Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cf6bc7b7-b5c5-4c39-8b0f-c9fbf1805308.roa
File:                     cf6bc7b7-b5c5-4c39-8b0f-c9fbf1805308.roa (raw, json)
Hash identifier:          RBy2V+DO5OIycloBxNhzU9OusDj8eKhte/F/Bwmmzt0=
Subject key identifier:   82:5A:04:8E:59:26:65:7C:07:EA:E5:6B:D8:71:0B:09:F3:D1:A2:02
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       25FA11D706B216D1BEF1861A979CCADFCEC4728A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cf6bc7b7-b5c5-4c39-8b0f-c9fbf1805308.roa
Signing time:             Fri 26 Sep 2025 00:40:31 +0000
ROA not before:           Fri 26 Sep 2025 00:40:31 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.59.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:fa:11:d7:06:b2:16:d1:be:f1:86:1a:97:9c:ca:df:ce:c4:72:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 26 00:40:31 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=293a610684577601e9d9d610726c3132333569d00148e19ee256b8c333d20b40, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:6b:57:46:6a:29:d7:b7:fe:59:7e:31:9d:bd:
                    f0:3c:37:30:73:5d:0b:f0:91:cb:3d:a5:9f:b5:b2:
                    2d:be:b4:02:a4:5b:06:cc:7c:91:fe:be:a1:6b:b3:
                    f1:37:91:6d:24:ae:d7:31:83:37:5a:5e:fe:df:4e:
                    ec:a4:01:fe:b3:d7:09:fb:53:a3:ef:73:4d:1b:00:
                    fc:99:95:92:e7:a2:90:42:81:58:30:ab:4a:a0:40:
                    60:f1:48:40:d9:dd:c3:15:d8:c6:9a:5f:ee:ae:35:
                    fe:e1:91:6b:06:80:f5:c8:7a:ce:21:d0:a9:06:94:
                    6d:36:cf:71:a3:8f:1c:26:d8:17:8a:5e:03:19:8a:
                    30:69:73:0d:2b:87:3e:d1:94:b0:9d:60:4f:d0:ed:
                    1b:8a:2a:56:da:35:9b:7f:a1:8f:cc:80:8c:35:e7:
                    8d:46:ec:91:23:eb:96:44:bb:7e:9d:8a:40:e6:3e:
                    8f:db:e7:26:80:76:63:e5:69:4b:3b:5e:b9:22:be:
                    f7:5e:b0:a1:4a:22:b6:37:43:3c:5d:9b:b0:1c:dc:
                    61:52:00:26:04:c0:1f:cf:ef:8d:38:55:aa:db:14:
                    dc:3f:b5:67:aa:44:e8:8a:c8:e3:1e:45:41:05:92:
                    ef:f6:b8:7e:67:10:c7:0e:bf:c0:54:54:dc:02:6e:
                    78:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:5A:04:8E:59:26:65:7C:07:EA:E5:6B:D8:71:0B:09:F3:D1:A2:02
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cf6bc7b7-b5c5-4c39-8b0f-c9fbf1805308.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.59.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         36:db:b4:c0:7a:a4:a4:af:ae:06:69:e8:2e:15:76:04:85:7f:
         01:58:c9:34:6a:77:3a:36:ff:df:70:14:13:04:0a:62:77:46:
         e2:88:b9:32:58:2b:3c:e9:a3:2a:8c:46:48:fe:42:4d:fc:43:
         bf:41:ff:88:1a:44:1c:b7:38:fd:72:2d:e3:39:c1:c4:f6:cd:
         b0:76:03:e6:f5:a7:51:a9:41:69:51:b8:7a:db:8c:22:e3:3c:
         2a:4c:ff:43:9a:14:d0:a8:db:2c:aa:fb:ea:12:ce:c1:dc:a0:
         df:db:cd:4a:66:ba:8d:e4:ec:28:e6:50:50:3f:b5:84:a8:ca:
         09:93:f2:7c:07:1b:a7:f1:56:91:90:9b:40:1e:0f:3b:b4:ff:
         65:f6:83:62:e7:f1:1a:77:23:b4:b1:8a:04:fc:51:c2:82:ba:
         d3:96:a0:9f:b6:ba:c7:48:48:ea:11:ed:a5:12:a7:68:2c:ad:
         06:8c:97:eb:aa:18:ed:4e:b7:a2:04:e7:0b:6c:ac:05:54:52:
         25:12:41:56:aa:87:bd:fb:ac:08:80:73:ce:3d:4e:1e:9b:d9:
         3d:87:49:9b:44:77:54:48:e0:d2:03:34:5b:19:03:45:1e:73:
         8b:05:22:17:ab:af:78:90:68:ae:54:cd:35:fd:14:06:b6:52:
         b8:59:e1:f2
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUJfoR1wayFtG+8YYal5zK387EcoowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI2MDA0MDMxWhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AyOTNhNjEwNjg0NTc3NjAxZTlkOWQ2MTA3MjZjMzEzMjMz
MzU2OWQwMDE0OGUxOWVlMjU2YjhjMzMzZDIwYjQwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCZa1dGainXt/5ZfjGdvfA8NzBzXQvwkcs9pZ+1si2+tAKk
WwbMfJH+vqFrs/E3kW0krtcxgzdaXv7fTuykAf6z1wn7U6Pvc00bAPyZlZLnopBC
gVgwq0qgQGDxSEDZ3cMV2MaaX+6uNf7hkWsGgPXIes4h0KkGlG02z3Gjjxwm2BeK
XgMZijBpcw0rhz7RlLCdYE/Q7RuKKlbaNZt/oY/MgIw1541G7JEj65ZEu36dikDm
Po/b5yaAdmPlaUs7XrkivvdesKFKIrY3Qzxdm7Ac3GFSACYEwB/P7404VarbFNw/
tWeqROiKyOMeRUEFku/2uH5nEMcOv8BUVNwCbng1AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUgloEjlkmZXwH6uVr2HELCfPRogIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NmNmJjN2I3LWI1YzUtNGMzOS04YjBmLWM5ZmJmMTgwNTMwOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4OzANBgkqhkiG9w0BAQsFAAOCAQEANtu0wHqkpK+uBmnoLhV2BIV/AVjJ
NGp3Ojb/33AUEwQKYndG4oi5MlgrPOmjKoxGSP5CTfxDv0H/iBpEHLc4/XIt4znB
xPbNsHYD5vWnUalBaVG4etuMIuM8Kkz/Q5oU0KjbLKr76hLOwdyg39vNSma6jeTs
KOZQUD+1hKjKCZPyfAcbp/FWkZCbQB4PO7T/ZfaDYufxGncjtLGKBPxRwoK605ag
n7a6x0hI6hHtpRKnaCytBoyX66oY7U63ogTnC2ysBVRSJRJBVqqHvfusCIBzzj1O
HpvZPYdJm0R3VEjg0gM0WxkDRR5ziwUiF6uveJBorlTNNf0UBrZSuFnh8g==
-----END CERTIFICATE-----