Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fe061fe4-7f72-4eb7-8ef9-28f55bb762e6.roa
File:                     fe061fe4-7f72-4eb7-8ef9-28f55bb762e6.roa (raw, json)
Hash identifier:          CHAYk5O4Phr5ZSTmXnIYUKgRQjMG1CsjB2tGvUnthfM=
Subject key identifier:   4B:0F:B8:1C:B2:D8:F3:3E:F6:3E:DF:66:46:D1:BD:EE:3F:86:9C:2D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4B83B446950F08C78E1705E9BA616C2201854EFA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fe061fe4-7f72-4eb7-8ef9-28f55bb762e6.roa
Signing time:             Tue 11 Nov 2025 01:20:11 +0000
ROA not before:           Tue 11 Nov 2025 01:20:11 +0000
ROA not after:            Tue 16 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.78.0.0/16 maxlen: 16
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:83:b4:46:95:0f:08:c7:8e:17:05:e9:ba:61:6c:22:01:85:4e:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 11 01:20:11 2025 GMT
            Not After : Dec 16 23:59:59 2025 GMT
        Subject: serialNumber=f15338ccfdab8c8854bcf42e7317e448361821a8172e895ad98f611360d620e1, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:d9:d4:2f:9a:b5:53:10:c6:6d:b9:7a:cb:dd:
                    22:71:09:8c:be:87:c9:dd:06:4e:f4:b6:3e:a7:49:
                    f9:d2:5f:58:84:4d:d3:01:2b:6b:0d:d7:83:67:fc:
                    7a:90:f9:be:89:ad:81:95:4c:74:73:a4:70:22:9b:
                    ba:1e:cb:9e:1d:62:be:41:67:13:a4:29:7c:6f:a9:
                    0c:2c:96:60:52:d3:84:8b:71:e9:f5:8a:92:a7:d7:
                    ca:b6:55:64:0a:8d:79:63:79:41:df:55:95:66:af:
                    19:bf:14:c6:51:df:d6:d6:19:a6:e0:42:c1:7e:34:
                    f3:0c:47:f5:11:3d:2a:76:97:be:0f:b3:cc:d4:e4:
                    6a:ad:af:6d:a6:ef:52:08:25:be:ef:86:02:42:c6:
                    20:ff:23:6f:8d:56:05:08:85:be:47:77:c5:16:26:
                    f4:8a:c4:54:8d:7e:af:ce:e6:be:98:30:16:f8:50:
                    8a:20:b1:c5:2c:d5:e9:a7:ff:71:60:9c:1d:9e:1d:
                    5c:24:a5:8b:e6:8b:04:ec:2e:8b:78:65:de:71:ba:
                    23:24:a5:ea:cc:c5:d2:a4:b5:cd:e1:bf:53:23:a4:
                    73:94:04:5a:4b:c6:f1:c0:c4:f2:e1:9d:39:e0:88:
                    41:a2:c3:42:db:8a:86:71:6c:08:c9:8b:18:9b:b1:
                    84:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:0F:B8:1C:B2:D8:F3:3E:F6:3E:DF:66:46:D1:BD:EE:3F:86:9C:2D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fe061fe4-7f72-4eb7-8ef9-28f55bb762e6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.78.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         b8:fd:81:7b:58:b0:22:c5:78:0a:a5:8b:34:2e:ef:0d:3d:19:
         c1:ae:20:5f:24:2e:ac:ec:8b:99:23:16:d8:e2:ac:3d:86:38:
         5a:0a:68:4b:57:d4:7d:b4:19:43:b2:23:4f:08:bb:2f:74:cb:
         b2:00:83:02:c3:7b:2a:58:79:d9:ee:cb:51:67:07:28:7e:aa:
         6a:ed:82:4a:93:a4:87:dc:83:b4:8d:2c:5d:2d:f5:4d:c3:9e:
         7b:51:c9:df:16:07:47:9a:b2:27:ef:b2:61:47:0d:29:27:91:
         ad:33:2f:fe:b9:d5:a1:64:f8:96:df:35:3e:a7:04:4c:ac:fe:
         2a:f9:e8:e8:c6:89:f7:2f:4d:55:8c:9f:1c:ea:f7:67:49:48:
         0b:ef:11:fb:db:80:ad:81:49:6c:23:b8:39:8c:0e:da:f0:62:
         80:d8:99:f9:a2:2e:ce:1b:68:13:b4:ea:b4:72:79:6a:76:ba:
         29:a7:f3:e8:b4:35:59:c3:ea:c2:95:3b:7f:9c:76:86:83:0d:
         f1:90:1d:6f:29:72:f3:c3:f1:b4:60:9f:11:7d:32:ea:e1:57:
         7e:f0:94:4b:f3:c6:e1:ef:d8:17:26:b6:13:8e:a8:80:d7:e8:
         bc:46:87:64:08:c1:b0:9a:c5:72:4b:99:5d:08:e3:43:51:3c:
         3d:52:fd:8d
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUS4O0RpUPCMeOFwXpumFsIgGFTvowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDEyMDExWhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BmMTUzMzhjY2ZkYWI4Yzg4NTRiY2Y0MmU3MzE3ZTQ0ODM2
MTgyMWE4MTcyZTg5NWFkOThmNjExMzYwZDYyMGUxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDr2dQvmrVTEMZtuXrL3SJxCYy+h8ndBk70tj6nSfnSX1iE
TdMBK2sN14Nn/HqQ+b6JrYGVTHRzpHAim7oey54dYr5BZxOkKXxvqQwslmBS04SL
cen1ipKn18q2VWQKjXljeUHfVZVmrxm/FMZR39bWGabgQsF+NPMMR/URPSp2l74P
s8zU5Gqtr22m71IIJb7vhgJCxiD/I2+NVgUIhb5Hd8UWJvSKxFSNfq/O5r6YMBb4
UIogscUs1emn/3FgnB2eHVwkpYvmiwTsLot4Zd5xuiMkperMxdKktc3hv1MjpHOU
BFpLxvHAxPLhnTngiEGiw0LbioZxbAjJixibsYQfAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUSw+4HLLY8z72Pt9mRtG97j+GnC0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ZlMDYxZmU0LTdmNzItNGViNy04ZWY5LTI4ZjU1YmI3NjJlNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQTjANBgkqhkiG9w0BAQsFAAOCAQEAuP2Be1iwIsV4CqWLNC7vDT0Zwa4g
XyQurOyLmSMW2OKsPYY4WgpoS1fUfbQZQ7IjTwi7L3TLsgCDAsN7Klh52e7LUWcH
KH6qau2CSpOkh9yDtI0sXS31TcOee1HJ3xYHR5qyJ++yYUcNKSeRrTMv/rnVoWT4
lt81PqcETKz+Kvno6MaJ9y9NVYyfHOr3Z0lIC+8R+9uArYFJbCO4OYwO2vBigNiZ
+aIuzhtoE7TqtHJ5ana6Kafz6LQ1WcPqwpU7f5x2hoMN8ZAdbyly88PxtGCfEX0y
6uFXfvCUS/PG4e/YFya2E46ogNfovEaHZAjBsJrFckuZXQjjQ1E8PVL9jQ==
-----END CERTIFICATE-----