Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d2868e30-21b4-4516-a63c-fc76c09bb7d8.roa
File:                     d2868e30-21b4-4516-a63c-fc76c09bb7d8.roa (raw, json)
Hash identifier:          iRwyxERk579DRKp6JaUOY6KUDf7beDk38ZAGFoWCfMU=
Subject key identifier:   9D:69:8B:C1:B5:C0:66:11:CD:B9:65:BA:8D:D5:91:6A:3D:35:73:21
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       46F79755472AB0EE889F04E38CE6500D3DAE28F5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d2868e30-21b4-4516-a63c-fc76c09bb7d8.roa
Signing time:             Tue 11 Nov 2025 02:20:15 +0000
ROA not before:           Tue 11 Nov 2025 02:20:15 +0000
ROA not after:            Tue 16 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.63.92.0/23 maxlen: 23
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:f7:97:55:47:2a:b0:ee:88:9f:04:e3:8c:e6:50:0d:3d:ae:28:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 11 02:20:15 2025 GMT
            Not After : Dec 16 23:59:59 2025 GMT
        Subject: serialNumber=eb7bff278ec5adaa4226fefb5bd1bfa85c89f12db92b80d019493b36a4713fa7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:5b:26:eb:3b:47:d2:ce:bd:ea:63:2c:de:c2:
                    bd:5c:e8:c0:2d:f3:3c:5a:f8:0d:97:6c:44:31:ac:
                    de:ad:bb:52:2f:2b:78:af:44:ed:85:75:06:e3:e7:
                    14:26:fc:e4:35:50:f1:5d:4d:c7:9f:5c:be:53:7a:
                    27:72:b7:34:a3:1c:8d:27:92:7d:16:2d:57:3c:07:
                    f1:d0:ca:ff:c5:58:2e:2e:b0:a0:af:2e:aa:c8:12:
                    31:26:89:b4:a9:e7:ed:2c:e0:56:56:a1:74:af:a2:
                    55:4a:18:99:8f:52:19:66:6d:09:48:28:b1:c1:94:
                    6a:35:24:41:cc:6c:83:bc:49:3f:d3:8c:7b:5b:3f:
                    c1:a4:61:a9:95:b9:22:ba:cf:f9:d2:25:19:42:95:
                    a1:ef:20:19:3d:b0:35:de:37:ca:a8:58:23:f7:76:
                    1b:7e:43:0f:8f:9f:92:50:5e:aa:7b:bf:e2:f8:51:
                    fa:a9:76:41:6c:1e:ca:0b:7a:54:fa:34:3a:c5:73:
                    b2:52:91:54:aa:f6:78:44:a9:ad:8a:47:72:71:c0:
                    40:20:bd:34:ed:0b:63:fb:75:5c:0b:2b:5f:26:60:
                    36:9d:20:21:26:9b:45:d2:28:aa:5e:f6:4a:62:d0:
                    b1:e3:46:30:4e:b9:48:24:24:ee:0f:18:2b:3f:c0:
                    90:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:69:8B:C1:B5:C0:66:11:CD:B9:65:BA:8D:D5:91:6A:3D:35:73:21
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d2868e30-21b4-4516-a63c-fc76c09bb7d8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.63.92.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4d:22:c9:f1:2a:f7:d1:b0:a1:a5:07:87:e3:24:89:f2:3d:f3:
         79:7f:ab:29:2d:0a:9c:7b:41:69:71:38:30:86:cd:84:91:8f:
         7e:09:2d:19:aa:a0:d0:f9:12:43:76:a8:71:33:33:cf:d5:98:
         b4:0e:1a:18:83:d2:2a:df:39:04:61:e8:bc:58:32:4c:9b:b3:
         bf:a3:51:0e:99:e9:aa:f4:cd:6a:20:51:46:dd:c6:bd:7b:53:
         1a:47:27:ba:1b:97:58:58:1d:e2:18:a9:a6:e4:db:25:8f:cf:
         15:48:df:03:b3:4d:b5:10:f3:24:f5:42:b9:e5:a5:a6:be:2a:
         35:92:7a:d0:4e:75:49:b2:91:51:8c:0f:34:c7:38:68:7b:53:
         6a:bb:27:cc:b2:6d:31:cd:9c:79:34:c7:70:a2:3e:95:12:8b:
         5f:23:4a:d0:b8:d9:83:2c:0e:24:9e:88:91:27:ab:b0:b1:1c:
         66:eb:6e:54:4d:20:9e:0f:ac:7a:33:e0:a4:eb:93:fb:b5:54:
         40:ea:b7:49:19:10:dc:c8:65:c6:c9:88:ab:6d:ac:a3:65:cf:
         0a:a8:23:d0:5e:9d:8f:a9:04:fc:97:06:c9:a0:d7:77:98:37:
         d2:92:3d:f1:53:b2:3a:fe:aa:b7:4d:d4:8a:de:7f:ee:cc:56:
         8f:bb:42:39
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURveXVUcqsO6InwTjjOZQDT2uKPUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDIyMDE1WhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BlYjdiZmYyNzhlYzVhZGFhNDIyNmZlZmI1YmQxYmZhODVj
ODlmMTJkYjkyYjgwZDAxOTQ5M2IzNmE0NzEzZmE3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+WybrO0fSzr3qYyzewr1c6MAt8zxa+A2XbEQxrN6tu1Iv
K3ivRO2FdQbj5xQm/OQ1UPFdTcefXL5TeidytzSjHI0nkn0WLVc8B/HQyv/FWC4u
sKCvLqrIEjEmibSp5+0s4FZWoXSvolVKGJmPUhlmbQlIKLHBlGo1JEHMbIO8ST/T
jHtbP8GkYamVuSK6z/nSJRlClaHvIBk9sDXeN8qoWCP3dht+Qw+Pn5JQXqp7v+L4
UfqpdkFsHsoLelT6NDrFc7JSkVSq9nhEqa2KR3JxwEAgvTTtC2P7dVwLK18mYDad
ICEmm0XSKKpe9kpi0LHjRjBOuUgkJO4PGCs/wJBNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUnWmLwbXAZhHNuWW6jdWRaj01cyEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2QyODY4ZTMwLTIxYjQtNDUxNi1hNjNjLWZjNzZjMDliYjdkOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEQP1wwDQYJKoZIhvcNAQELBQADggEBAE0iyfEq99GwoaUHh+MkifI983l/
qyktCpx7QWlxODCGzYSRj34JLRmqoND5EkN2qHEzM8/VmLQOGhiD0irfOQRh6LxY
Mkybs7+jUQ6Z6ar0zWogUUbdxr17UxpHJ7obl1hYHeIYqabk2yWPzxVI3wOzTbUQ
8yT1Qrnlpaa+KjWSetBOdUmykVGMDzTHOGh7U2q7J8yybTHNnHk0x3CiPpUSi18j
StC42YMsDiSeiJEnq7CxHGbrblRNIJ4PrHoz4KTrk/u1VEDqt0kZENzIZcbJiKtt
rKNlzwqoI9BenY+pBPyXBsmg13eYN9KSPfFTsjr+qrdN1Iref+7MVo+7Qjk=
-----END CERTIFICATE-----