Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c7cedeac-0833-47ed-853e-0aaeed16cf21.roa
File:                     c7cedeac-0833-47ed-853e-0aaeed16cf21.roa (raw, json)
Hash identifier:          PGN2ujupfK/EZRZw1Hj5Dri+CV2WG5Aj17FLX/biks8=
Subject key identifier:   A6:5D:17:45:B9:FD:C7:CE:03:8D:DC:F4:32:19:2F:56:47:13:48:59
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6BF81F36B35DC537E3BAFA222B5F7D88AC4B4E7E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c7cedeac-0833-47ed-853e-0aaeed16cf21.roa
Signing time:             Mon 06 Oct 2025 15:21:12 +0000
ROA not before:           Mon 06 Oct 2025 15:21:12 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.128.248.0/21 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:f8:1f:36:b3:5d:c5:37:e3:ba:fa:22:2b:5f:7d:88:ac:4b:4e:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  6 15:21:12 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=019dd70bc0f09daa03d7ac0ba76cfbb03a74f194e64963723554f3702ccfb4b8, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:7c:2d:94:49:ab:01:8b:e6:3d:33:00:92:7f:
                    ac:73:e7:88:99:6e:06:3c:19:18:d1:40:1d:1f:f7:
                    8c:36:e8:74:37:b8:ad:6e:74:fd:7a:54:72:13:16:
                    67:61:90:21:2e:4d:b3:0e:b7:dc:10:59:e5:cb:2e:
                    a3:c1:82:be:18:4a:9b:05:02:e6:b3:3e:01:d4:40:
                    20:aa:96:d0:42:12:aa:1d:f8:de:ad:8d:1c:9a:b0:
                    61:00:f1:cb:18:a7:ce:10:a2:0a:90:b2:72:de:c6:
                    eb:06:1d:99:51:ce:da:56:e3:65:2e:0b:8c:b6:78:
                    d2:3d:fb:93:5b:20:0a:be:3f:13:30:b3:46:88:6d:
                    d6:b7:91:f2:6f:02:91:26:85:32:1a:a2:e5:f0:66:
                    4e:5b:7d:3a:37:89:f5:e8:f9:e8:6c:26:fc:61:e4:
                    16:39:69:75:b5:e8:6a:90:7a:82:2d:96:82:cc:97:
                    f2:d5:88:82:eb:b4:e1:60:26:95:91:74:a0:83:bb:
                    be:3c:39:b5:e5:8a:73:a4:47:a9:18:72:1d:fb:f1:
                    91:6c:0e:c1:ad:6c:2c:b5:ee:06:66:eb:ef:88:df:
                    0e:11:b0:14:43:2a:83:97:15:aa:0e:a5:b1:af:75:
                    a9:9f:79:66:b1:0e:22:b2:77:56:55:cb:7e:3c:ee:
                    30:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:5D:17:45:B9:FD:C7:CE:03:8D:DC:F4:32:19:2F:56:47:13:48:59
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c7cedeac-0833-47ed-853e-0aaeed16cf21.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.128.248.0/21

    Signature Algorithm: sha256WithRSAEncryption
         4e:24:b5:e3:b8:9a:c7:b0:44:d6:64:01:3c:d1:5c:14:44:24:
         f6:fe:71:5a:6d:a3:5c:1b:f6:c2:95:63:55:40:fe:b3:d6:5f:
         39:16:9c:b5:b2:5f:c2:c8:3f:4e:a3:8f:45:7a:38:6d:1e:f0:
         a4:1f:17:cc:a8:e2:5b:84:0b:e9:c4:a5:03:24:24:ea:69:16:
         72:bc:a6:14:63:bf:1e:3f:66:dc:e2:8e:d7:f9:cd:dd:17:6d:
         57:54:6d:c7:00:94:45:48:f7:0d:fd:df:bc:b0:36:81:eb:b7:
         52:0a:13:63:90:de:ba:8d:7f:d0:27:0f:ea:db:c6:c4:bc:4f:
         e0:4e:2b:cd:05:01:f2:f2:67:f7:49:9c:73:f4:62:2c:25:38:
         11:2f:0f:5d:12:62:22:73:30:40:31:2e:0a:cf:10:f2:23:ac:
         b3:cd:b9:56:15:7f:c9:5d:c8:df:f8:88:7c:0f:8d:a6:ef:92:
         cb:65:87:a4:55:0e:46:4a:40:b1:8e:5d:46:de:33:fb:7a:19:
         f6:d2:e3:fd:90:df:3a:d2:4a:df:01:3b:d8:21:98:5a:75:3d:
         99:53:de:8a:48:5f:44:44:27:4e:7f:b3:a6:e6:d4:95:ab:2d:
         3d:55:83:39:3e:f1:71:5f:ee:fc:67:f3:4b:86:d5:81:cf:b0:
         ad:fc:d0:76
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUa/gfNrNdxTfjuvoiK199iKxLTn4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA2MTUyMTEyWhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AwMTlkZDcwYmMwZjA5ZGFhMDNkN2FjMGJhNzZjZmJiMDNh
NzRmMTk0ZTY0OTYzNzIzNTU0ZjM3MDJjY2ZiNGI4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDBfC2USasBi+Y9MwCSf6xz54iZbgY8GRjRQB0f94w26HQ3
uK1udP16VHITFmdhkCEuTbMOt9wQWeXLLqPBgr4YSpsFAuazPgHUQCCqltBCEqod
+N6tjRyasGEA8csYp84QogqQsnLexusGHZlRztpW42UuC4y2eNI9+5NbIAq+PxMw
s0aIbda3kfJvApEmhTIaouXwZk5bfTo3ifXo+ehsJvxh5BY5aXW16GqQeoItloLM
l/LViILrtOFgJpWRdKCDu748ObXlinOkR6kYch378ZFsDsGtbCy17gZm6++I3w4R
sBRDKoOXFaoOpbGvdamfeWaxDiKyd1ZVy3487jBhAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUpl0XRbn9x84Djdz0MhkvVkcTSFkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M3Y2VkZWFjLTA4MzMtNDdlZC04NTNlLTBhYWVlZDE2Y2YyMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMNgPgwDQYJKoZIhvcNAQELBQADggEBAE4kteO4msewRNZkATzRXBREJPb+
cVpto1wb9sKVY1VA/rPWXzkWnLWyX8LIP06jj0V6OG0e8KQfF8yo4luEC+nEpQMk
JOppFnK8phRjvx4/Ztzijtf5zd0XbVdUbccAlEVI9w3937ywNoHrt1IKE2OQ3rqN
f9AnD+rbxsS8T+BOK80FAfLyZ/dJnHP0YiwlOBEvD10SYiJzMEAxLgrPEPIjrLPN
uVYVf8ldyN/4iHwPjabvkstlh6RVDkZKQLGOXUbeM/t6GfbS4/2Q3zrSSt8BO9gh
mFp1PZlT3opIX0REJ05/s6bm1JWrLT1Vgzk+8XFf7vxn80uG1YHPsK380HY=
-----END CERTIFICATE-----