Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/19bd943f-f0b1-4961-b62e-ab8c965a4110.roa
File:                     19bd943f-f0b1-4961-b62e-ab8c965a4110.roa (raw, json)
Hash identifier:          b0jjap+M9ns3PFeiyeOQITAsCQJihNhnragNvWS+cgM=
Subject key identifier:   86:01:34:2E:8B:BF:54:95:02:36:5F:C0:00:B9:7B:B3:B6:FF:83:18
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       50752F1A82C24254ACF8362D5AE786F9C71A5035
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/19bd943f-f0b1-4961-b62e-ab8c965a4110.roa
Signing time:             Sat 15 Nov 2025 00:50:11 +0000
ROA not before:           Sat 15 Nov 2025 00:50:11 +0000
ROA not after:            Sat 20 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        96.43.80.0/20 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:75:2f:1a:82:c2:42:54:ac:f8:36:2d:5a:e7:86:f9:c7:1a:50:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 15 00:50:11 2025 GMT
            Not After : Dec 20 23:59:59 2025 GMT
        Subject: serialNumber=b2b5e503341fcfc52a5b0a16febcc4a3d6ab13d6c6cf6bb4fbf77f576a54b737, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:48:c4:a6:6b:31:28:6a:7d:97:58:24:55:62:
                    c8:03:0a:1a:53:6c:2f:26:cb:61:e7:f3:6f:85:b7:
                    bf:19:9c:ea:26:08:8f:2c:63:7b:06:0c:6c:2e:f2:
                    02:ab:ae:f0:c3:70:63:a7:3e:fc:6f:dc:1d:7a:18:
                    3e:09:aa:7e:49:3a:83:bc:8d:b4:5e:86:3a:55:92:
                    90:e2:83:4e:16:f6:fa:2b:31:06:3d:fd:29:1b:ce:
                    c4:55:51:2b:9b:bb:56:28:0a:da:56:f3:eb:9a:87:
                    fb:17:d4:15:57:37:97:3b:e9:2d:a2:0b:72:05:6d:
                    1e:5c:fd:12:5d:bb:cb:13:dc:bd:4a:8c:e4:24:cb:
                    9a:4c:00:61:14:65:a7:19:2d:07:ec:52:77:31:42:
                    81:24:c8:22:e0:49:a3:88:e1:9a:94:bb:c1:2b:01:
                    be:ae:e8:de:c9:23:9e:ae:ad:ed:ce:b4:f0:8b:a3:
                    5f:87:df:61:a9:9d:3f:f0:e8:be:54:3a:d5:c0:6e:
                    66:5f:0f:a3:53:11:33:d1:8d:08:8a:30:4e:ad:37:
                    a5:4c:82:a3:d5:ae:a3:14:be:59:e4:d2:7e:fb:f9:
                    69:19:92:7c:92:a4:c9:e2:1b:0c:db:5f:50:74:d8:
                    15:4b:17:ae:72:db:83:c3:50:b6:08:88:6d:62:09:
                    b1:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:01:34:2E:8B:BF:54:95:02:36:5F:C0:00:B9:7B:B3:B6:FF:83:18
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/19bd943f-f0b1-4961-b62e-ab8c965a4110.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  96.43.80.0/20

    Signature Algorithm: sha256WithRSAEncryption
         d5:d2:1f:f8:eb:f8:39:8f:08:81:f1:ac:56:cd:6c:0d:c0:b8:
         ee:29:34:de:bf:72:d8:18:dd:ab:83:6e:ed:c1:aa:bc:5f:b5:
         3c:68:47:59:1f:3d:10:4a:c5:0a:13:6b:e8:44:e2:53:5c:bf:
         e1:8a:12:f9:41:d5:c1:4b:9c:0b:12:bf:d7:1e:22:b3:3f:93:
         22:1d:d6:56:79:47:a4:6e:ee:35:97:ac:6a:55:4c:12:34:a0:
         00:08:bc:ac:41:6f:d5:80:ab:91:51:d5:31:05:6d:b2:92:d8:
         52:79:fd:da:76:22:24:ae:2d:40:5e:fd:a9:04:a1:4b:73:94:
         2b:a2:dd:e6:49:74:0d:b6:73:44:08:30:59:85:c7:98:c4:9e:
         61:ad:ee:7a:70:46:ef:57:60:ac:6b:ab:04:ec:19:ac:08:1b:
         02:24:ab:a9:e1:ed:76:e1:8d:52:ae:9a:80:f8:71:bd:fb:fd:
         ea:6c:8a:41:7f:0d:df:e6:60:a5:36:18:3d:8e:2b:92:fe:f4:
         2e:cd:17:0a:71:44:8e:e5:e7:8c:04:f7:a5:35:95:39:f0:d9:
         06:6a:e4:2c:39:3d:85:6e:85:9f:29:42:d3:a3:95:b6:0e:90:
         e9:37:33:58:a8:ce:68:ff:9c:07:ab:f7:a5:c6:98:20:f4:0d:
         a9:3b:7e:53
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUHUvGoLCQlSs+DYtWueG+ccaUDUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTE1MDA1MDExWhcNMjUxMjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0BiMmI1ZTUwMzM0MWZjZmM1MmE1YjBhMTZmZWJjYzRhM2Q2
YWIxM2Q2YzZjZjZiYjRmYmY3N2Y1NzZhNTRiNzM3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDLSMSmazEoan2XWCRVYsgDChpTbC8my2Hn82+Ft78ZnOom
CI8sY3sGDGwu8gKrrvDDcGOnPvxv3B16GD4Jqn5JOoO8jbRehjpVkpDig04W9vor
MQY9/SkbzsRVUSubu1YoCtpW8+uah/sX1BVXN5c76S2iC3IFbR5c/RJdu8sT3L1K
jOQky5pMAGEUZacZLQfsUncxQoEkyCLgSaOI4ZqUu8ErAb6u6N7JI56ure3OtPCL
o1+H32GpnT/w6L5UOtXAbmZfD6NTETPRjQiKME6tN6VMgqPVrqMUvlnk0n77+WkZ
knySpMniGwzbX1B02BVLF65y24PDULYIiG1iCbFlAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUhgE0Lou/VJUCNl/AALl7s7b/gxgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE5YmQ5NDNmLWYwYjEtNDk2MS1iNjJlLWFiOGM5NjVhNDExMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBARgK1AwDQYJKoZIhvcNAQELBQADggEBANXSH/jr+DmPCIHxrFbNbA3AuO4p
NN6/ctgY3auDbu3BqrxftTxoR1kfPRBKxQoTa+hE4lNcv+GKEvlB1cFLnAsSv9ce
IrM/kyId1lZ5R6Ru7jWXrGpVTBI0oAAIvKxBb9WAq5FR1TEFbbKS2FJ5/dp2IiSu
LUBe/akEoUtzlCui3eZJdA22c0QIMFmFx5jEnmGt7npwRu9XYKxrqwTsGawIGwIk
q6nh7XbhjVKumoD4cb37/epsikF/Dd/mYKU2GD2OK5L+9C7NFwpxRI7l54wE96U1
lTnw2QZq5Cw5PYVuhZ8pQtOjlbYOkOk3M1iozmj/nAer96XGmCD0Dak7flM=
-----END CERTIFICATE-----