Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cdbca8c9-c527-4875-b58e-fc50d0104ec6.roa
File:                     cdbca8c9-c527-4875-b58e-fc50d0104ec6.roa (raw, json)
Hash identifier:          pjZWtL0CHhVeypWWhWwhQRj1v5vodpfKZtKAcrwFkEk=
Subject key identifier:   05:03:F3:A6:64:31:AA:13:B5:4D:8D:D8:A5:84:4D:56:6F:BB:9C:2F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       08BF2DDCA89AB4D7B0D717B52218670408953110
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cdbca8c9-c527-4875-b58e-fc50d0104ec6.roa
Signing time:             Thu 13 Nov 2025 00:00:14 +0000
ROA not before:           Thu 13 Nov 2025 00:00:14 +0000
ROA not after:            Thu 18 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.246.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:bf:2d:dc:a8:9a:b4:d7:b0:d7:17:b5:22:18:67:04:08:95:31:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 13 00:00:14 2025 GMT
            Not After : Dec 18 23:59:59 2025 GMT
        Subject: serialNumber=552fe13238ddc8f16e271ec01d9c6a571074f4536fcd8e0094e580cf8673f6ed, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:16:94:a4:49:36:79:15:fe:54:64:18:9d:92:
                    cb:a3:52:de:23:cd:36:42:56:46:53:f8:4b:2c:83:
                    41:a0:b6:ca:39:69:0f:bf:b3:92:56:20:5e:3f:c0:
                    97:c0:cf:8f:df:5f:31:69:33:de:bb:79:bb:22:b0:
                    6b:b8:8a:54:7f:30:a1:6b:58:ed:87:cf:9d:9f:a6:
                    18:94:7e:1b:bb:ef:0e:55:7a:02:db:bf:8a:d1:3f:
                    bb:e3:9c:5e:e3:d3:05:b3:9d:ec:66:e7:bb:bb:c8:
                    98:c5:63:8a:b5:e5:78:6f:fd:28:19:cd:77:48:f9:
                    bd:8f:6d:a0:0a:92:20:cf:f7:74:6f:00:be:81:7f:
                    c0:ed:02:23:20:02:4b:18:1a:60:71:51:7a:72:b3:
                    19:db:50:06:a9:3c:69:95:9f:03:50:49:07:16:5f:
                    4c:2c:e9:f9:e9:cb:41:74:f4:f7:a8:d3:5e:70:0f:
                    87:53:54:7c:68:17:3f:cb:23:f4:9a:05:87:e6:69:
                    f6:df:96:00:3f:fc:28:0a:fc:87:16:ae:e7:4e:1a:
                    76:71:a8:fa:71:bd:29:5f:1c:1d:3a:39:19:f4:ae:
                    e7:de:9b:df:e5:16:b5:70:3d:a5:80:37:dd:e3:ef:
                    5d:64:e7:c8:25:a5:06:6b:14:c1:f2:41:06:59:3b:
                    ec:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:03:F3:A6:64:31:AA:13:B5:4D:8D:D8:A5:84:4D:56:6F:BB:9C:2F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cdbca8c9-c527-4875-b58e-fc50d0104ec6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.246.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         bb:cd:13:e9:76:b7:e5:b0:d3:00:0f:f4:7d:58:b7:df:48:af:
         5d:42:40:d9:60:b4:96:b8:54:43:be:44:ae:49:7c:a8:b5:08:
         b3:45:e9:ad:ea:4f:34:14:82:a2:bc:34:fc:2b:f0:8e:08:3c:
         f7:3b:99:74:9a:53:28:c4:95:e5:56:6e:b1:62:21:3c:88:77:
         bb:e4:5c:0d:a0:28:ab:b9:d7:71:e6:df:f0:38:a3:91:f7:72:
         33:81:6c:bb:66:48:f7:e3:83:36:c3:0a:96:2e:1a:ce:ca:f2:
         9d:1c:6c:42:e9:e0:a7:e4:84:7a:5f:bd:b0:53:ee:89:b7:9c:
         db:2e:90:e6:ad:61:f7:7b:ee:96:af:f4:bd:de:76:ca:d0:09:
         21:b8:5d:be:19:d7:34:87:68:5e:f5:91:20:af:9b:69:db:3b:
         fd:d9:6a:f9:ff:94:38:43:dd:fb:6e:e9:b2:66:97:28:24:55:
         10:da:76:c5:e4:05:b4:fe:e6:41:a9:08:45:91:ef:b4:ea:fa:
         53:c7:03:f6:ea:c8:57:cc:0b:b1:fb:7d:22:a6:fd:b1:86:11:
         4f:d7:62:32:b9:43:04:a2:0e:f7:77:95:14:83:66:61:26:b2:
         c9:a3:6c:86:25:69:72:87:7a:14:84:78:1f:ae:71:45:1d:f1:
         6d:2f:a4:c4
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUCL8t3KiatNew1xe1IhhnBAiVMRAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEzMDAwMDE0WhcNMjUxMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A1NTJmZTEzMjM4ZGRjOGYxNmUyNzFlYzAxZDljNmE1NzEw
NzRmNDUzNmZjZDhlMDA5NGU1ODBjZjg2NzNmNmVkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDDFpSkSTZ5Ff5UZBidksujUt4jzTZCVkZT+Essg0Ggtso5
aQ+/s5JWIF4/wJfAz4/fXzFpM967ebsisGu4ilR/MKFrWO2Hz52fphiUfhu77w5V
egLbv4rRP7vjnF7j0wWznexm57u7yJjFY4q15Xhv/SgZzXdI+b2PbaAKkiDP93Rv
AL6Bf8DtAiMgAksYGmBxUXpysxnbUAapPGmVnwNQSQcWX0ws6fnpy0F09Peo015w
D4dTVHxoFz/LI/SaBYfmafbflgA//CgK/IcWrudOGnZxqPpxvSlfHB06ORn0rufe
m9/lFrVwPaWAN93j711k58glpQZrFMHyQQZZO+wvAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUBQPzpmQxqhO1TY3YpYRNVm+7nC8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NkYmNhOGM5LWM1MjctNDg3NS1iNThlLWZjNTBkMDEwNGVjNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA49jANBgkqhkiG9w0BAQsFAAOCAQEAu80T6Xa35bDTAA/0fVi330ivXUJA
2WC0lrhUQ75Erkl8qLUIs0XprepPNBSCorw0/Cvwjgg89zuZdJpTKMSV5VZusWIh
PIh3u+RcDaAoq7nXcebf8DijkfdyM4Fsu2ZI9+ODNsMKli4azsrynRxsQungp+SE
el+9sFPuibec2y6Q5q1h93vulq/0vd52ytAJIbhdvhnXNIdoXvWRIK+bads7/dlq
+f+UOEPd+27psmaXKCRVENp2xeQFtP7mQakIRZHvtOr6U8cD9urIV8wLsft9Iqb9
sYYRT9diMrlDBKIO93eVFINmYSayyaNshiVpcod6FIR4H65xRR3xbS+kxA==
-----END CERTIFICATE-----