Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dad3826f-c445-41df-ba08-d08040b8b288.roa
File:                     dad3826f-c445-41df-ba08-d08040b8b288.roa (raw, json)
Hash identifier:          ZkUpUm965feHKfxuE5LrCvirkMLiEH+FpDAP42qZpxI=
Subject key identifier:   3B:AA:56:71:CF:62:0E:B4:76:9B:A9:87:6A:05:74:39:28:E5:6C:D8
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       39A9AE070377A1059ABDB9CB5CF456A26A65168E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dad3826f-c445-41df-ba08-d08040b8b288.roa
Signing time:             Tue 18 Nov 2025 00:11:10 +0000
ROA not before:           Tue 18 Nov 2025 00:11:10 +0000
ROA not after:            Mon 16 Feb 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        56.155.19.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:a9:ae:07:03:77:a1:05:9a:bd:b9:cb:5c:f4:56:a2:6a:65:16:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 18 00:11:10 2025 GMT
            Not After : Feb 16 23:59:59 2026 GMT
        Subject: serialNumber=0cb7f1090d8e89577f2faf5fbf239a8f03f7b5cbcdf52a3a39c803010cfe0cf2, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:da:28:4a:eb:2b:49:e1:0b:d2:73:b1:dc:4e:
                    a5:76:25:41:b1:9a:a2:71:a3:c5:41:f4:22:40:9a:
                    e8:3d:38:32:39:ed:36:97:16:f3:cf:d6:c3:3e:9d:
                    b9:48:dd:ad:76:10:59:43:50:ed:fb:df:b8:fc:3f:
                    e5:91:a1:9c:02:b3:e7:de:bb:7d:d4:3f:d3:af:5c:
                    ea:68:6a:c6:3e:94:2e:6c:fd:c5:6d:57:fb:0a:4b:
                    4c:e2:e9:64:77:ac:05:bf:7f:b0:65:3a:e8:93:f5:
                    1d:1a:72:4e:06:79:c2:c8:15:ce:09:65:18:5b:5c:
                    9f:1a:6c:a2:30:e6:06:a2:47:16:c6:b1:f0:17:0a:
                    05:91:27:14:86:83:32:e3:0d:44:d6:67:58:b4:e5:
                    83:05:99:72:06:8f:5b:c1:87:6b:10:a8:ab:e0:87:
                    1a:f1:10:54:a8:3a:0c:01:54:1c:5c:76:0e:8e:69:
                    a2:d0:07:13:0d:58:b1:64:9a:0a:6e:73:90:73:03:
                    72:e3:f2:b6:11:09:de:49:52:93:96:ab:e1:d5:f6:
                    da:35:6a:f9:1a:98:0d:7d:c4:af:ee:e2:2d:0e:61:
                    42:e6:5e:ba:9b:3c:fe:b1:c3:0b:ea:a8:4c:8f:9f:
                    ff:a4:e2:6b:cf:e7:7b:69:b9:b6:79:54:b5:83:b7:
                    9e:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:AA:56:71:CF:62:0E:B4:76:9B:A9:87:6A:05:74:39:28:E5:6C:D8
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dad3826f-c445-41df-ba08-d08040b8b288.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.155.19.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:1f:d7:6e:6d:39:30:79:a4:dd:57:1e:7e:1c:2b:97:31:59:
         d5:a6:61:46:e6:13:c1:db:6e:ce:15:d6:cc:0a:22:77:60:72:
         a7:43:2c:be:0a:a3:40:7b:ca:73:55:eb:a6:65:0d:ed:5c:93:
         64:1e:06:a1:48:4f:a5:95:01:6c:1f:a4:f4:3a:47:3a:08:95:
         05:6b:92:7d:c6:84:81:0d:c5:ee:ec:5b:e0:81:48:9e:a4:04:
         62:52:d9:61:3a:8e:a7:cb:29:c3:02:0b:2a:e2:ab:4b:41:b6:
         f5:c4:ed:cd:b4:2c:94:39:a8:81:9e:40:77:86:fa:30:f8:1a:
         3a:6f:bf:d0:64:bb:ff:90:3d:0a:51:8b:c5:df:8a:07:ad:ef:
         34:31:3c:7c:85:f3:77:c5:b8:db:53:65:4f:e1:92:84:a6:2f:
         3b:69:f7:d3:60:a7:30:1f:c2:ae:e5:a8:cc:f6:f8:57:fb:c7:
         11:b7:19:99:04:0a:07:d4:70:0c:2c:b6:11:90:b0:be:68:36:
         cd:57:c8:97:d5:44:55:ea:ba:d6:cc:af:5a:29:3a:7a:aa:08:
         dd:79:c8:0d:82:19:89:97:14:1d:3a:6a:29:9b:04:63:2c:a6:
         36:90:bf:cb:ae:ca:01:fe:69:22:39:99:a6:e0:6b:38:b4:fd:
         26:15:aa:9b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOamuBwN3oQWavbnLXPRWomplFo4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTE4MDAxMTEwWhcNMjYwMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0AwY2I3ZjEwOTBkOGU4OTU3N2YyZmFmNWZiZjIzOWE4ZjAz
ZjdiNWNiY2RmNTJhM2EzOWM4MDMwMTBjZmUwY2YyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCs2ihK6ytJ4QvSc7HcTqV2JUGxmqJxo8VB9CJAmug9ODI5
7TaXFvPP1sM+nblI3a12EFlDUO3737j8P+WRoZwCs+feu33UP9OvXOpoasY+lC5s
/cVtV/sKS0zi6WR3rAW/f7BlOuiT9R0ack4GecLIFc4JZRhbXJ8abKIw5gaiRxbG
sfAXCgWRJxSGgzLjDUTWZ1i05YMFmXIGj1vBh2sQqKvghxrxEFSoOgwBVBxcdg6O
aaLQBxMNWLFkmgpuc5BzA3Lj8rYRCd5JUpOWq+HV9to1avkamA19xK/u4i0OYULm
XrqbPP6xwwvqqEyPn/+k4mvP53tpubZ5VLWDt56fAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUO6pWcc9iDrR2m6mHagV0OSjlbNgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2RhZDM4MjZmLWM0NDUtNDFkZi1iYTA4LWQwODA0MGI4YjI4OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA4mxMwDQYJKoZIhvcNAQELBQADggEBACgf125tOTB5pN1XHn4cK5cxWdWm
YUbmE8Hbbs4V1swKIndgcqdDLL4Ko0B7ynNV66ZlDe1ck2QeBqFIT6WVAWwfpPQ6
RzoIlQVrkn3GhIENxe7sW+CBSJ6kBGJS2WE6jqfLKcMCCyriq0tBtvXE7c20LJQ5
qIGeQHeG+jD4Gjpvv9Bku/+QPQpRi8Xfiget7zQxPHyF83fFuNtTZU/hkoSmLztp
99NgpzAfwq7lqMz2+Ff7xxG3GZkECgfUcAwsthGQsL5oNs1XyJfVRFXqutbMr1op
OnqqCN15yA2CGYmXFB06aimbBGMspjaQv8uuygH+aSI5mabgazi0/SYVqps=
-----END CERTIFICATE-----