Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/eeb8335c-6007-42c5-94bf-b06a36e147c9.roa
File:                     eeb8335c-6007-42c5-94bf-b06a36e147c9.roa (raw, json)
Hash identifier:          703HVVi5WUKjbwnqfaA7IgOUZGhVcjPw52WXukigHyc=
Subject key identifier:   67:3F:17:BF:A3:13:20:EE:B5:AF:8C:CB:03:8C:96:9B:E9:84:C0:1D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       32491C548055ABB4FFB88FCC02A1EE8319DAB1FA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/eeb8335c-6007-42c5-94bf-b06a36e147c9.roa
Signing time:             Tue 11 Nov 2025 02:10:33 +0000
ROA not before:           Tue 11 Nov 2025 02:10:33 +0000
ROA not after:            Tue 16 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.168.0.0/15 maxlen: 15
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:49:1c:54:80:55:ab:b4:ff:b8:8f:cc:02:a1:ee:83:19:da:b1:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 11 02:10:33 2025 GMT
            Not After : Dec 16 23:59:59 2025 GMT
        Subject: serialNumber=3ade68467d980e2b034f52213fbe282acf15c5a321c6391a58ad07d34a8094e4, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:07:d5:77:b5:a1:66:0e:07:cd:f3:dc:27:67:
                    7b:f7:ea:28:b2:1e:08:92:d3:98:3b:18:89:ae:b6:
                    d1:c0:55:34:c6:2c:81:e2:0a:41:d9:4a:3f:c2:a3:
                    57:e6:9b:ea:03:cb:97:61:d8:7a:5b:2b:52:6a:4e:
                    11:f3:fa:7c:3f:b5:dd:ae:b0:e2:90:9a:c6:ed:02:
                    aa:28:ae:37:45:30:4d:ca:a9:d0:93:3a:d6:c4:16:
                    b6:52:fe:dc:85:5d:d3:af:5d:41:13:b3:c3:7a:b0:
                    c5:6e:db:f3:14:fe:84:40:dd:3d:67:14:4d:8b:59:
                    8e:05:ce:a2:2d:f1:3b:70:89:1f:24:72:0f:00:1b:
                    53:6b:bc:0f:55:36:46:fd:ff:c3:bb:17:2a:16:0b:
                    41:d5:56:27:01:35:51:14:f1:6f:55:66:83:9c:7c:
                    40:2c:45:7d:cb:b0:f2:02:ba:15:2d:fb:1a:d6:3a:
                    59:e9:2f:5c:5f:c6:99:5a:e8:65:ff:6b:80:e0:9b:
                    92:13:d7:0c:02:bc:9e:8c:ea:dd:8f:a8:94:89:fa:
                    c8:df:2f:5f:31:91:47:22:a0:e7:14:0e:c2:a5:87:
                    d8:9a:0c:c1:fc:d7:38:97:4e:95:4f:5b:99:b5:16:
                    9b:06:aa:ff:76:76:b5:a9:42:b9:e2:ac:7d:1d:63:
                    f6:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:3F:17:BF:A3:13:20:EE:B5:AF:8C:CB:03:8C:96:9B:E9:84:C0:1D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/eeb8335c-6007-42c5-94bf-b06a36e147c9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.168.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         bc:ba:0a:e3:a4:13:87:bf:47:e3:fc:4d:99:f4:13:41:b1:0e:
         af:44:66:aa:dd:25:6f:56:8a:6a:82:1a:ef:f0:96:a5:63:74:
         a5:ce:06:37:14:67:11:f1:55:ab:ff:d8:b2:0a:dd:37:75:d6:
         25:a9:f8:69:23:00:f2:df:03:60:18:b3:83:68:ef:ae:80:49:
         40:2b:bf:a4:58:45:19:d0:dc:39:c3:0b:42:5f:bd:15:19:16:
         0e:3a:d8:8c:f6:33:e1:87:63:de:7b:82:8c:49:f3:94:6e:b9:
         1b:bd:35:a4:26:bb:89:6b:47:e7:1f:2c:52:ba:9a:a7:a0:3c:
         e7:17:4d:1b:d5:a6:3c:46:b1:ef:cd:31:1f:f3:ad:7d:de:86:
         3e:a2:5e:0a:f1:4d:d2:04:66:54:9a:2e:1d:d6:2f:52:17:c8:
         1b:9b:44:39:d5:3e:88:04:0c:81:c7:05:76:a8:61:fd:40:56:
         2b:59:6c:c4:a2:a2:e6:11:75:db:19:07:55:1e:25:75:d8:46:
         e4:4b:6a:5f:4c:8f:76:a1:8c:5e:cb:51:20:53:54:5f:9d:7d:
         f2:28:36:5f:85:fb:d9:fd:19:0d:c2:91:3f:76:e5:0c:b1:71:
         38:84:db:00:e9:59:b8:a9:c5:55:ae:7e:5e:a3:33:40:52:eb:
         2f:3f:6a:74
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUMkkcVIBVq7T/uI/MAqHugxnasfowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDIxMDMzWhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0AzYWRlNjg0NjdkOTgwZTJiMDM0ZjUyMjEzZmJlMjgyYWNm
MTVjNWEzMjFjNjM5MWE1OGFkMDdkMzRhODA5NGU0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCxB9V3taFmDgfN89wnZ3v36iiyHgiS05g7GImuttHAVTTG
LIHiCkHZSj/Co1fmm+oDy5dh2HpbK1JqThHz+nw/td2usOKQmsbtAqoorjdFME3K
qdCTOtbEFrZS/tyFXdOvXUETs8N6sMVu2/MU/oRA3T1nFE2LWY4FzqIt8TtwiR8k
cg8AG1NrvA9VNkb9/8O7FyoWC0HVVicBNVEU8W9VZoOcfEAsRX3LsPICuhUt+xrW
OlnpL1xfxpla6GX/a4Dgm5IT1wwCvJ6M6t2PqJSJ+sjfL18xkUcioOcUDsKlh9ia
DMH81ziXTpVPW5m1FpsGqv92drWpQrnirH0dY/aHAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUZz8Xv6MTIO61r4zLA4yWm+mEwB0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2VlYjgzMzVjLTYwMDctNDJjNS05NGJmLWIwNmEzNmUxNDdjOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEQqDANBgkqhkiG9w0BAQsFAAOCAQEAvLoK46QTh79H4/xNmfQTQbEOr0Rm
qt0lb1aKaoIa7/CWpWN0pc4GNxRnEfFVq//YsgrdN3XWJan4aSMA8t8DYBizg2jv
roBJQCu/pFhFGdDcOcMLQl+9FRkWDjrYjPYz4Ydj3nuCjEnzlG65G701pCa7iWtH
5x8sUrqap6A85xdNG9WmPEax780xH/Otfd6GPqJeCvFN0gRmVJouHdYvUhfIG5tE
OdU+iAQMgccFdqhh/UBWK1lsxKKi5hF12xkHVR4lddhG5EtqX0yPdqGMXstRIFNU
X5198ig2X4X72f0ZDcKRP3blDLFxOITbAOlZuKnFVa5+XqMzQFLrLz9qdA==
-----END CERTIFICATE-----