Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/91d0db83-f7cb-4ba4-8999-90629aaf96d6.roa
File:                     91d0db83-f7cb-4ba4-8999-90629aaf96d6.roa (raw, json)
Hash identifier:          xoSREfYoo10hpW5AjVpdK4xbE213DPRTy9UZqTlTU0g=
Subject key identifier:   9F:3E:50:DA:0A:82:55:C9:FC:18:00:87:1B:C4:CF:19:94:AF:6E:64
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       12CEDC9AB96668B8773372201DF9A09EA2EA5D79
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/91d0db83-f7cb-4ba4-8999-90629aaf96d6.roa
Signing time:             Tue 11 Nov 2025 02:11:12 +0000
ROA not before:           Tue 11 Nov 2025 02:11:12 +0000
ROA not after:            Tue 16 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        156.153.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:ce:dc:9a:b9:66:68:b8:77:33:72:20:1d:f9:a0:9e:a2:ea:5d:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 11 02:11:12 2025 GMT
            Not After : Dec 16 23:59:59 2025 GMT
        Subject: serialNumber=8475132482f64bd6d516d59ee501cc7a8e0fbd7a2ccfd82f8fd85a3b238975dd, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:d8:88:8a:c1:9e:4b:b6:96:31:e2:2d:d5:7d:
                    e1:4d:fc:93:fc:58:62:66:42:e2:c8:45:53:75:cb:
                    61:79:d0:93:9c:e7:17:fd:7d:cd:7b:de:84:fe:28:
                    a7:bc:0e:29:af:1f:21:9c:50:ec:62:0b:ae:d2:b6:
                    84:76:d3:2b:b1:c7:a7:84:31:d3:76:75:7e:fa:50:
                    5d:14:a2:e6:52:e8:76:37:83:a1:ad:47:2e:eb:24:
                    bc:5f:67:70:10:ff:0b:26:bb:ac:7c:cc:32:cb:2f:
                    95:fd:f7:cf:06:60:7f:a1:eb:8f:87:3e:28:3d:d9:
                    76:78:56:2d:b3:02:1b:ef:4d:3d:7d:9b:9a:be:0e:
                    d7:58:a0:f5:76:fc:e7:46:9e:18:92:68:d5:fc:25:
                    bf:d4:ef:b7:f0:bb:be:19:93:a4:ac:bd:50:f7:54:
                    38:3c:61:9f:b9:54:f1:f4:66:e5:3c:41:26:25:58:
                    f6:ea:90:67:31:e3:2c:4a:d5:07:90:90:20:ba:5e:
                    e2:ee:71:69:15:90:2c:18:fd:b4:7c:d7:c6:2a:e6:
                    ea:d2:0f:4b:e6:c0:f4:8d:ff:6e:e8:a6:2f:18:e4:
                    ba:f2:05:1d:d4:82:cf:24:5e:82:96:e7:5e:b7:83:
                    dd:db:07:d3:45:02:df:16:34:cf:8b:0a:b4:b1:43:
                    d6:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:3E:50:DA:0A:82:55:C9:FC:18:00:87:1B:C4:CF:19:94:AF:6E:64
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/91d0db83-f7cb-4ba4-8999-90629aaf96d6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.153.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         80:4b:f4:a5:2a:c3:18:e0:08:95:25:8f:02:31:13:dc:93:23:
         0a:8d:6e:d3:31:4a:41:09:9d:6a:c9:7e:cf:2c:fe:9d:1b:30:
         22:e1:f7:42:5b:33:6b:37:30:c1:43:d6:cb:63:38:2b:b8:b4:
         7c:11:82:46:44:4f:ed:a5:fd:04:a9:0a:34:80:8f:91:2e:44:
         48:3f:8f:09:8d:78:c6:7b:89:be:5d:72:79:34:8d:f6:40:46:
         21:10:ab:c9:bc:8e:69:9a:30:48:75:d4:a7:71:cd:d0:7e:b0:
         ad:bf:da:5f:df:7f:27:9c:57:8a:c9:5b:c9:59:06:15:94:9e:
         b3:0f:6c:51:dd:c6:df:43:74:f1:e6:61:0b:ce:4d:27:bd:16:
         83:9a:8d:06:d7:64:82:bf:18:ef:b7:c4:f2:e2:b1:0a:ba:87:
         57:bf:e7:47:ad:1e:ff:bd:e5:da:c8:79:7f:e9:5e:8d:06:05:
         ef:5e:4b:e1:99:60:9c:07:ab:2e:1b:7c:a4:1f:b3:ee:0f:b4:
         12:bb:5e:8b:c7:cb:be:c9:37:c9:5d:43:5f:32:89:2e:79:09:
         1b:79:cf:a6:fa:9d:97:be:d6:ae:01:34:61:39:f8:42:52:42:
         5a:49:68:06:d2:54:a6:d5:26:16:90:b1:8d:a0:1f:9a:ca:0e:
         4b:48:7a:51
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUEs7cmrlmaLh3M3IgHfmgnqLqXXkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDIxMTEyWhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A4NDc1MTMyNDgyZjY0YmQ2ZDUxNmQ1OWVlNTAxY2M3YThl
MGZiZDdhMmNjZmQ4MmY4ZmQ4NWEzYjIzODk3NWRkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDT2IiKwZ5LtpYx4i3VfeFN/JP8WGJmQuLIRVN1y2F50JOc
5xf9fc173oT+KKe8DimvHyGcUOxiC67StoR20yuxx6eEMdN2dX76UF0UouZS6HY3
g6GtRy7rJLxfZ3AQ/wsmu6x8zDLLL5X9988GYH+h64+HPig92XZ4Vi2zAhvvTT19
m5q+DtdYoPV2/OdGnhiSaNX8Jb/U77fwu74Zk6SsvVD3VDg8YZ+5VPH0ZuU8QSYl
WPbqkGcx4yxK1QeQkCC6XuLucWkVkCwY/bR818Yq5urSD0vmwPSN/27opi8Y5Lry
BR3Ugs8kXoKW5163g93bB9NFAt8WNM+LCrSxQ9a9AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUnz5Q2gqCVcn8GACHG8TPGZSvbmQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzkxZDBkYjgzLWY3Y2ItNGJhNC04OTk5LTkwNjI5YWFmOTZkNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCcmTANBgkqhkiG9w0BAQsFAAOCAQEAgEv0pSrDGOAIlSWPAjET3JMjCo1u
0zFKQQmdasl+zyz+nRswIuH3QlszazcwwUPWy2M4K7i0fBGCRkRP7aX9BKkKNICP
kS5ESD+PCY14xnuJvl1yeTSN9kBGIRCrybyOaZowSHXUp3HN0H6wrb/aX99/J5xX
islbyVkGFZSesw9sUd3G30N08eZhC85NJ70Wg5qNBtdkgr8Y77fE8uKxCrqHV7/n
R60e/73l2sh5f+lejQYF715L4ZlgnAerLht8pB+z7g+0Ertei8fLvsk3yV1DXzKJ
LnkJG3nPpvqdl77WrgE0YTn4QlJCWkloBtJUptUmFpCxjaAfmsoOS0h6UQ==
-----END CERTIFICATE-----