Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e0bd193b-fffc-45c4-bd44-e59fff3c0c0d.roa
File:                     e0bd193b-fffc-45c4-bd44-e59fff3c0c0d.roa (raw, json)
Hash identifier:          4eKGBJm7y9jEF8MQvu0gNMHuHtW/ACi66N3yRkieRhE=
Subject key identifier:   95:84:35:57:28:EB:59:03:49:B9:25:2B:0E:65:3E:35:15:72:EE:18
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       17273D8876CE2BDE74689291ABC87EFC09A77085
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e0bd193b-fffc-45c4-bd44-e59fff3c0c0d.roa
Signing time:             Sun 19 Oct 2025 01:31:51 +0000
ROA not before:           Sun 19 Oct 2025 01:31:51 +0000
ROA not after:            Sun 23 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.196.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:27:3d:88:76:ce:2b:de:74:68:92:91:ab:c8:7e:fc:09:a7:70:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 19 01:31:51 2025 GMT
            Not After : Nov 23 23:59:59 2025 GMT
        Subject: serialNumber=366c8cea1593742afa0fa02356ba21cf0ccf9938bbdaeffedb3f5667e9c92603, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:b6:a0:87:21:be:24:38:fe:a2:ac:4b:64:14:
                    f9:d7:c0:15:42:ef:d6:8c:8f:4a:1e:c4:6a:fd:df:
                    d5:de:91:1f:1b:99:b9:55:28:03:61:bc:83:9e:23:
                    c4:ec:ae:e0:07:f7:9d:70:26:27:cb:5b:30:1c:97:
                    03:47:29:b0:89:3e:32:be:01:f6:f5:a8:1e:78:02:
                    aa:ad:06:96:73:fd:a0:3d:eb:f7:be:77:07:33:ff:
                    46:5a:8b:60:67:e4:76:a2:12:e6:12:3b:05:99:3c:
                    11:f1:5e:3b:fc:3f:6b:f0:df:65:57:da:49:8c:b5:
                    79:bf:be:a6:93:aa:5f:5e:f2:f5:ee:df:b7:76:b2:
                    f5:86:b6:1f:12:a8:d2:6a:d5:c6:7e:09:fc:f8:f9:
                    6d:3e:45:7b:34:30:af:7b:d0:63:e7:d1:01:04:5d:
                    7d:94:4e:98:ef:a9:f1:ca:b6:4a:74:2d:ee:6e:30:
                    7e:60:1e:a4:9b:ac:78:3e:81:ab:82:9d:c5:eb:60:
                    7f:26:e8:10:ac:56:a1:8d:0a:bf:c7:42:37:40:60:
                    26:c3:0d:2d:9e:b7:a5:ac:ea:27:2f:eb:cf:fb:f9:
                    ea:d3:88:b4:4a:bf:fa:58:a0:16:0f:7f:7a:0b:78:
                    4b:6a:8f:10:73:aa:d9:75:6e:07:dd:1a:6d:8e:93:
                    62:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:84:35:57:28:EB:59:03:49:B9:25:2B:0E:65:3E:35:15:72:EE:18
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e0bd193b-fffc-45c4-bd44-e59fff3c0c0d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.196.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         1e:70:b7:8f:8e:85:31:57:4e:7d:06:2a:47:5d:85:e7:dd:4f:
         f0:b0:21:7f:d1:e2:44:73:b8:b7:fa:58:8c:34:70:0d:23:a2:
         f7:9a:c5:2b:79:16:93:b9:15:b2:27:32:cc:07:94:56:b1:dc:
         3c:d9:34:83:4e:5d:90:80:22:4b:6f:fa:af:06:0d:bd:5a:3c:
         31:32:29:19:2b:7e:dd:a6:ef:cc:92:78:ba:b7:08:6b:8e:81:
         d9:8a:5b:8f:83:ba:23:d8:b1:1d:7e:20:cf:72:d8:92:c2:ef:
         54:b4:20:e3:c6:4a:b9:f4:b4:98:17:bd:db:20:ff:c4:ab:cd:
         ef:cf:46:5f:09:75:99:eb:d9:67:a2:82:fc:e1:51:95:00:bd:
         d3:77:a1:8d:28:7d:9c:db:e9:d3:6c:90:9b:d6:b8:64:9a:fe:
         ee:e8:b6:a4:19:6b:35:cd:77:b0:e0:4e:73:ee:b0:be:a2:c5:
         de:76:4d:9a:ec:f3:59:2a:83:57:61:c3:f5:ef:78:4a:73:c3:
         eb:7e:e4:78:2c:b3:b8:6a:9b:48:c2:ce:24:b9:64:64:ff:fb:
         a9:07:f7:86:b3:0e:ec:c3:6f:a0:96:04:f6:9a:c4:f8:53:80:
         8e:e0:7f:21:cf:19:2b:c8:c9:60:fc:f7:e9:d8:12:b9:93:aa:
         2c:80:d8:dd
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUFyc9iHbOK950aJKRq8h+/AmncIUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE5MDEzMTUxWhcNMjUxMTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0AzNjZjOGNlYTE1OTM3NDJhZmEwZmEwMjM1NmJhMjFjZjBj
Y2Y5OTM4YmJkYWVmZmVkYjNmNTY2N2U5YzkyNjAzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDLtqCHIb4kOP6irEtkFPnXwBVC79aMj0oexGr939XekR8b
mblVKANhvIOeI8TsruAH951wJifLWzAclwNHKbCJPjK+Afb1qB54AqqtBpZz/aA9
6/e+dwcz/0Zai2Bn5HaiEuYSOwWZPBHxXjv8P2vw32VX2kmMtXm/vqaTql9e8vXu
37d2svWGth8SqNJq1cZ+Cfz4+W0+RXs0MK970GPn0QEEXX2UTpjvqfHKtkp0Le5u
MH5gHqSbrHg+gauCncXrYH8m6BCsVqGNCr/HQjdAYCbDDS2et6Ws6icv68/7+erT
iLRKv/pYoBYPf3oLeEtqjxBzqtl1bgfdGm2Ok2JtAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUlYQ1VyjrWQNJuSUrDmU+NRVy7hgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2UwYmQxOTNiLWZmZmMtNDVjNC1iZDQ0LWU1OWZmZjNjMGMwZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4xDANBgkqhkiG9w0BAQsFAAOCAQEAHnC3j46FMVdOfQYqR12F591P8LAh
f9HiRHO4t/pYjDRwDSOi95rFK3kWk7kVsicyzAeUVrHcPNk0g05dkIAiS2/6rwYN
vVo8MTIpGSt+3abvzJJ4urcIa46B2Ypbj4O6I9ixHX4gz3LYksLvVLQg48ZKufS0
mBe92yD/xKvN789GXwl1mevZZ6KC/OFRlQC903ehjSh9nNvp02yQm9a4ZJr+7ui2
pBlrNc13sOBOc+6wvqLF3nZNmuzzWSqDV2HD9e94SnPD637keCyzuGqbSMLOJLlk
ZP/7qQf3hrMO7MNvoJYE9prE+FOAjuB/Ic8ZK8jJYPz36dgSuZOqLIDY3Q==
-----END CERTIFICATE-----