Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fe5bf133-3d81-4137-ac73-2c66456c6024.roa
File:                     fe5bf133-3d81-4137-ac73-2c66456c6024.roa (raw, json)
Hash identifier:          dLCq6R69xgsB8z7W9AmfUpo3xJOQMMPF44FR6nJSt0g=
Subject key identifier:   9E:A2:20:57:7D:B4:C3:74:D8:07:28:CA:23:48:97:23:AC:56:0F:15
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4F41680A0D2D59CD8AEC6291DAD675E2B7C4836D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fe5bf133-3d81-4137-ac73-2c66456c6024.roa
Signing time:             Wed 01 Oct 2025 00:41:09 +0000
ROA not before:           Wed 01 Oct 2025 00:41:09 +0000
ROA not after:            Wed 05 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        57.198.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:41:68:0a:0d:2d:59:cd:8a:ec:62:91:da:d6:75:e2:b7:c4:83:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  1 00:41:09 2025 GMT
            Not After : Nov  5 23:59:59 2025 GMT
        Subject: serialNumber=dab752bd38ef7f99940b73b2007bd427b0bfac11ccb13e632e3069be5f3f79a6, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:78:ee:ba:61:cd:b0:79:80:1b:95:94:7b:9c:
                    7b:cf:c7:8f:26:e6:e4:a9:48:5e:c6:15:5d:aa:3c:
                    5f:f9:e3:1b:92:e8:5f:c1:56:4f:66:06:a4:32:aa:
                    98:e5:e4:6c:b4:d8:21:3a:a1:76:7d:37:ab:6e:2f:
                    70:88:29:10:f0:1e:58:5c:91:51:b0:0c:1d:66:9f:
                    cc:a3:82:f1:cc:de:6c:09:e7:39:6d:df:c0:b8:8c:
                    a3:b1:ac:e2:81:b0:3f:b0:c6:6c:b7:3c:86:39:fd:
                    12:e6:6b:34:31:e7:5d:4f:70:16:42:d1:27:85:56:
                    20:08:15:bc:6a:18:cc:89:a9:70:ba:4a:90:e3:9d:
                    2d:c2:12:75:b8:b9:e8:49:b7:02:0e:43:0f:9b:cb:
                    68:24:3b:68:b5:c0:0d:a3:31:2a:c9:29:00:bf:e8:
                    d6:05:6c:ac:6d:65:6b:e5:e9:ec:3f:29:f5:8a:7e:
                    06:04:72:6f:ed:9a:04:f5:8c:58:d9:d7:e5:bc:57:
                    9b:55:1f:98:6d:b9:3b:68:a9:35:94:dd:ec:42:de:
                    0a:56:26:fd:cb:9f:5e:42:d6:ce:06:41:5a:8b:0e:
                    2b:db:00:54:1b:c3:9f:c2:c2:ea:41:f6:86:62:bb:
                    21:16:eb:e9:ce:e8:64:d1:6c:ef:a4:cf:51:18:79:
                    32:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:A2:20:57:7D:B4:C3:74:D8:07:28:CA:23:48:97:23:AC:56:0F:15
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fe5bf133-3d81-4137-ac73-2c66456c6024.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  57.198.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         03:4a:fb:86:2a:f0:56:e0:23:0a:8f:f1:31:f9:99:79:a0:db:
         73:ac:3e:a0:cd:8f:fe:ca:d3:cd:2d:f7:0c:1c:98:1c:7b:b2:
         12:36:82:ec:03:07:ad:30:d5:80:78:62:cc:92:44:89:0a:0e:
         0d:4c:58:ca:8e:ba:e2:97:d0:b5:06:52:79:e9:29:e4:ec:dc:
         61:2e:a6:da:c2:5b:c0:3f:74:e7:c6:8d:ec:ee:31:06:88:ea:
         21:62:ad:c3:48:f7:a6:9c:2d:44:34:51:42:70:37:5e:5b:80:
         e1:b5:16:58:6f:33:17:91:5c:a5:bb:fd:1d:d5:fe:3c:b3:30:
         a9:a8:73:51:8f:a3:a9:6d:3f:33:56:1f:93:01:10:62:6a:23:
         fe:b3:d6:e6:5f:46:6d:ab:c4:9f:b3:44:05:57:02:0c:50:9f:
         b9:60:b9:db:91:a3:30:5e:58:96:4e:e2:6e:30:1a:d5:88:f3:
         f8:96:e4:6c:cc:6a:34:6e:86:a1:f3:07:52:3f:a8:6e:e4:2d:
         48:4e:a7:50:1c:36:e5:cf:df:a7:7d:fe:89:f3:2e:11:9c:a3:
         0b:21:c7:a0:f3:ac:a9:bb:63:3c:3d:69:37:82:6d:c3:58:29:
         af:4b:a9:39:7e:e0:60:51:30:33:62:de:7c:20:3c:18:5b:1e:
         db:49:32:fd
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUT0FoCg0tWc2K7GKR2tZ14rfEg20wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDA0MTA5WhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BkYWI3NTJiZDM4ZWY3Zjk5OTQwYjczYjIwMDdiZDQyN2Iw
YmZhYzExY2NiMTNlNjMyZTMwNjliZTVmM2Y3OWE2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCdeO66Yc2weYAblZR7nHvPx48m5uSpSF7GFV2qPF/54xuS
6F/BVk9mBqQyqpjl5Gy02CE6oXZ9N6tuL3CIKRDwHlhckVGwDB1mn8yjgvHM3mwJ
5zlt38C4jKOxrOKBsD+wxmy3PIY5/RLmazQx511PcBZC0SeFViAIFbxqGMyJqXC6
SpDjnS3CEnW4uehJtwIOQw+by2gkO2i1wA2jMSrJKQC/6NYFbKxtZWvl6ew/KfWK
fgYEcm/tmgT1jFjZ1+W8V5tVH5htuTtoqTWU3exC3gpWJv3Ln15C1s4GQVqLDivb
AFQbw5/CwupB9oZiuyEW6+nO6GTRbO+kz1EYeTI3AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUnqIgV320w3TYByjKI0iXI6xWDxUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ZlNWJmMTMzLTNkODEtNDEzNy1hYzczLTJjNjY0NTZjNjAyNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA5xjANBgkqhkiG9w0BAQsFAAOCAQEAA0r7hirwVuAjCo/xMfmZeaDbc6w+
oM2P/srTzS33DByYHHuyEjaC7AMHrTDVgHhizJJEiQoODUxYyo664pfQtQZSeekp
5OzcYS6m2sJbwD9058aN7O4xBojqIWKtw0j3ppwtRDRRQnA3XluA4bUWWG8zF5Fc
pbv9HdX+PLMwqahzUY+jqW0/M1YfkwEQYmoj/rPW5l9GbavEn7NEBVcCDFCfuWC5
25GjMF5Ylk7ibjAa1Yjz+JbkbMxqNG6GofMHUj+obuQtSE6nUBw25c/fp33+ifMu
EZyjCyHHoPOsqbtjPD1pN4Jtw1gpr0upOX7gYFEwM2LefCA8GFse20ky/Q==
-----END CERTIFICATE-----