Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f95b2888-5f3f-4f91-b2d8-5c197dd01543.roa
File:                     f95b2888-5f3f-4f91-b2d8-5c197dd01543.roa (raw, json)
Hash identifier:          ADFXw6MgG6l8/feoA8rKGY+eCBNPoxTtm2uyfFUUxM0=
Subject key identifier:   D4:04:F1:E5:47:05:DE:15:33:C4:21:40:F4:79:1D:4E:D9:0C:25:D0
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       365E78BBA68E96421182D43F9E921E887BE0EE03
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f95b2888-5f3f-4f91-b2d8-5c197dd01543.roa
Signing time:             Fri 10 Oct 2025 00:01:09 +0000
ROA not before:           Fri 10 Oct 2025 00:01:09 +0000
ROA not after:            Fri 14 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        114.56.132.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:5e:78:bb:a6:8e:96:42:11:82:d4:3f:9e:92:1e:88:7b:e0:ee:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 10 00:01:09 2025 GMT
            Not After : Nov 14 23:59:59 2025 GMT
        Subject: serialNumber=5855cc3f1ec660ce1c744db195d34377688133346710e124e12bc353a4442396, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:6e:25:46:0a:96:2b:c0:05:8d:82:e6:86:90:
                    49:99:ba:c5:98:9b:80:42:38:a2:92:6b:59:f3:71:
                    af:5c:9c:4e:ee:e5:57:60:b2:ab:97:eb:63:8d:9e:
                    bd:8f:13:a3:16:ef:2f:0b:09:28:dc:f0:c1:8f:cc:
                    47:95:01:ff:1b:0b:d5:c6:5e:20:c5:99:01:ac:67:
                    43:fa:64:e4:cc:97:b6:f8:3b:eb:cc:18:f8:a5:aa:
                    17:60:ab:04:0f:a6:62:e8:c4:43:22:f6:d3:2d:43:
                    2f:01:a3:45:41:9e:f1:3a:00:42:36:67:0e:cc:f4:
                    88:e4:4d:d4:cf:1d:38:cc:97:18:cd:5d:21:65:a8:
                    07:59:b8:6a:c2:bf:b7:98:38:96:76:ab:e3:2d:ef:
                    09:99:47:f0:36:23:31:0d:3a:b6:85:d0:bf:53:f6:
                    8a:06:3a:e5:aa:34:7a:ea:02:fe:4c:43:9a:73:3b:
                    b9:f1:62:7a:f4:85:7e:87:31:73:ee:0a:e5:5e:9e:
                    7d:51:8c:db:a8:4d:4e:cd:b8:ca:82:36:d6:77:ea:
                    bf:26:8c:b3:1f:3b:a6:5a:c3:e0:9b:64:89:53:cd:
                    78:c1:7e:84:bb:f2:9d:39:cb:34:ed:b7:27:09:19:
                    45:56:3b:66:af:05:38:fe:c8:21:4a:84:a4:a4:d7:
                    d8:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:04:F1:E5:47:05:DE:15:33:C4:21:40:F4:79:1D:4E:D9:0C:25:D0
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f95b2888-5f3f-4f91-b2d8-5c197dd01543.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  114.56.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:d5:94:89:46:45:13:07:bf:11:e2:b5:53:e7:db:02:c7:25:
         e8:65:b0:c5:7f:39:63:56:a7:98:97:fd:25:7c:59:f2:6c:36:
         c3:7d:d2:50:d1:2e:1e:22:28:34:00:e9:eb:a0:eb:f7:a0:41:
         17:24:58:28:1b:06:2c:f7:ab:ff:31:64:dd:ff:92:3d:d1:bb:
         9e:2a:7f:3d:2a:16:a2:13:6d:04:9a:a3:51:97:7b:6c:ef:a5:
         09:40:0a:47:8b:50:6e:e7:4f:dc:8c:61:31:87:ec:0d:78:09:
         e1:25:45:33:71:6b:32:39:06:26:2c:b8:b6:63:75:ec:15:ff:
         54:5e:37:17:34:ea:d0:64:e7:93:89:19:a1:bb:25:24:f0:1b:
         91:2b:58:fe:4d:8b:d8:c1:52:4f:02:a6:23:dd:d0:51:dc:9c:
         d9:73:7e:d5:b1:31:4c:01:0b:39:15:cb:2f:e1:22:06:67:ce:
         6e:f2:a0:88:92:2e:65:80:00:29:47:51:1e:50:3f:ef:d0:52:
         bc:02:8d:56:99:46:2b:a6:e4:3e:7b:46:f4:df:28:27:e8:7f:
         b0:68:fd:7d:77:6c:1b:57:ea:06:df:35:9d:3d:75:f2:91:5b:
         c9:a9:67:66:80:63:65:41:62:dc:3f:58:2e:2c:23:bb:2d:ea:
         d7:3d:88:16
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNl54u6aOlkIRgtQ/npIeiHvg7gMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDEwMDAwMTA5WhcNMjUxMTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A1ODU1Y2MzZjFlYzY2MGNlMWM3NDRkYjE5NWQzNDM3NzY4
ODEzMzM0NjcxMGUxMjRlMTJiYzM1M2E0NDQyMzk2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1biVGCpYrwAWNguaGkEmZusWYm4BCOKKSa1nzca9cnE7u
5VdgsquX62ONnr2PE6MW7y8LCSjc8MGPzEeVAf8bC9XGXiDFmQGsZ0P6ZOTMl7b4
O+vMGPilqhdgqwQPpmLoxEMi9tMtQy8Bo0VBnvE6AEI2Zw7M9IjkTdTPHTjMlxjN
XSFlqAdZuGrCv7eYOJZ2q+Mt7wmZR/A2IzENOraF0L9T9ooGOuWqNHrqAv5MQ5pz
O7nxYnr0hX6HMXPuCuVenn1RjNuoTU7NuMqCNtZ36r8mjLMfO6Zaw+CbZIlTzXjB
foS78p05yzTttycJGUVWO2avBTj+yCFKhKSk19hNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU1ATx5UcF3hUzxCFA9HkdTtkMJdAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Y5NWIyODg4LTVmM2YtNGY5MS1iMmQ4LTVjMTk3ZGQwMTU0My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAByOIQwDQYJKoZIhvcNAQELBQADggEBAHnVlIlGRRMHvxHitVPn2wLHJehl
sMV/OWNWp5iX/SV8WfJsNsN90lDRLh4iKDQA6eug6/egQRckWCgbBiz3q/8xZN3/
kj3Ru54qfz0qFqITbQSao1GXe2zvpQlACkeLUG7nT9yMYTGH7A14CeElRTNxazI5
BiYsuLZjdewV/1ReNxc06tBk55OJGaG7JSTwG5ErWP5Ni9jBUk8CpiPd0FHcnNlz
ftWxMUwBCzkVyy/hIgZnzm7yoIiSLmWAAClHUR5QP+/QUrwCjVaZRium5D57RvTf
KCfof7Bo/X13bBtX6gbfNZ09dfKRW8mpZ2aAY2VBYtw/WC4sI7st6tc9iBY=
-----END CERTIFICATE-----