Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d2fc0877-920f-4e6c-8f40-ee4247efb624.roa
File:                     d2fc0877-920f-4e6c-8f40-ee4247efb624.roa (raw, json)
Hash identifier:          bQR/eUptqEUJs0iagYNHgZXCzqF1JABYVrhyU+Smyrk=
Subject key identifier:   41:49:47:3A:27:C4:32:82:F6:BB:AF:94:6A:13:44:43:12:D4:32:33
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       756DCC6868CEC1579145BD470865A18AE65E9C69
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d2fc0877-920f-4e6c-8f40-ee4247efb624.roa
Signing time:             Fri 03 Oct 2025 00:03:13 +0000
ROA not before:           Fri 03 Oct 2025 00:03:13 +0000
ROA not after:            Fri 07 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        216.48.0.0/18 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:6d:cc:68:68:ce:c1:57:91:45:bd:47:08:65:a1:8a:e6:5e:9c:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  3 00:03:13 2025 GMT
            Not After : Nov  7 23:59:59 2025 GMT
        Subject: serialNumber=a6bf72ff6c2b07592b71fa0efe4bb147de51c32e891e0ea71e661c2518e0d431, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:f7:08:3d:9c:a1:a1:9f:f5:b8:bd:1a:98:96:
                    7e:43:98:b8:e2:c2:70:3f:67:2e:33:9c:c8:30:92:
                    0a:53:4e:e2:cc:27:fc:92:7d:29:d4:47:1b:dd:38:
                    11:8e:39:ef:71:d9:92:3a:4e:32:15:87:fb:e4:6a:
                    92:10:fb:0a:c5:3f:69:ef:df:dc:09:d6:ce:c4:9d:
                    0c:4d:c3:ab:20:52:61:70:9b:a7:5e:7f:83:18:63:
                    42:45:87:ef:ec:e5:74:f4:ae:3d:f2:43:6f:bf:a8:
                    3f:2d:ce:3c:11:ad:f0:a8:b8:bf:4c:65:97:55:2c:
                    f0:57:81:c3:70:01:7c:76:0e:4a:5f:f7:86:1e:39:
                    c9:da:a3:70:fc:91:e9:35:73:36:b1:01:de:2d:af:
                    24:89:0a:a8:0e:41:61:20:26:fa:e0:7f:a4:39:a6:
                    81:bd:93:53:50:6e:59:d3:7e:e6:53:ed:1e:ac:02:
                    e1:d4:cb:11:d2:84:5b:e0:5e:fd:c3:90:16:4e:27:
                    29:45:bc:f5:0c:d3:3a:54:a5:5a:87:e0:05:1a:58:
                    82:3a:57:f9:af:b5:41:13:03:ae:03:fa:a7:d2:c8:
                    0d:67:d3:f8:81:41:9e:eb:3b:13:71:d6:7f:de:d9:
                    46:15:7d:16:da:f8:94:c9:5d:e6:46:51:1f:2a:0e:
                    ae:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:49:47:3A:27:C4:32:82:F6:BB:AF:94:6A:13:44:43:12:D4:32:33
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d2fc0877-920f-4e6c-8f40-ee4247efb624.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.48.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         95:e2:11:99:c4:8e:39:a7:93:f3:ce:9a:fb:68:c7:73:9c:bb:
         5d:ff:8e:dd:93:00:d0:c5:b1:61:c6:08:fd:8d:ab:d2:81:87:
         33:8e:85:e9:b6:2b:88:92:e3:ae:dc:b9:5e:14:58:ef:b2:e9:
         5b:84:1c:d7:89:42:7d:13:45:75:83:5f:c0:ac:40:02:11:58:
         ce:3a:6e:1e:97:d7:e3:da:92:66:19:55:39:bc:53:74:c2:99:
         f7:ce:f0:6d:d3:a2:db:f1:d2:cc:27:a5:2f:d2:ba:ce:d3:5a:
         53:0c:43:b0:75:78:41:2a:64:a5:40:b7:a9:5c:33:7a:46:f5:
         ea:98:6d:29:7e:8c:e6:1d:ef:55:c8:33:29:2e:e1:69:ce:4c:
         99:b9:e7:4b:48:99:5a:c1:a4:75:24:d5:71:1d:56:f3:01:20:
         e5:39:30:f0:c6:d0:a9:cb:7a:41:3c:65:f8:15:2a:31:5d:30:
         c2:00:3a:86:3d:b3:07:4a:7f:6f:e3:1d:18:26:8c:15:d2:37:
         2b:43:74:2f:c4:81:b4:96:aa:1c:28:5b:f3:6e:b9:9e:04:fe:
         c4:84:0f:6d:b5:eb:17:e6:03:80:38:3b:51:79:ba:88:2c:a2:
         cf:03:1a:30:4f:ec:97:9f:e1:70:e9:87:f3:87:f7:53:ab:1f:
         8d:bf:5c:c8
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdW3MaGjOwVeRRb1HCGWhiuZenGkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAzMDAwMzEzWhcNMjUxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BhNmJmNzJmZjZjMmIwNzU5MmI3MWZhMGVmZTRiYjE0N2Rl
NTFjMzJlODkxZTBlYTcxZTY2MWMyNTE4ZTBkNDMxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJ9wg9nKGhn/W4vRqYln5DmLjiwnA/Zy4znMgwkgpTTuLM
J/ySfSnURxvdOBGOOe9x2ZI6TjIVh/vkapIQ+wrFP2nv39wJ1s7EnQxNw6sgUmFw
m6def4MYY0JFh+/s5XT0rj3yQ2+/qD8tzjwRrfCouL9MZZdVLPBXgcNwAXx2Dkpf
94YeOcnao3D8kek1czaxAd4trySJCqgOQWEgJvrgf6Q5poG9k1NQblnTfuZT7R6s
AuHUyxHShFvgXv3DkBZOJylFvPUM0zpUpVqH4AUaWII6V/mvtUETA64D+qfSyA1n
0/iBQZ7rOxNx1n/e2UYVfRba+JTJXeZGUR8qDq75AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUQUlHOifEMoL2u6+UahNEQxLUMjMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2QyZmMwODc3LTkyMGYtNGU2Yy04ZjQwLWVlNDI0N2VmYjYyNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAbYMAAwDQYJKoZIhvcNAQELBQADggEBAJXiEZnEjjmnk/POmvtox3Ocu13/
jt2TANDFsWHGCP2Nq9KBhzOOhem2K4iS467cuV4UWO+y6VuEHNeJQn0TRXWDX8Cs
QAIRWM46bh6X1+PakmYZVTm8U3TCmffO8G3Totvx0swnpS/Sus7TWlMMQ7B1eEEq
ZKVAt6lcM3pG9eqYbSl+jOYd71XIMyku4WnOTJm550tImVrBpHUk1XEdVvMBIOU5
MPDG0KnLekE8ZfgVKjFdMMIAOoY9swdKf2/jHRgmjBXSNytDdC/EgbSWqhwoW/Nu
uZ4E/sSED2216xfmA4A4O1F5uogsos8DGjBP7Jef4XDph/OH91OrH42/XMg=
-----END CERTIFICATE-----