Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5844a683-ead5-4539-93f4-a3ed7fa6a0c3.roa
File:                     5844a683-ead5-4539-93f4-a3ed7fa6a0c3.roa (raw, json)
Hash identifier:          V77m8fOfZ7vkCBIVbBAM5LUvljli1wclcWXT2sNV6sU=
Subject key identifier:   85:5A:CC:53:A7:77:C8:AE:CA:CE:5F:A4:31:4C:1B:1E:1A:B9:6A:27
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6710DF2346966A06DF99D452BDD784E28D2B606C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5844a683-ead5-4539-93f4-a3ed7fa6a0c3.roa
Signing time:             Tue 11 Nov 2025 01:11:53 +0000
ROA not before:           Tue 11 Nov 2025 01:11:53 +0000
ROA not after:            Tue 16 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.50.0.0/15 maxlen: 15
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:10:df:23:46:96:6a:06:df:99:d4:52:bd:d7:84:e2:8d:2b:60:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 11 01:11:53 2025 GMT
            Not After : Dec 16 23:59:59 2025 GMT
        Subject: serialNumber=7b3807727c36868b4a20829369a5fe714ecdf2cb0871ce9906034f3d5cbe5ba6, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:a6:8e:d8:28:a7:8f:47:b1:29:eb:64:ab:cc:
                    90:8c:7e:33:e2:f8:d4:08:81:96:81:3a:91:4b:24:
                    3b:7c:bd:9b:fc:0a:db:26:1d:e6:52:1d:19:b3:2b:
                    e1:ff:71:47:77:40:08:32:8b:dc:a4:76:65:dc:2f:
                    76:1c:30:3e:88:16:81:4c:8c:d3:05:bd:3c:e6:3d:
                    49:ec:a1:40:3a:14:2d:b6:cc:7b:7d:fd:d0:00:30:
                    6a:f8:e9:1d:48:35:a0:ae:9b:31:fb:d2:c0:9b:a3:
                    f8:13:e4:14:94:61:6e:37:94:37:4b:2d:c9:f0:bb:
                    ca:2f:61:4a:78:f1:f2:58:f5:c0:ca:c3:f9:8d:78:
                    bc:26:dc:b8:74:06:5e:cd:e1:95:35:ca:fb:56:9b:
                    e1:d2:39:cc:37:00:28:82:bf:1b:25:2b:ef:56:72:
                    09:36:db:99:72:b7:a2:36:f4:58:6f:5b:39:bd:2c:
                    ad:fd:11:10:2f:83:8f:86:78:7e:cc:bb:e7:82:fe:
                    e7:da:4c:f5:ce:61:83:ad:3e:12:cb:01:2f:c2:46:
                    48:38:ff:14:79:d8:c0:a0:24:f7:8b:95:e8:4f:d1:
                    e5:13:3f:17:08:f3:82:8a:38:d4:ab:a0:91:b2:5a:
                    f6:8a:12:f0:2c:19:63:ee:39:cd:65:3d:48:89:65:
                    ae:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:5A:CC:53:A7:77:C8:AE:CA:CE:5F:A4:31:4C:1B:1E:1A:B9:6A:27
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5844a683-ead5-4539-93f4-a3ed7fa6a0c3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.50.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         d1:c1:86:36:29:91:d8:ee:42:99:d8:c9:55:b1:37:76:77:da:
         4c:a2:9a:28:47:d7:2a:03:b9:20:a5:ff:9c:c0:8b:0f:96:21:
         3e:62:e0:c2:d2:24:bc:44:0e:85:a7:e2:3e:c0:19:15:9a:78:
         fb:33:89:26:34:aa:3d:d3:48:d4:1e:c7:a4:c9:1a:69:79:15:
         93:fe:b7:71:6f:03:65:bb:0f:73:5c:e9:17:f3:97:0e:d5:b0:
         2d:3c:38:4e:a6:6e:73:fa:df:9e:35:cc:10:19:b3:76:c9:bf:
         4d:5b:8d:e2:9e:bf:11:b9:ca:89:8f:c5:ba:e6:fb:60:7a:c8:
         5b:32:d1:e5:83:3a:0d:17:58:ce:f6:39:3b:bc:12:ff:d3:9c:
         0b:64:65:2f:23:62:b0:a0:c0:3c:73:9d:b7:5d:55:36:6d:ae:
         b4:05:a3:e1:d3:bb:90:69:88:29:cf:18:ab:66:28:0e:bf:16:
         7c:5f:74:dd:32:7e:e6:8d:9d:16:f0:3b:1e:16:7c:15:50:1f:
         b7:ca:20:fd:c7:95:b7:3e:80:78:8d:db:4e:5b:23:0d:9c:b3:
         8b:ba:4a:b5:06:25:7d:6c:fb:e1:86:10:5c:97:50:a9:16:c8:
         1e:8b:a7:3c:2a:df:77:39:bb:9d:19:59:ba:5b:e2:b6:29:d1:
         73:49:46:27
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUZxDfI0aWagbfmdRSvdeE4o0rYGwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDExMTUzWhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A3YjM4MDc3MjdjMzY4NjhiNGEyMDgyOTM2OWE1ZmU3MTRl
Y2RmMmNiMDg3MWNlOTkwNjAzNGYzZDVjYmU1YmE2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCkpo7YKKePR7Ep62SrzJCMfjPi+NQIgZaBOpFLJDt8vZv8
CtsmHeZSHRmzK+H/cUd3QAgyi9ykdmXcL3YcMD6IFoFMjNMFvTzmPUnsoUA6FC22
zHt9/dAAMGr46R1INaCumzH70sCbo/gT5BSUYW43lDdLLcnwu8ovYUp48fJY9cDK
w/mNeLwm3Lh0Bl7N4ZU1yvtWm+HSOcw3ACiCvxslK+9Wcgk225lyt6I29FhvWzm9
LK39ERAvg4+GeH7Mu+eC/ufaTPXOYYOtPhLLAS/CRkg4/xR52MCgJPeLlehP0eUT
PxcI84KKONSroJGyWvaKEvAsGWPuOc1lPUiJZa5lAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUhVrMU6d3yK7Kzl+kMUwbHhq5aicwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzU4NDRhNjgzLWVhZDUtNDUzOS05M2Y0LWEzZWQ3ZmE2YTBjMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEQMjANBgkqhkiG9w0BAQsFAAOCAQEA0cGGNimR2O5CmdjJVbE3dnfaTKKa
KEfXKgO5IKX/nMCLD5YhPmLgwtIkvEQOhafiPsAZFZp4+zOJJjSqPdNI1B7HpMka
aXkVk/63cW8DZbsPc1zpF/OXDtWwLTw4TqZuc/rfnjXMEBmzdsm/TVuN4p6/EbnK
iY/Fuub7YHrIWzLR5YM6DRdYzvY5O7wS/9OcC2RlLyNisKDAPHOdt11VNm2utAWj
4dO7kGmIKc8Yq2YoDr8WfF903TJ+5o2dFvA7HhZ8FVAft8og/ceVtz6AeI3bTlsj
DZyzi7pKtQYlfWz74YYQXJdQqRbIHounPCrfdzm7nRlZulvitinRc0lGJw==
-----END CERTIFICATE-----