Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ac285f19-324f-4769-988a-0b6c67139e64.roa
File:                     ac285f19-324f-4769-988a-0b6c67139e64.roa (raw, json)
Hash identifier:          tgNtUVvPUQs9k0Y2hzSAe7fwB6iqfZz8fcuWVuk9nXM=
Subject key identifier:   2E:AF:30:BC:95:35:31:FB:7F:FF:57:40:3E:CB:0E:08:D0:65:65:81
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       69E244EE8359760F994390DE84F1784D6D592EC7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ac285f19-324f-4769-988a-0b6c67139e64.roa
Signing time:             Wed 12 Nov 2025 00:50:05 +0000
ROA not before:           Wed 12 Nov 2025 00:50:05 +0000
ROA not after:            Wed 17 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.116.0.0/15 maxlen: 15
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:e2:44:ee:83:59:76:0f:99:43:90:de:84:f1:78:4d:6d:59:2e:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 12 00:50:05 2025 GMT
            Not After : Dec 17 23:59:59 2025 GMT
        Subject: serialNumber=aea5488daa8b4dc836e9ff64c6684e3177dfd5b8ecb4c94aec77efc9a976a141, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:aa:71:fe:e2:ed:d3:02:e0:63:dd:7a:a6:a1:
                    54:2f:27:e5:25:fe:99:35:e4:73:16:36:30:e0:6d:
                    c5:36:08:48:f9:b1:df:f8:d4:2b:d3:8e:40:e4:55:
                    7c:f0:98:6f:51:89:2d:5b:67:fa:2f:68:d3:46:ad:
                    3b:6d:1d:b1:96:fe:d3:b0:c2:b9:c1:2a:5f:6c:39:
                    79:36:3b:53:8f:27:bd:db:10:d3:c8:f6:3d:b7:75:
                    cc:b1:ff:9e:86:4b:bb:93:7f:fb:93:e6:7f:12:3f:
                    74:a6:e9:5e:9c:50:e5:e3:68:7b:0a:80:82:d3:16:
                    a9:94:05:ab:0e:13:bc:75:e4:05:9a:24:c3:32:02:
                    f2:8a:38:16:4c:18:6a:e4:a6:a7:b0:c1:85:e0:e1:
                    b9:c2:26:5e:11:1c:77:e0:d8:4c:28:3d:0d:4b:de:
                    84:97:0e:88:96:b7:cc:84:28:54:22:5f:cd:1e:fd:
                    7d:40:53:ae:49:f6:08:3f:ee:2d:e8:a5:c1:3d:bd:
                    5a:45:37:70:8a:90:3e:a6:00:63:44:5d:ff:63:46:
                    87:f8:cb:47:27:03:75:12:1b:17:f3:66:71:89:1b:
                    7a:1d:b9:83:e4:34:02:ab:55:1e:cc:7e:78:27:d9:
                    d3:6d:2f:35:38:d5:f5:59:12:56:e2:96:99:a1:d7:
                    d1:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:AF:30:BC:95:35:31:FB:7F:FF:57:40:3E:CB:0E:08:D0:65:65:81
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ac285f19-324f-4769-988a-0b6c67139e64.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.116.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         2d:19:a4:95:f3:69:30:43:a4:59:7a:93:3f:77:39:34:33:d6:
         35:60:a8:3c:06:7e:1a:a9:00:4e:0a:0a:d1:ce:5a:b7:8c:7b:
         6b:25:c3:2f:ee:9b:e3:a7:15:f6:41:ac:4d:fe:5b:e5:35:3d:
         44:bc:40:b8:92:88:9a:5f:5e:06:bc:5e:73:0e:4e:b5:cf:9b:
         12:83:02:24:6f:c7:cb:3c:ad:cd:87:f2:59:07:ae:73:ad:8a:
         c5:a4:4f:d3:f3:ec:dd:06:d5:9e:6d:c3:b6:df:17:22:b2:38:
         14:7b:3a:0b:23:77:d3:57:d5:b9:4f:17:bd:a4:f3:1b:40:14:
         1d:5d:62:90:ed:6b:d9:35:9b:05:98:f1:be:0d:dd:59:6a:ce:
         fb:a7:06:fd:56:16:1c:14:56:a2:f3:4a:62:c6:d2:50:dd:30:
         62:c1:8d:5c:a7:84:51:1f:1c:e1:35:14:95:f8:fe:51:ad:16:
         70:c8:c1:93:42:7e:6a:f1:e0:cf:fb:8e:c6:ff:8e:41:0b:c4:
         2b:34:01:e5:b8:94:83:23:c4:de:1b:e2:ca:c1:3f:cf:6e:cf:
         61:72:43:31:d1:e3:42:e9:9b:11:11:e6:fa:8a:aa:fd:00:0b:
         66:36:6a:64:8d:96:91:ec:57:43:fa:b1:45:87:68:9d:9f:c4:
         71:47:63:9d
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUaeJE7oNZdg+ZQ5DehPF4TW1ZLscwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEyMDA1MDA1WhcNMjUxMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BhZWE1NDg4ZGFhOGI0ZGM4MzZlOWZmNjRjNjY4NGUzMTc3
ZGZkNWI4ZWNiNGM5NGFlYzc3ZWZjOWE5NzZhMTQxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCaqnH+4u3TAuBj3XqmoVQvJ+Ul/pk15HMWNjDgbcU2CEj5
sd/41CvTjkDkVXzwmG9RiS1bZ/ovaNNGrTttHbGW/tOwwrnBKl9sOXk2O1OPJ73b
ENPI9j23dcyx/56GS7uTf/uT5n8SP3Sm6V6cUOXjaHsKgILTFqmUBasOE7x15AWa
JMMyAvKKOBZMGGrkpqewwYXg4bnCJl4RHHfg2EwoPQ1L3oSXDoiWt8yEKFQiX80e
/X1AU65J9gg/7i3opcE9vVpFN3CKkD6mAGNEXf9jRof4y0cnA3USGxfzZnGJG3od
uYPkNAKrVR7Mfngn2dNtLzU41fVZElbilpmh19FHAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQULq8wvJU1Mft//1dAPssOCNBlZYEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FjMjg1ZjE5LTMyNGYtNDc2OS05ODhhLTBiNmM2NzEzOWU2NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwE2dDANBgkqhkiG9w0BAQsFAAOCAQEALRmklfNpMEOkWXqTP3c5NDPWNWCo
PAZ+GqkATgoK0c5at4x7ayXDL+6b46cV9kGsTf5b5TU9RLxAuJKIml9eBrxecw5O
tc+bEoMCJG/HyzytzYfyWQeuc62KxaRP0/Ps3QbVnm3Dtt8XIrI4FHs6CyN301fV
uU8XvaTzG0AUHV1ikO1r2TWbBZjxvg3dWWrO+6cG/VYWHBRWovNKYsbSUN0wYsGN
XKeEUR8c4TUUlfj+Ua0WcMjBk0J+avHgz/uOxv+OQQvEKzQB5biUgyPE3hviysE/
z27PYXJDMdHjQumbERHm+oqq/QALZjZqZI2WkexXQ/qxRYdonZ/EcUdjnQ==
-----END CERTIFICATE-----