Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/113d5556-8776-4980-8481-4392894f76ea.roa
File:                     113d5556-8776-4980-8481-4392894f76ea.roa (raw, json)
Hash identifier:          A5gBCIzvgVXfn2xtIIjCUXoJw/RSTDO40F3IK51XVFQ=
Subject key identifier:   65:AD:3E:BE:8D:F4:A3:7E:9D:0D:28:29:C3:33:30:E9:56:AA:26:64
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       595EACEC1B2EE95AA30E68B47451008278E8E628
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/113d5556-8776-4980-8481-4392894f76ea.roa
Signing time:             Tue 30 Sep 2025 00:23:03 +0000
ROA not before:           Tue 30 Sep 2025 00:23:03 +0000
ROA not after:            Tue 04 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.94.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:5e:ac:ec:1b:2e:e9:5a:a3:0e:68:b4:74:51:00:82:78:e8:e6:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 30 00:23:03 2025 GMT
            Not After : Nov  4 23:59:59 2025 GMT
        Subject: serialNumber=69f1e50e305cbec128e9e4e8381ccb582af039f8fce8c6aeadb03a32f3111a09, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:8f:16:c8:f7:c6:b0:39:2f:01:b5:08:cb:ad:
                    f7:6c:f1:72:44:74:d3:43:d6:77:a8:ca:e5:5d:b5:
                    4c:4b:5c:54:c9:90:77:ca:9d:25:71:db:e8:42:a0:
                    02:da:e9:07:ea:7c:e8:31:33:27:8a:f1:4c:a0:10:
                    fb:21:db:52:a5:36:d4:5f:4c:1a:18:4c:00:ab:8b:
                    00:22:d4:a7:dc:34:42:1f:86:2a:51:eb:14:13:b4:
                    dd:39:2d:33:87:c6:a5:23:70:6d:e9:80:93:ac:61:
                    f2:b9:5b:76:ef:3c:bf:41:cd:05:85:56:3d:b4:3a:
                    84:bc:4a:74:31:da:14:81:ba:08:ea:f1:d4:d4:f9:
                    36:fa:10:f8:3a:ab:22:53:27:b4:7c:60:13:81:d7:
                    75:72:70:04:c4:b0:6a:bd:d3:74:3a:31:c0:49:da:
                    74:d2:94:64:0a:50:f1:29:10:af:a8:17:52:a7:43:
                    9d:d3:8a:f1:a2:84:da:ce:07:30:77:e0:f5:64:91:
                    cc:99:71:3e:3d:52:1c:26:aa:25:85:19:1f:ae:ae:
                    bc:80:ea:fd:f5:8e:17:90:96:cf:7a:46:aa:dd:24:
                    39:8f:8d:b4:a6:cb:79:f5:df:89:5a:04:95:52:c3:
                    91:1e:0c:42:e1:25:d4:15:77:42:32:1f:a3:84:d6:
                    fb:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:AD:3E:BE:8D:F4:A3:7E:9D:0D:28:29:C3:33:30:E9:56:AA:26:64
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/113d5556-8776-4980-8481-4392894f76ea.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.94.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         5e:ea:0c:56:6b:bb:33:ce:2f:2c:f5:10:3c:79:ed:a3:b9:f9:
         4a:6d:08:8d:0b:a2:ca:fa:6d:fe:c1:32:c5:fe:e2:00:dc:85:
         b6:29:e3:58:ac:85:d7:51:d9:36:b4:dd:45:c1:b8:4b:f5:98:
         59:a8:83:a2:68:00:94:96:87:d9:b1:52:aa:80:c2:ee:48:71:
         f4:eb:f3:56:b4:97:f4:d5:8f:fe:b7:16:9a:39:6a:41:1c:d7:
         1b:be:79:a4:a4:13:62:e1:47:35:f1:aa:df:fd:f7:cd:d1:e3:
         02:f6:f3:26:ea:c1:ac:b3:dd:fc:76:18:a3:36:94:ca:89:c5:
         6a:13:83:b4:7c:1f:d0:a3:da:81:6b:0f:4b:84:a5:17:82:b5:
         94:35:86:68:ad:a9:9c:04:f1:3b:8b:b2:ee:78:87:9a:67:fc:
         3d:7e:d4:f0:3b:ca:22:47:f7:06:e0:50:98:18:92:b4:55:de:
         d3:34:db:e1:02:27:7a:58:ca:78:59:5b:e0:25:38:b0:38:d0:
         25:00:10:15:c6:0f:3e:65:e8:7d:bb:79:f2:7a:66:f3:0c:20:
         09:65:be:46:10:b6:76:b4:39:a2:7a:14:8d:65:ca:65:eb:63:
         35:b9:d8:5d:d0:6e:62:e6:a6:1a:f2:02:19:39:47:18:f8:a8:
         26:9f:03:e0
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUWV6s7Bsu6VqjDmi0dFEAgnjo5igwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTMwMDAyMzAzWhcNMjUxMTA0MjM1OTU5
WjB6MUkwRwYDVQQFE0A2OWYxZTUwZTMwNWNiZWMxMjhlOWU0ZTgzODFjY2I1ODJh
ZjAzOWY4ZmNlOGM2YWVhZGIwM2EzMmYzMTExYTA5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCsjxbI98awOS8BtQjLrfds8XJEdNND1neoyuVdtUxLXFTJ
kHfKnSVx2+hCoALa6QfqfOgxMyeK8UygEPsh21KlNtRfTBoYTACriwAi1KfcNEIf
hipR6xQTtN05LTOHxqUjcG3pgJOsYfK5W3bvPL9BzQWFVj20OoS8SnQx2hSBugjq
8dTU+Tb6EPg6qyJTJ7R8YBOB13VycATEsGq903Q6McBJ2nTSlGQKUPEpEK+oF1Kn
Q53TivGihNrOBzB34PVkkcyZcT49UhwmqiWFGR+urryA6v31jheQls96RqrdJDmP
jbSmy3n134laBJVSw5EeDELhJdQVd0IyH6OE1vuFAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUZa0+vo30o36dDSgpwzMw6VaqJmQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzExM2Q1NTU2LTg3NzYtNDk4MC04NDgxLTQzOTI4OTRmNzZlYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQXjANBgkqhkiG9w0BAQsFAAOCAQEAXuoMVmu7M84vLPUQPHnto7n5Sm0I
jQuiyvpt/sEyxf7iANyFtinjWKyF11HZNrTdRcG4S/WYWaiDomgAlJaH2bFSqoDC
7khx9OvzVrSX9NWP/rcWmjlqQRzXG755pKQTYuFHNfGq3/33zdHjAvbzJurBrLPd
/HYYozaUyonFahODtHwf0KPagWsPS4SlF4K1lDWGaK2pnATxO4uy7niHmmf8PX7U
8DvKIkf3BuBQmBiStFXe0zTb4QIneljKeFlb4CU4sDjQJQAQFcYPPmXofbt58npm
8wwgCWW+RhC2drQ5onoUjWXKZetjNbnYXdBuYuamGvICGTlHGPioJp8D4A==
-----END CERTIFICATE-----