Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/edabdce6-a3ca-4743-8403-ae737c3b4588.roa
File:                     edabdce6-a3ca-4743-8403-ae737c3b4588.roa (raw, json)
Hash identifier:          O1dyCHGMPp/1Geigg8cznkGufer7dOOrzVypz8hZgtg=
Subject key identifier:   0A:65:DD:53:B9:5C:47:D3:AA:47:EF:40:53:4E:ED:4A:09:FE:17:7B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       12D3691DA61B72F06DF99BA963EFCF3D511CD906
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/edabdce6-a3ca-4743-8403-ae737c3b4588.roa
Signing time:             Mon 06 Oct 2025 16:41:10 +0000
ROA not before:           Mon 06 Oct 2025 16:41:10 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        50.17.160.0/20 maxlen: 20
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:d3:69:1d:a6:1b:72:f0:6d:f9:9b:a9:63:ef:cf:3d:51:1c:d9:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  6 16:41:10 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=8afd82cfcb28644d423282e51defc136ce73d8c1d697b62a139ab94cc440e1b0, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:43:8f:10:00:93:28:de:6b:f6:fe:7d:95:ab:
                    7e:be:93:e6:e2:7d:96:78:23:69:e6:1d:2f:e3:3f:
                    8d:4d:e9:27:42:f0:e4:da:29:57:c2:6c:78:26:98:
                    ba:9d:09:e4:44:93:f0:46:32:f5:06:4a:29:f7:2d:
                    c9:1b:8e:0c:90:21:95:2e:36:f8:5c:0d:d7:25:b7:
                    ff:7f:72:f1:fa:e1:23:54:ca:c5:ad:0f:ba:6b:f4:
                    5d:81:ef:47:c6:69:bb:e4:d2:33:d9:e2:df:b6:47:
                    22:de:94:4d:e7:c6:98:ea:0b:6d:dd:fe:e0:4c:85:
                    aa:1f:b2:81:30:f0:4c:97:ad:da:d2:87:3d:b3:d2:
                    8c:e3:f2:a4:9b:bd:23:1e:4e:15:2c:9d:c3:ad:3b:
                    f9:41:15:cf:45:47:0b:00:d1:b7:ad:dd:d9:32:48:
                    ae:b6:a1:a4:6c:bf:29:77:85:b0:fd:29:d1:50:6d:
                    02:7b:f6:57:c3:fd:94:03:aa:35:12:cf:89:e8:99:
                    62:28:d6:00:2c:20:44:61:60:1a:9a:10:5b:c8:b6:
                    99:36:b8:c2:88:fa:11:b4:6d:3b:ba:c7:32:fe:68:
                    9e:80:9a:a9:54:dd:14:b0:2a:48:f5:0a:24:16:f6:
                    33:69:fc:f1:92:b1:47:f2:a8:80:d9:22:b1:27:3f:
                    54:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:65:DD:53:B9:5C:47:D3:AA:47:EF:40:53:4E:ED:4A:09:FE:17:7B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/edabdce6-a3ca-4743-8403-ae737c3b4588.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  50.17.160.0/20

    Signature Algorithm: sha256WithRSAEncryption
         ac:56:1c:ea:df:29:88:43:e3:ee:75:4e:80:a6:bf:91:99:33:
         cf:6e:3c:e3:a9:49:8c:81:99:62:f7:8d:b0:42:14:16:ee:49:
         65:42:c6:dc:10:cb:34:43:b6:5b:a8:7c:f0:17:d8:d1:2c:d6:
         a8:24:31:8e:56:b9:3f:77:4c:a2:33:c4:67:93:95:73:fe:01:
         3c:47:11:75:74:9f:eb:e8:f7:78:4e:77:47:0d:62:70:c2:65:
         92:5c:79:70:b1:23:3a:d5:b5:93:37:07:bc:fd:7e:98:9d:e7:
         82:5d:0c:ec:5e:06:da:5d:69:5a:e3:3c:a8:e7:76:24:b0:a3:
         36:ac:3e:0a:2c:35:e0:6a:f6:4e:1c:43:20:02:79:1e:80:f5:
         4d:3a:d8:9a:ba:48:13:62:10:ef:ac:53:81:42:79:8a:00:1a:
         69:b6:73:9d:57:16:4d:df:eb:69:75:46:0f:a0:0b:6d:2b:f4:
         d5:ee:d5:34:e3:a4:c7:81:d0:8b:43:46:a3:de:00:2c:fd:a1:
         ca:39:c8:59:75:43:92:ae:ce:9f:08:20:5e:10:c2:3e:e1:aa:
         82:d2:26:52:0c:56:e2:47:25:29:79:d0:76:15:16:8b:0f:2a:
         0a:76:f0:84:17:ed:1d:4e:ae:14:59:30:aa:d3:92:04:a4:c5:
         f6:67:a4:e0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUEtNpHaYbcvBt+ZupY+/PPVEc2QYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA2MTY0MTEwWhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A4YWZkODJjZmNiMjg2NDRkNDIzMjgyZTUxZGVmYzEzNmNl
NzNkOGMxZDY5N2I2MmExMzlhYjk0Y2M0NDBlMWIwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0Q48QAJMo3mv2/n2Vq36+k+bifZZ4I2nmHS/jP41N6SdC
8OTaKVfCbHgmmLqdCeREk/BGMvUGSin3LckbjgyQIZUuNvhcDdclt/9/cvH64SNU
ysWtD7pr9F2B70fGabvk0jPZ4t+2RyLelE3nxpjqC23d/uBMhaofsoEw8EyXrdrS
hz2z0ozj8qSbvSMeThUsncOtO/lBFc9FRwsA0bet3dkySK62oaRsvyl3hbD9KdFQ
bQJ79lfD/ZQDqjUSz4nomWIo1gAsIERhYBqaEFvItpk2uMKI+hG0bTu6xzL+aJ6A
mqlU3RSwKkj1CiQW9jNp/PGSsUfyqIDZIrEnP1QvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUCmXdU7lcR9OqR+9AU07tSgn+F3swHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2VkYWJkY2U2LWEzY2EtNDc0My04NDAzLWFlNzM3YzNiNDU4OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQyEaAwDQYJKoZIhvcNAQELBQADggEBAKxWHOrfKYhD4+51ToCmv5GZM89u
POOpSYyBmWL3jbBCFBbuSWVCxtwQyzRDtluofPAX2NEs1qgkMY5WuT93TKIzxGeT
lXP+ATxHEXV0n+vo93hOd0cNYnDCZZJceXCxIzrVtZM3B7z9fpid54JdDOxeBtpd
aVrjPKjndiSwozasPgosNeBq9k4cQyACeR6A9U062Jq6SBNiEO+sU4FCeYoAGmm2
c51XFk3f62l1Rg+gC20r9NXu1TTjpMeB0ItDRqPeACz9oco5yFl1Q5Kuzp8IIF4Q
wj7hqoLSJlIMVuJHJSl50HYVFosPKgp28IQX7R1OrhRZMKrTkgSkxfZnpOA=
-----END CERTIFICATE-----