Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/aa93eae8-1183-4788-b326-e47a328e99c0.roa
File:                     aa93eae8-1183-4788-b326-e47a328e99c0.roa (raw, json)
Hash identifier:          CBuBwLyprAWoo4IH5p8PHFYWtlDGdJTocyEuuaX974o=
Subject key identifier:   8D:6C:47:17:8F:2D:1F:47:7A:F8:CD:87:A6:EE:2A:13:73:5F:A4:6D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6BFE26997A8F336C18445F9E3E20ED60A955DC16
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/aa93eae8-1183-4788-b326-e47a328e99c0.roa
Signing time:             Wed 08 Oct 2025 00:22:10 +0000
ROA not before:           Wed 08 Oct 2025 00:22:10 +0000
ROA not after:            Wed 12 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.7.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:fe:26:99:7a:8f:33:6c:18:44:5f:9e:3e:20:ed:60:a9:55:dc:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  8 00:22:10 2025 GMT
            Not After : Nov 12 23:59:59 2025 GMT
        Subject: serialNumber=b51e29f30444173b91975fc6d44ee81c4d55135888f19425c202a3ad58006cc7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:7d:ee:14:21:4c:03:0d:f5:86:7f:38:43:6b:
                    45:9d:0b:55:25:7f:86:c0:97:46:8a:27:5f:f3:35:
                    c0:bc:42:f6:bc:a2:1a:05:5e:09:98:0c:26:9c:19:
                    15:ed:63:f8:ac:cf:98:31:c9:fc:23:ce:8e:39:b7:
                    53:44:c6:d4:c4:14:8f:fc:23:4a:ec:a9:f7:16:20:
                    44:ef:c2:46:bf:10:e8:67:f8:98:04:0a:07:d2:49:
                    02:dd:4b:9c:69:06:55:08:9d:2b:97:40:0c:86:8a:
                    2d:66:a3:66:27:4c:f4:9c:26:c6:b4:f1:9d:f0:bc:
                    28:03:aa:18:e4:7d:4c:65:2e:9e:36:34:4a:b0:a1:
                    e7:7c:83:50:c4:a7:27:e5:ef:8d:9f:8e:70:cc:e2:
                    d2:be:32:7f:05:b5:60:c8:2b:fd:c0:34:c5:3e:99:
                    19:34:15:95:13:9d:c8:0f:c8:91:63:05:86:f0:fa:
                    f2:c2:95:69:7e:39:25:ba:45:a4:09:7e:6c:c4:af:
                    d4:39:39:f7:35:c3:9e:29:40:a3:47:b8:ce:0e:ef:
                    2f:f1:e3:a0:84:88:db:49:6e:94:98:d1:df:00:9e:
                    92:ba:ac:00:b3:d6:82:80:f9:56:51:81:71:d5:df:
                    2e:16:3c:da:6b:13:5f:f2:bd:92:ed:0f:f0:73:03:
                    aa:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:6C:47:17:8F:2D:1F:47:7A:F8:CD:87:A6:EE:2A:13:73:5F:A4:6D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/aa93eae8-1183-4788-b326-e47a328e99c0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.7.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         4b:36:bc:1b:18:fd:27:17:f0:75:6d:98:d5:63:1b:a1:c0:6d:
         b2:bd:65:0c:51:88:98:2f:00:af:dc:55:71:b6:46:31:a9:3d:
         b7:18:3f:dc:d9:97:27:2a:b1:d3:1c:b1:53:fd:b9:ba:4b:60:
         e7:8d:e5:b2:38:9d:ec:e8:f7:47:b7:87:cd:db:c0:9b:a3:e3:
         d5:f8:f7:ed:d9:43:dd:0e:e5:1c:ce:a4:e1:30:50:12:0e:fe:
         ad:1e:87:be:ed:ce:f4:d3:2d:bf:24:2d:e5:27:5a:77:64:46:
         fb:8e:07:63:c8:fc:3c:36:bb:2e:de:f0:7b:a0:81:57:1f:00:
         0f:0e:6c:a2:75:a2:19:d8:27:7a:b3:a6:44:72:f6:b4:dd:34:
         0b:fa:a2:a1:c7:be:62:26:a6:a3:d4:90:ca:02:ad:d3:24:da:
         91:73:4e:dd:91:0c:77:3c:0c:57:c7:18:b8:5d:d3:23:5c:e4:
         b9:90:4a:91:20:e8:17:fd:3b:cb:81:bf:24:04:78:3b:dd:ee:
         a7:0b:75:8d:59:da:ac:c2:2b:5a:0a:48:41:a3:cf:0d:d0:a1:
         a3:35:f8:52:36:f4:a4:93:e9:8f:8e:b6:59:82:4c:dc:54:38:
         0f:8f:3c:e1:28:06:c2:3f:fa:2f:4f:b0:b3:a3:c4:c9:c9:87:
         12:1c:14:77
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUa/4mmXqPM2wYRF+ePiDtYKlV3BYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA4MDAyMjEwWhcNMjUxMTEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BiNTFlMjlmMzA0NDQxNzNiOTE5NzVmYzZkNDRlZTgxYzRk
NTUxMzU4ODhmMTk0MjVjMjAyYTNhZDU4MDA2Y2M3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDcfe4UIUwDDfWGfzhDa0WdC1Ulf4bAl0aKJ1/zNcC8Qva8
ohoFXgmYDCacGRXtY/isz5gxyfwjzo45t1NExtTEFI/8I0rsqfcWIETvwka/EOhn
+JgECgfSSQLdS5xpBlUInSuXQAyGii1mo2YnTPScJsa08Z3wvCgDqhjkfUxlLp42
NEqwoed8g1DEpyfl742fjnDM4tK+Mn8FtWDIK/3ANMU+mRk0FZUTncgPyJFjBYbw
+vLClWl+OSW6RaQJfmzEr9Q5Ofc1w54pQKNHuM4O7y/x46CEiNtJbpSY0d8AnpK6
rACz1oKA+VZRgXHV3y4WPNprE1/yvZLtD/BzA6qXAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUjWxHF48tH0d6+M2Hpu4qE3NfpG0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FhOTNlYWU4LTExODMtNDc4OC1iMzI2LWU0N2EzMjhlOTljMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4BzANBgkqhkiG9w0BAQsFAAOCAQEASza8Gxj9JxfwdW2Y1WMbocBtsr1l
DFGImC8Ar9xVcbZGMak9txg/3NmXJyqx0xyxU/25uktg543lsjid7Oj3R7eHzdvA
m6Pj1fj37dlD3Q7lHM6k4TBQEg7+rR6Hvu3O9NMtvyQt5Sdad2RG+44HY8j8PDa7
Lt7we6CBVx8ADw5sonWiGdgnerOmRHL2tN00C/qioce+Yiamo9SQygKt0yTakXNO
3ZEMdzwMV8cYuF3TI1zkuZBKkSDoF/07y4G/JAR4O93upwt1jVnarMIrWgpIQaPP
DdChozX4Ujb0pJPpj462WYJM3FQ4D4884SgGwj/6L0+ws6PEycmHEhwUdw==
-----END CERTIFICATE-----