Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e541b1d1-d624-4ed3-a35b-eb257b0a449b.roa
File:                     e541b1d1-d624-4ed3-a35b-eb257b0a449b.roa (raw, json)
Hash identifier:          zIgobv5g8uYP9N28rtEXuctjb5cDdP5uY7nal+EiYl0=
Subject key identifier:   07:4E:A0:E4:28:80:B9:A6:F5:EE:B8:53:D5:EC:19:70:B6:0E:50:F0
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3FB434821E5406BF7813BA0561D94AD53B86B545
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e541b1d1-d624-4ed3-a35b-eb257b0a449b.roa
Signing time:             Mon 13 Oct 2025 15:52:08 +0000
ROA not before:           Mon 13 Oct 2025 15:52:08 +0000
ROA not after:            Mon 17 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        44.224.0.0/11 maxlen: 11
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:b4:34:82:1e:54:06:bf:78:13:ba:05:61:d9:4a:d5:3b:86:b5:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 13 15:52:08 2025 GMT
            Not After : Nov 17 23:59:59 2025 GMT
        Subject: serialNumber=4c76c47b2c2d9a043b065a5c12be0a0f93e861dc62d24682812baa48394f0ced, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:7f:e7:32:2e:cb:41:ad:c2:f8:b0:6f:2e:72:
                    5d:d8:22:e2:08:75:72:a5:db:99:b0:41:c5:66:f3:
                    a3:ec:b6:c6:fb:16:e3:1b:7f:64:a6:60:ac:89:75:
                    1e:6a:5e:1a:23:60:26:e7:c2:66:a0:30:84:6c:9a:
                    8e:f4:82:84:73:ce:19:5d:6c:b3:56:87:7e:6f:96:
                    51:1e:29:e2:ad:0e:ba:e4:e9:bc:83:67:31:9d:36:
                    8a:29:44:21:c0:d2:aa:ea:f4:e2:70:17:19:8f:bf:
                    ea:2d:85:39:ab:8c:34:5b:9b:2a:9d:9b:58:5b:ab:
                    f0:a1:ff:f7:d8:66:05:69:bd:d0:4f:ec:b2:c5:04:
                    36:b1:78:c1:29:54:bf:55:ed:e7:dd:d2:3b:cb:86:
                    bc:b8:82:c0:58:be:1f:56:dd:b2:d1:e7:03:9b:48:
                    48:28:24:46:e3:53:0d:8c:ee:8d:f8:c5:73:8d:13:
                    58:43:80:90:7a:f9:13:55:bd:41:69:f5:e4:be:fe:
                    c8:6c:62:5e:9b:44:12:5b:a7:16:19:26:c8:ef:93:
                    65:35:77:43:54:6d:e4:8a:36:3b:ff:6a:82:f6:95:
                    63:f4:26:1f:2d:f7:18:13:31:df:8c:a2:70:65:79:
                    03:ab:f8:c0:a2:31:42:33:e8:49:58:ef:7f:ee:ba:
                    2f:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:4E:A0:E4:28:80:B9:A6:F5:EE:B8:53:D5:EC:19:70:B6:0E:50:F0
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e541b1d1-d624-4ed3-a35b-eb257b0a449b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  44.224.0.0/11

    Signature Algorithm: sha256WithRSAEncryption
         c0:fd:7e:1f:36:ca:b2:dc:4d:36:da:96:e4:6a:78:16:80:51:
         78:6c:b8:75:28:d2:60:6a:67:4a:3d:1f:07:d4:dc:a9:9c:9e:
         14:cc:a3:95:0b:42:5e:01:41:90:1b:f8:28:46:5d:91:27:07:
         b3:24:28:bf:ba:56:88:28:8d:30:1c:e6:9e:c6:2e:cc:de:a7:
         b2:7d:43:56:04:79:4b:f4:66:2a:bd:43:63:bc:98:04:3a:24:
         04:c4:81:21:7f:9a:48:65:ec:50:e8:e9:c6:00:b3:94:ab:41:
         51:7a:02:0b:72:39:a5:46:87:c6:bf:88:03:06:96:45:cb:ff:
         a9:27:41:3a:60:bf:ea:81:38:54:ce:9f:d2:66:d1:44:09:67:
         ab:fa:1e:dc:c5:e0:7d:4e:a0:9e:86:13:f7:91:7c:68:03:fd:
         50:79:41:ee:24:1d:d6:1c:90:68:aa:ba:c3:c2:30:1a:df:36:
         b7:43:27:50:d9:a4:ca:76:56:5a:12:67:f3:c0:40:6d:51:9e:
         3d:63:b3:66:d1:c4:3a:b4:f7:fa:25:30:5f:a7:d0:bb:64:db:
         9d:d2:9d:20:13:3f:fb:88:68:bb:6c:22:50:7a:ab:1b:ba:38:
         ef:1b:ee:99:25:4b:99:c2:bc:43:1e:89:2d:ad:d4:83:82:9e:
         a4:98:f6:2d
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUP7Q0gh5UBr94E7oFYdlK1TuGtUUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDEzMTU1MjA4WhcNMjUxMTE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A0Yzc2YzQ3YjJjMmQ5YTA0M2IwNjVhNWMxMmJlMGEwZjkz
ZTg2MWRjNjJkMjQ2ODI4MTJiYWE0ODM5NGYwY2VkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzf+cyLstBrcL4sG8ucl3YIuIIdXKl25mwQcVm86Pstsb7
FuMbf2SmYKyJdR5qXhojYCbnwmagMIRsmo70goRzzhldbLNWh35vllEeKeKtDrrk
6byDZzGdNoopRCHA0qrq9OJwFxmPv+othTmrjDRbmyqdm1hbq/Ch//fYZgVpvdBP
7LLFBDaxeMEpVL9V7efd0jvLhry4gsBYvh9W3bLR5wObSEgoJEbjUw2M7o34xXON
E1hDgJB6+RNVvUFp9eS+/shsYl6bRBJbpxYZJsjvk2U1d0NUbeSKNjv/aoL2lWP0
Jh8t9xgTMd+MonBleQOr+MCiMUIz6ElY73/uui99AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUB06g5CiAuab17rhT1ewZcLYOUPAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U1NDFiMWQxLWQ2MjQtNGVkMy1hMzViLWViMjU3YjBhNDQ5Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwUs4DANBgkqhkiG9w0BAQsFAAOCAQEAwP1+HzbKstxNNtqW5Gp4FoBReGy4
dSjSYGpnSj0fB9TcqZyeFMyjlQtCXgFBkBv4KEZdkScHsyQov7pWiCiNMBzmnsYu
zN6nsn1DVgR5S/RmKr1DY7yYBDokBMSBIX+aSGXsUOjpxgCzlKtBUXoCC3I5pUaH
xr+IAwaWRcv/qSdBOmC/6oE4VM6f0mbRRAlnq/oe3MXgfU6gnoYT95F8aAP9UHlB
7iQd1hyQaKq6w8IwGt82t0MnUNmkynZWWhJn88BAbVGePWOzZtHEOrT3+iUwX6fQ
u2TbndKdIBM/+4hou2wiUHqrG7o47xvumSVLmcK8Qx6JLa3Ug4KepJj2LQ==
-----END CERTIFICATE-----