Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e511c3ab-a3d4-4344-9e19-ddd5b8c0e102.roa
File:                     e511c3ab-a3d4-4344-9e19-ddd5b8c0e102.roa (raw, json)
Hash identifier:          eZPOQk4xFMkiGn+0f7yAijZLmmKrYAtfQ45LB0h2960=
Subject key identifier:   56:14:ED:40:0A:4B:2B:18:72:87:7E:92:96:7E:2B:E9:0D:48:98:27
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2BF4DB3CAAB7B810B50ACF51FF49457197EE9D30
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e511c3ab-a3d4-4344-9e19-ddd5b8c0e102.roa
Signing time:             Fri 26 Sep 2025 00:11:24 +0000
ROA not before:           Fri 26 Sep 2025 00:11:24 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        16.56.224.0/19 maxlen: 19
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:f4:db:3c:aa:b7:b8:10:b5:0a:cf:51:ff:49:45:71:97:ee:9d:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 26 00:11:24 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=18233f3693265cf273d8d9327a36b604b98a301d9b85c1c364f2f5cea917882e, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:75:28:1a:aa:cf:34:2d:06:ff:9f:51:ff:27:
                    b2:af:31:d7:4d:45:60:42:20:38:ae:16:80:a9:95:
                    e8:84:09:f6:4f:f9:f0:fd:90:a5:a7:03:fc:90:a6:
                    c8:96:23:db:86:6e:be:bb:35:06:b4:cf:9b:c8:27:
                    74:fe:cb:3e:e3:f5:38:b9:96:69:f9:1f:6d:38:47:
                    d7:5b:28:fe:62:63:c2:38:49:ba:08:31:4e:b8:2f:
                    bf:1b:0c:d9:d1:77:22:f3:1c:63:16:91:bb:f9:6c:
                    49:5b:5b:cc:3f:1c:55:f0:d1:e1:da:8b:c7:c7:5d:
                    91:3e:a0:43:60:f0:fc:0f:7c:63:7f:72:60:6e:7d:
                    e8:32:6d:b0:4a:ae:7c:14:d0:af:2b:67:d5:6e:67:
                    48:18:6a:49:d2:31:f9:d6:9a:42:4b:70:cb:fd:b9:
                    9d:c2:8e:c1:70:7e:d1:9c:52:20:0c:0f:db:32:7b:
                    e2:2a:d7:b8:a7:c2:84:40:d5:6c:c3:4d:ce:1f:3c:
                    2c:82:b9:03:b5:15:a0:e7:9a:15:25:0f:f4:53:b6:
                    83:5e:1b:c9:3d:67:13:80:a8:14:29:87:96:7e:9b:
                    08:95:f2:d2:86:73:3e:5f:3e:2b:89:04:ea:e0:87:
                    65:5d:c9:c0:b2:71:33:4f:15:53:5c:dc:8a:0d:68:
                    06:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:14:ED:40:0A:4B:2B:18:72:87:7E:92:96:7E:2B:E9:0D:48:98:27
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e511c3ab-a3d4-4344-9e19-ddd5b8c0e102.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.56.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         54:14:66:d5:1c:be:12:35:8f:e0:aa:55:0a:48:83:12:d9:98:
         a4:fc:fc:c0:cb:0d:1b:c0:99:99:c9:76:0d:17:f8:a8:cd:c3:
         f9:3f:88:54:0f:52:12:68:eb:cd:b9:88:0f:45:75:73:b2:e5:
         d3:c1:a3:64:67:ce:0b:98:58:66:fb:91:80:16:60:be:a1:4e:
         a2:43:bd:31:90:e2:2e:16:5f:df:39:21:f8:86:ac:cd:19:52:
         94:0f:21:cd:c4:97:a6:68:e7:be:1e:35:4c:0d:1c:af:58:df:
         50:1c:fc:94:6c:57:90:3d:5d:a9:55:d4:7b:27:f3:1a:dd:32:
         21:b4:4a:73:90:cc:d4:e3:1d:00:4c:8c:bb:dc:d1:0a:53:0c:
         e8:dc:29:08:30:07:69:14:14:d4:1a:10:16:e3:6f:9f:f6:27:
         e2:c8:a1:49:e4:c7:c7:22:8c:6b:02:df:34:4c:c5:59:64:82:
         ea:5e:71:d1:ca:60:a1:ab:0a:87:b3:2c:db:03:6b:db:f0:65:
         63:66:29:cb:d5:62:80:18:d1:39:c3:a4:f6:7f:03:a8:92:3c:
         80:8b:e9:2b:86:a5:95:fd:a6:eb:bb:eb:2c:3e:a6:df:21:ea:
         34:dd:75:c0:a8:51:ba:32:d5:9e:72:20:2c:58:a3:c0:d3:45:
         12:0a:cc:a5
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUK/TbPKq3uBC1Cs9R/0lFcZfunTAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI2MDAxMTI0WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AxODIzM2YzNjkzMjY1Y2YyNzNkOGQ5MzI3YTM2YjYwNGI5
OGEzMDFkOWI4NWMxYzM2NGYyZjVjZWE5MTc4ODJlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDKdSgaqs80LQb/n1H/J7KvMddNRWBCIDiuFoCpleiECfZP
+fD9kKWnA/yQpsiWI9uGbr67NQa0z5vIJ3T+yz7j9Ti5lmn5H204R9dbKP5iY8I4
SboIMU64L78bDNnRdyLzHGMWkbv5bElbW8w/HFXw0eHai8fHXZE+oENg8PwPfGN/
cmBufegybbBKrnwU0K8rZ9VuZ0gYaknSMfnWmkJLcMv9uZ3CjsFwftGcUiAMD9sy
e+Iq17inwoRA1WzDTc4fPCyCuQO1FaDnmhUlD/RTtoNeG8k9ZxOAqBQph5Z+mwiV
8tKGcz5fPiuJBOrgh2VdycCycTNPFVNc3IoNaAaLAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUVhTtQApLKxhyh36Sln4r6Q1ImCcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U1MTFjM2FiLWEzZDQtNDM0NC05ZTE5LWRkZDViOGMwZTEwMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAUQOOAwDQYJKoZIhvcNAQELBQADggEBAFQUZtUcvhI1j+CqVQpIgxLZmKT8
/MDLDRvAmZnJdg0X+KjNw/k/iFQPUhJo6825iA9FdXOy5dPBo2RnzguYWGb7kYAW
YL6hTqJDvTGQ4i4WX985IfiGrM0ZUpQPIc3El6Zo574eNUwNHK9Y31Ac/JRsV5A9
XalV1Hsn8xrdMiG0SnOQzNTjHQBMjLvc0QpTDOjcKQgwB2kUFNQaEBbjb5/2J+LI
oUnkx8cijGsC3zRMxVlkgupecdHKYKGrCoezLNsDa9vwZWNmKcvVYoAY0TnDpPZ/
A6iSPICL6SuGpZX9puu76yw+pt8h6jTddcCoUboy1Z5yICxYo8DTRRIKzKU=
-----END CERTIFICATE-----
Generated at Mon Oct 20 17:01:37 2025 by rpki-client