Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8e2ea47c-7af2-420d-8695-f2f769b2008c.roa
File:                     8e2ea47c-7af2-420d-8695-f2f769b2008c.roa (raw, json)
Hash identifier:          kDCsxWrni4y72HAyQyxScC0JCqlb9vZQz9A38SJjFB0=
Subject key identifier:   92:DC:8F:30:B6:08:35:13:92:49:28:CD:D4:A5:E1:A7:37:CC:F0:B7
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       050B854E6D63EEDA95A2AAFF0086E9D2ED92D77C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8e2ea47c-7af2-420d-8695-f2f769b2008c.roa
Signing time:             Thu 13 Nov 2025 00:30:43 +0000
ROA not before:           Thu 13 Nov 2025 00:30:43 +0000
ROA not after:            Thu 18 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.245.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:0b:85:4e:6d:63:ee:da:95:a2:aa:ff:00:86:e9:d2:ed:92:d7:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 13 00:30:43 2025 GMT
            Not After : Dec 18 23:59:59 2025 GMT
        Subject: serialNumber=49f7332f3a65bdd1b69c74dc44fed033a68d36fd4fbe8634c9080200b70cdea3, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:8f:ed:51:4b:91:0d:cb:6e:30:68:03:eb:24:
                    db:68:9d:a0:6e:a0:66:7b:17:03:85:60:74:01:b8:
                    0b:d1:46:2d:ee:df:f2:e6:a5:16:b1:c2:2b:7c:6d:
                    a9:86:0f:ea:12:0a:39:d5:1d:04:9c:2b:e7:be:34:
                    fe:9b:23:c5:8c:d0:23:36:64:6e:bd:63:a7:87:ab:
                    ad:56:49:12:e7:5f:6f:20:49:d8:c5:22:63:73:3b:
                    b2:5f:f5:ba:a6:e2:1a:81:41:bc:36:aa:f0:62:4c:
                    b8:62:4e:04:48:9f:68:67:9b:e2:cc:bc:5f:58:e2:
                    e8:05:05:0d:d0:d2:f5:f1:88:73:dd:77:8d:dc:db:
                    f3:38:ad:ce:c0:c1:af:3f:50:82:34:56:93:1d:84:
                    4d:01:89:2b:36:b2:b8:e1:c0:b5:4d:40:b2:68:65:
                    0f:55:5d:9e:57:d8:8f:73:bd:6a:09:05:0b:ce:a9:
                    cf:3b:48:d3:db:1c:fc:e0:ec:84:67:2a:9c:72:75:
                    32:60:5f:94:0b:96:67:1c:c8:52:f7:c9:ab:b9:1e:
                    95:2a:1c:8d:c3:24:07:ab:e6:91:33:b3:0f:31:13:
                    58:5b:74:21:2f:00:b7:71:04:91:40:14:95:3d:ac:
                    38:31:aa:a4:18:be:44:96:b5:0b:47:38:f1:ad:b3:
                    42:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:DC:8F:30:B6:08:35:13:92:49:28:CD:D4:A5:E1:A7:37:CC:F0:B7
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8e2ea47c-7af2-420d-8695-f2f769b2008c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.245.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         2f:24:16:bc:44:9f:23:4b:bd:d6:18:42:f0:22:86:85:66:04:
         bd:6a:fe:5c:41:dc:7d:64:80:3e:f1:54:2e:e5:93:55:f1:59:
         ac:15:d4:58:d7:eb:87:5b:da:6b:40:00:c9:df:ae:66:ec:4d:
         43:25:aa:94:22:65:52:ee:a6:1d:22:b7:09:13:11:71:6e:04:
         07:af:a1:b2:68:b0:a7:37:5a:89:63:86:68:59:82:8b:c8:5f:
         58:ab:54:15:bc:1d:9c:b8:e1:4b:9f:68:f8:11:56:eb:c5:90:
         a1:fc:7c:d5:23:68:d1:a6:f1:f0:55:d1:5e:f0:15:54:fc:1e:
         51:6d:25:a8:f7:09:a0:19:26:71:fc:01:10:4d:81:e2:36:7d:
         31:2e:c9:80:0a:a9:17:4b:a7:88:2f:f0:aa:44:74:20:9b:c6:
         f1:c3:73:b3:15:54:68:e2:4d:34:67:3a:18:9d:ec:16:cf:14:
         9a:b8:39:75:c2:79:1d:a0:c9:7e:a1:9c:0d:67:d5:c6:39:a2:
         2f:90:7d:18:38:7e:45:10:02:41:26:fc:17:bd:6d:8c:29:80:
         1b:0a:de:ca:e8:10:37:be:f6:f8:d3:53:1c:eb:0c:d3:1c:f8:
         ec:11:6f:1a:58:59:e5:0d:36:6e:6b:d3:38:a8:e5:22:9a:94:
         2c:74:cb:78
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUBQuFTm1j7tqVoqr/AIbp0u2S13wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEzMDAzMDQzWhcNMjUxMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A0OWY3MzMyZjNhNjViZGQxYjY5Yzc0ZGM0NGZlZDAzM2E2
OGQzNmZkNGZiZTg2MzRjOTA4MDIwMGI3MGNkZWEzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJj+1RS5ENy24waAPrJNtonaBuoGZ7FwOFYHQBuAvRRi3u
3/LmpRaxwit8bamGD+oSCjnVHQScK+e+NP6bI8WM0CM2ZG69Y6eHq61WSRLnX28g
SdjFImNzO7Jf9bqm4hqBQbw2qvBiTLhiTgRIn2hnm+LMvF9Y4ugFBQ3Q0vXxiHPd
d43c2/M4rc7Awa8/UII0VpMdhE0BiSs2srjhwLVNQLJoZQ9VXZ5X2I9zvWoJBQvO
qc87SNPbHPzg7IRnKpxydTJgX5QLlmccyFL3yau5HpUqHI3DJAer5pEzsw8xE1hb
dCEvALdxBJFAFJU9rDgxqqQYvkSWtQtHOPGts0LpAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUktyPMLYINROSSSjN1KXhpzfM8LcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhlMmVhNDdjLTdhZjItNDIwZC04Njk1LWYyZjc2OWIyMDA4Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA49TANBgkqhkiG9w0BAQsFAAOCAQEALyQWvESfI0u91hhC8CKGhWYEvWr+
XEHcfWSAPvFULuWTVfFZrBXUWNfrh1vaa0AAyd+uZuxNQyWqlCJlUu6mHSK3CRMR
cW4EB6+hsmiwpzdaiWOGaFmCi8hfWKtUFbwdnLjhS59o+BFW68WQofx81SNo0abx
8FXRXvAVVPweUW0lqPcJoBkmcfwBEE2B4jZ9MS7JgAqpF0uniC/wqkR0IJvG8cNz
sxVUaOJNNGc6GJ3sFs8Umrg5dcJ5HaDJfqGcDWfVxjmiL5B9GDh+RRACQSb8F71t
jCmAGwreyugQN772+NNTHOsM0xz47BFvGlhZ5Q02bmvTOKjlIpqULHTLeA==
-----END CERTIFICATE-----