Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0186970e-89aa-4c95-ae6f-6bb7b45d5b25.roa
File:                     0186970e-89aa-4c95-ae6f-6bb7b45d5b25.roa (raw, json)
Hash identifier:          rTjsgElvHwrR7fpd7GgdV8CZTHKZ1utZs2oOhzyVOd0=
Subject key identifier:   1E:97:DA:82:7D:56:D2:B4:63:96:93:73:3D:B8:A1:93:0A:9A:FB:46
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       52CEC17565C46C8F8211F5D9EED76C557F1AC190
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0186970e-89aa-4c95-ae6f-6bb7b45d5b25.roa
Signing time:             Sat 15 Nov 2025 00:20:43 +0000
ROA not before:           Sat 15 Nov 2025 00:20:43 +0000
ROA not after:            Sat 20 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.116.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:ce:c1:75:65:c4:6c:8f:82:11:f5:d9:ee:d7:6c:55:7f:1a:c1:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 15 00:20:43 2025 GMT
            Not After : Dec 20 23:59:59 2025 GMT
        Subject: serialNumber=c14e9552c8a5db8948357a691c8feea70c016d8ef080c0939d84768ff92d0954, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:e0:47:74:e7:8e:c0:4d:ab:26:3e:17:81:5d:
                    59:1f:97:ba:89:ad:c4:3a:12:30:fd:a1:68:c5:1e:
                    9a:8f:1a:8d:cb:19:f6:45:d1:74:f3:ff:f7:21:90:
                    93:cf:8b:4f:ce:7d:8b:11:b1:71:e8:3b:21:0e:f0:
                    a2:f1:62:b9:28:45:9b:a4:c8:74:ce:5b:dc:52:af:
                    bb:af:62:e8:7b:8a:30:37:03:04:04:05:05:9f:28:
                    c4:12:54:8f:1f:7e:a7:96:2a:62:1b:70:20:53:9b:
                    59:12:fe:83:f2:de:82:e2:fb:c7:6b:d3:36:3f:2e:
                    22:1c:de:0f:b5:f0:8a:79:46:16:6f:8e:25:91:22:
                    e8:73:fc:f5:1c:8c:cb:a0:6b:0e:3a:41:ba:fa:06:
                    c2:12:c5:8d:b1:a1:3e:ae:58:e7:df:f9:b1:23:72:
                    5f:fd:20:f8:a0:d3:fb:e7:43:47:3e:df:27:80:4d:
                    76:63:54:71:f2:be:05:42:0c:49:f8:1a:07:1e:df:
                    36:17:db:6a:77:35:45:43:3d:e8:bb:bc:ba:b8:60:
                    44:e1:84:91:9a:ff:10:bb:b8:53:ba:18:34:ca:2d:
                    1e:22:82:1f:27:0d:34:9d:1a:3e:ea:48:7d:6a:15:
                    0b:6a:e2:d6:c8:32:e6:4b:38:c3:61:bd:0e:65:24:
                    c4:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:97:DA:82:7D:56:D2:B4:63:96:93:73:3D:B8:A1:93:0A:9A:FB:46
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0186970e-89aa-4c95-ae6f-6bb7b45d5b25.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.116.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         03:f8:d0:f2:fb:89:32:1a:9b:07:83:1f:1b:4d:80:ef:eb:ea:
         7e:8d:51:e7:45:b7:9f:94:e7:e5:4c:60:ed:fb:46:d9:fb:54:
         9c:4c:41:39:f7:1a:25:9e:45:a6:88:90:75:66:28:9b:f5:a9:
         44:8a:1e:20:6e:45:01:b0:87:23:88:ef:9d:8f:88:23:46:60:
         54:4f:d6:11:57:ec:86:0b:b7:7a:86:ed:06:33:94:f6:f3:c0:
         53:04:c8:0e:88:ee:aa:4c:38:43:27:40:d4:a2:9c:0c:1e:2e:
         52:8e:14:44:7c:05:dd:b8:d2:83:9a:b3:de:b9:33:52:bd:0b:
         ea:0b:4e:fb:20:86:31:74:2c:3d:ba:e8:47:39:9b:49:6e:8e:
         1a:1d:c9:04:9c:c3:2e:5f:c4:ce:36:5e:fa:a6:f5:92:34:87:
         da:e1:35:cd:a0:c6:5b:fa:25:e4:66:7a:e9:f6:96:85:c7:7b:
         f7:69:3a:89:56:c9:79:01:c5:94:e9:dc:44:be:ea:19:4b:48:
         9d:3c:02:6d:9f:f8:9d:6b:ad:7b:2b:78:29:5d:8d:7a:47:d5:
         a4:45:d0:49:be:e9:d7:0c:b3:76:0b:cb:da:4e:ba:8f:8e:74:
         b0:9a:92:58:ea:03:80:a8:b7:9b:c9:31:49:fc:8c:96:bb:67:
         cf:94:88:54
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUUs7BdWXEbI+CEfXZ7tdsVX8awZAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTE1MDAyMDQzWhcNMjUxMjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0BjMTRlOTU1MmM4YTVkYjg5NDgzNTdhNjkxYzhmZWVhNzBj
MDE2ZDhlZjA4MGMwOTM5ZDg0NzY4ZmY5MmQwOTU0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDR4Ed0547ATasmPheBXVkfl7qJrcQ6EjD9oWjFHpqPGo3L
GfZF0XTz//chkJPPi0/OfYsRsXHoOyEO8KLxYrkoRZukyHTOW9xSr7uvYuh7ijA3
AwQEBQWfKMQSVI8ffqeWKmIbcCBTm1kS/oPy3oLi+8dr0zY/LiIc3g+18Ip5RhZv
jiWRIuhz/PUcjMugaw46Qbr6BsISxY2xoT6uWOff+bEjcl/9IPig0/vnQ0c+3yeA
TXZjVHHyvgVCDEn4Ggce3zYX22p3NUVDPei7vLq4YEThhJGa/xC7uFO6GDTKLR4i
gh8nDTSdGj7qSH1qFQtq4tbIMuZLOMNhvQ5lJMSzAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUHpfagn1W0rRjlpNzPbihkwqa+0YwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzAxODY5NzBlLTg5YWEtNGM5NS1hZTZmLTZiYjdiNDVkNWIyNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4dDANBgkqhkiG9w0BAQsFAAOCAQEAA/jQ8vuJMhqbB4MfG02A7+vqfo1R
50W3n5Tn5Uxg7ftG2ftUnExBOfcaJZ5FpoiQdWYom/WpRIoeIG5FAbCHI4jvnY+I
I0ZgVE/WEVfshgu3eobtBjOU9vPAUwTIDojuqkw4QydA1KKcDB4uUo4URHwF3bjS
g5qz3rkzUr0L6gtO+yCGMXQsPbroRzmbSW6OGh3JBJzDLl/EzjZe+qb1kjSH2uE1
zaDGW/ol5GZ66faWhcd792k6iVbJeQHFlOncRL7qGUtInTwCbZ/4nWuteyt4KV2N
ekfVpEXQSb7p1wyzdgvL2k66j450sJqSWOoDgKi3m8kxSfyMlrtnz5SIVA==
-----END CERTIFICATE-----