Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e58eb1f8-ad27-4ff7-a49b-c3ff172827a1.roa
File:                     e58eb1f8-ad27-4ff7-a49b-c3ff172827a1.roa (raw, json)
Hash identifier:          SPrx03TtX6jF9f9Zn8tX0QHUnXwz+ZMBu2zXdcx8Grk=
Subject key identifier:   BC:02:6B:48:1F:79:78:B4:93:2D:EF:CE:D3:2C:75:2B:B2:B2:49:36
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       27733D2D6F36B01CE6AB717708EE1670C105E325
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e58eb1f8-ad27-4ff7-a49b-c3ff172827a1.roa
Signing time:             Tue 11 Nov 2025 01:21:21 +0000
ROA not before:           Tue 11 Nov 2025 01:21:21 +0000
ROA not after:            Tue 16 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.194.0.0/15 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:73:3d:2d:6f:36:b0:1c:e6:ab:71:77:08:ee:16:70:c1:05:e3:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 11 01:21:21 2025 GMT
            Not After : Dec 16 23:59:59 2025 GMT
        Subject: serialNumber=46b69862d145f49989d0b909feed8024dc57585eb1fe18659975184dc9012ce9, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:bd:97:d0:1f:ba:fa:0c:1b:2c:b5:79:2f:38:
                    bd:fb:3c:5d:1d:f7:ca:ac:a1:12:97:37:38:07:da:
                    f2:ce:fd:f5:cd:cf:0a:b3:dd:d8:fc:7e:e6:d6:35:
                    6a:0b:5a:11:b1:ea:aa:8d:0a:40:c4:98:6e:f7:d3:
                    3a:bf:61:d5:be:ec:8d:16:ad:ab:06:b2:10:60:94:
                    10:4c:30:78:d4:ef:97:19:bc:98:fa:0e:61:90:22:
                    ac:b3:76:c1:fc:dc:ab:c7:5e:89:08:c3:25:65:fb:
                    a2:32:04:d0:bc:c2:5a:10:f0:1c:da:04:87:89:5c:
                    42:19:00:5e:09:4f:cb:15:66:44:f4:d5:56:48:41:
                    04:86:f9:fd:f3:0e:1d:98:e0:48:36:2d:84:16:ca:
                    72:77:75:78:03:92:6e:7c:19:d8:2f:3e:9e:93:4f:
                    33:92:93:95:c3:7d:0c:cc:05:2c:64:ec:9d:0d:c7:
                    c9:4f:b1:c5:4a:f0:0e:8b:95:ab:fd:b5:e7:1e:3d:
                    aa:33:b0:c1:b5:5e:35:0b:be:7d:29:6d:f8:e8:16:
                    bf:9a:0b:eb:53:4f:3d:78:09:80:73:ce:3a:c0:bb:
                    dd:77:69:ae:1e:2e:e9:80:e4:b9:89:07:ba:91:98:
                    8a:d5:47:17:77:c1:03:2f:48:68:ec:c2:2d:f2:7f:
                    cd:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:02:6B:48:1F:79:78:B4:93:2D:EF:CE:D3:2C:75:2B:B2:B2:49:36
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e58eb1f8-ad27-4ff7-a49b-c3ff172827a1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.194.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         93:ce:b1:6d:d6:31:2e:11:f6:5a:c0:ea:4e:d8:c3:78:da:20:
         3d:a9:17:c8:a6:a9:b3:de:1f:7e:64:10:93:75:56:0c:ea:5f:
         d1:0e:18:8f:b1:99:f2:52:47:7d:ec:1e:9d:01:5b:2b:0e:7c:
         25:17:be:cd:5e:01:09:7f:68:bb:2e:2e:de:69:0e:a0:e8:1a:
         81:59:19:10:1f:31:5f:0d:f4:41:bd:20:c0:1e:1e:04:25:55:
         fc:dd:3a:ba:13:62:18:10:3d:d5:11:df:46:91:79:9c:8e:cb:
         cd:7c:d9:53:91:94:c9:cc:69:75:37:c0:53:ee:e5:5e:6e:0a:
         00:90:0f:28:c8:88:53:80:eb:17:82:8d:df:67:8f:47:51:e3:
         00:95:42:78:5d:35:3a:9f:cb:96:cd:6d:75:55:96:0c:95:c6:
         39:e1:e5:5b:f9:53:38:21:5b:93:02:06:81:eb:31:3c:01:71:
         de:9a:6c:f2:22:6b:7f:dc:d2:04:6b:68:58:cd:c8:f8:7c:78:
         bc:58:a8:b2:7d:5b:23:70:23:d1:45:39:09:3a:9d:bc:5a:41:
         51:f1:6d:df:8f:8c:c5:c9:88:c9:52:90:4b:f6:13:d1:e1:e8:
         da:51:d5:2a:bc:56:44:19:75:d4:8c:c1:6e:30:0d:c7:6c:e3:
         18:7c:68:19
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUJ3M9LW82sBzmq3F3CO4WcMEF4yUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDEyMTIxWhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A0NmI2OTg2MmQxNDVmNDk5ODlkMGI5MDlmZWVkODAyNGRj
NTc1ODVlYjFmZTE4NjU5OTc1MTg0ZGM5MDEyY2U5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCivZfQH7r6DBsstXkvOL37PF0d98qsoRKXNzgH2vLO/fXN
zwqz3dj8fubWNWoLWhGx6qqNCkDEmG730zq/YdW+7I0WrasGshBglBBMMHjU75cZ
vJj6DmGQIqyzdsH83KvHXokIwyVl+6IyBNC8wloQ8BzaBIeJXEIZAF4JT8sVZkT0
1VZIQQSG+f3zDh2Y4Eg2LYQWynJ3dXgDkm58GdgvPp6TTzOSk5XDfQzMBSxk7J0N
x8lPscVK8A6Llav9tecePaozsMG1XjULvn0pbfjoFr+aC+tTTz14CYBzzjrAu913
aa4eLumA5LmJB7qRmIrVRxd3wQMvSGjswi3yf82LAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUvAJrSB95eLSTLe/O0yx1K7KySTYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U1OGViMWY4LWFkMjctNGZmNy1hNDliLWMzZmYxNzI4MjdhMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwENwjANBgkqhkiG9w0BAQsFAAOCAQEAk86xbdYxLhH2WsDqTtjDeNogPakX
yKaps94ffmQQk3VWDOpf0Q4Yj7GZ8lJHfewenQFbKw58JRe+zV4BCX9ouy4u3mkO
oOgagVkZEB8xXw30Qb0gwB4eBCVV/N06uhNiGBA91RHfRpF5nI7LzXzZU5GUycxp
dTfAU+7lXm4KAJAPKMiIU4DrF4KN32ePR1HjAJVCeF01Op/Lls1tdVWWDJXGOeHl
W/lTOCFbkwIGgesxPAFx3pps8iJrf9zSBGtoWM3I+Hx4vFiosn1bI3Aj0UU5CTqd
vFpBUfFt34+MxcmIyVKQS/YT0eHo2lHVKrxWRBl11IzBbjANx2zjGHxoGQ==
-----END CERTIFICATE-----