e:a8:7c:dc:d7:7c:10:e6:71:60:a4:8c:bf:60:
                    04:b0:37:ce:46:75:7b:12:b1:d9:2b:c0:b5:75:dd:
                    b5:61:2e:0b:36:c7:5a:0c:98:bf:7a:c9:48:8a:a3:
                    8d:db:b9:41:cd:27:6c:f1:cb:df:80:fc:e1:04:fa:
                    27:44:11:1e:e6:ff:07:01:66:78:9e:d6:73:24:30:
                    f9:87:16:28:2e:73:5e:12:2b:ba:9f:be:7d:05:a3:
                    f9:14:c0:fd:cb:ad:21:c5:86:e3:86:03:4c:9d:ba:
                    19:b7:bd:58:80:b5:a0:a4:08:29:70:fe:a9:66:e7:
                    c0:74:55:85:35:d8:52:88:38:cc:4f:0d:a4:44:e4:
                    c2:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:13:3D:11:2C:BD:61:DC:D4:35:72:E2:0E:E2:7F:BE:55:E9:35:18
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a45d5e2a-b38d-4e66-86d3-7a039177d46e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.130.0.0/21

    Signature Algorithm: sha256WithRSAEncryption
         90:cc:97:7b:c3:5d:dc:e0:1b:4f:5d:94:b8:db:b8:a0:cf:60:
         e4:6d:3b:df:33:1f:43:b1:a0:75:51:bc:73:6a:14:d1:90:c6:
         86:b6:f9:ff:39:fe:91:9e:91:b2:bf:f8:9c:ed:8d:0f:a7:56:
         19:ec:7e:d3:64:0f:24:23:c0:60:8a:28:cf:36:67:7f:30:76:
         8e:26:7d:cd:d2:3f:9c:5d:2b:e4:3f:86:9c:df:fc:2e:94:20:
         3f:16:11:8d:a6:1d:a9:98:88:d6:5b:29:e9:32:b5:cd:9e:30:
         5b:c9:7a:20:69:ca:bc:29:10:a6:cb:c3:d8:6a:41:cb:4a:d1:
         df:92:03:07:8f:a1:93:e9:18:d8:06:26:df:f3:b0:90:90:f1:
         d4:aa:8e:da:8f:b5:0a:da:87:9b:32:01:5a:10:d9:de:cf:7d:
         33:4b:79:f3:43:19:8d:f2:bf:63:b6:62:51:6b:64:ff:d1:94:
         45:11:bf:2a:23:d8:ef:8c:53:6f:9c:38:3c:a4:0b:4b:dd:da:
         ac:db:23:1f:ed:99:e9:d0:5e:bd:87:a8:72:54:c5:07:f5:ed:
         be:b2:36:df:e6:89:18:c8:8b:66:c0:49:b0:75:ae:11:7e:9f:
         0b:d8:04:a7:8e:ab:6b:dc:f4:f5:dc:98:2d:f5:be:b3:b4:13:
         47:4d:c6:f3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFrQPRdR6BMAGSkD7C8l4P8Jjz2EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA2MTUyMjM4WhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BlNDg5OTY3Y2I3NWViMmMwMTgxMmQzNGI0YjdiOWUxNDI3
ZTcwZjllYjgzMzRmYjY3ZjdjN2ZiZGI4YTZmMTcwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFPicocSSGFP7fFqwhzvsE+1LKmIG9sJU3A47fWqLC/3Ay
9GLz66izJBE5K272rNjGxKMT8D5swpM1Hb609qdEHAryjNFY7GxZGHWwuWI3APoj
PBSut0y4Lw8DAT/X2ohaH96gnLwQCdMXMgXaW062aoVuq8NgSckeqHzc13wQ5nFg
pIy/YASwN85GdXsSsdkrwLV13bVhLgs2x1oMmL96yUiKo43buUHNJ2zxy9+A/OEE
+idEER7m/wcBZnie1nMkMPmHFiguc14SK7qfvn0Fo/kUwP3LrSHFhuOGA0yduhm3
vViAtaCkCClw/qlm58B0VYU12FKIOMxPDaRE5MInAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUbhM9ESy9YdzUNXLiDuJ/vlXpNRgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E0NWQ1ZTJhLWIzOGQtNGU2Ni04NmQzLTdhMDM5MTc3ZDQ2ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMNggAwDQYJKoZIhvcNAQELBQADggEBAJDMl3vDXdzgG09dlLjbuKDPYORt
O98zH0OxoHVRvHNqFNGQxoa2+f85/pGekbK/+JztjQ+nVhnsftNkDyQjwGCKKM82
Z38wdo4mfc3SP5xdK+Q/hpzf/C6UID8WEY2mHamYiNZbKekytc2eMFvJeiBpyrwp
EKbLw9hqQctK0d+SAwePoZPpGNgGJt/zsJCQ8dSqjtqPtQrah5syAVoQ2d7PfTNL
efNDGY3yv2O2YlFrZP/RlEURvyoj2O+MU2+cODykC0vd2qzbIx/tmenQXr2HqHJU
xQf17b6yNt/miRjIi2bASbB1rhF+nwvYBKeOq2vc9PXcmC31vrO0E0dNxvM=
-----END CERTIFICATE-----