Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4453fba6-c24f-4c1d-a854-fe5e14fb78dd.roa
File:                     4453fba6-c24f-4c1d-a854-fe5e14fb78dd.roa (raw, json)
Hash identifier:          hrJc8PjDV96me2YByGKanGa+joL+CTGt8QNrQvpx05o=
Subject key identifier:   A8:89:55:19:DD:1F:BD:FD:50:D4:FD:61:23:F2:C4:6C:B5:0A:64:2C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2CBCAC26FD1B6016F325428D0BF4069BE1DFD2AF
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4453fba6-c24f-4c1d-a854-fe5e14fb78dd.roa
Signing time:             Sat 04 Oct 2025 00:37:35 +0000
ROA not before:           Sat 04 Oct 2025 00:37:35 +0000
ROA not after:            Sat 08 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        15.217.0.0/16 maxlen: 16
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:bc:ac:26:fd:1b:60:16:f3:25:42:8d:0b:f4:06:9b:e1:df:d2:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  4 00:37:35 2025 GMT
            Not After : Nov  8 23:59:59 2025 GMT
        Subject: serialNumber=e84bbf94633e04ff5b924780aa3a2b743affe4039b8f3d0d5f1beece02673ad2, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:ad:0a:f2:42:b8:c6:12:b4:23:e7:83:91:25:
                    1f:04:2a:8c:ce:51:97:25:76:a6:65:38:8f:3a:2f:
                    de:b5:b2:e8:97:99:44:74:99:c2:d5:8b:4b:08:ab:
                    e9:b0:bf:f3:28:c0:20:34:78:30:9d:11:f6:00:42:
                    86:43:d8:d8:f5:a3:aa:a3:10:a9:c5:76:a0:01:53:
                    df:c5:9b:c5:f8:7e:24:3f:f9:1a:de:93:26:9b:c5:
                    ec:b9:b3:0c:72:30:5a:f3:a2:d8:71:53:db:e8:19:
                    5b:53:28:ac:68:bf:ca:7a:4d:11:e5:48:16:7f:88:
                    01:51:46:05:e3:21:cc:cf:ad:a5:c4:38:6f:80:6d:
                    f0:c0:dd:66:f5:4d:f8:98:a7:58:c4:48:6e:eb:73:
                    43:2c:9c:0e:c0:e5:e0:e5:1c:39:0d:be:43:a9:3f:
                    b6:0e:9b:c4:a6:b7:2f:51:35:58:ee:dc:9e:86:c5:
                    07:04:af:d4:7c:21:18:98:18:20:17:b7:05:e4:07:
                    e9:ce:3e:29:91:08:4d:67:63:75:d0:c7:ab:f7:fb:
                    1a:d6:e3:93:9e:79:c9:70:03:65:2f:20:61:22:40:
                    72:62:bf:55:ff:f6:d6:ff:5c:f1:43:3b:a4:59:f1:
                    de:e9:22:66:32:b7:94:48:5a:cb:75:3d:74:e9:27:
                    da:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:89:55:19:DD:1F:BD:FD:50:D4:FD:61:23:F2:C4:6C:B5:0A:64:2C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4453fba6-c24f-4c1d-a854-fe5e14fb78dd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.217.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         b8:17:71:9d:b2:78:10:f0:96:71:a9:a2:e2:88:8f:ba:33:b3:
         f0:e1:61:1d:97:36:d0:55:70:4f:0b:54:45:18:a8:ae:aa:07:
         c0:cd:52:bc:19:58:3b:8a:ea:ca:46:5d:35:ae:13:35:1d:b6:
         ec:38:65:48:ce:90:70:c7:ad:82:13:a9:73:aa:3e:ed:d7:01:
         ed:7a:30:46:8e:24:7d:37:f8:12:a9:52:7c:e3:b0:16:50:bd:
         d1:9f:c2:98:3f:7f:8d:85:b7:2d:b1:b6:21:9f:12:ed:e2:3d:
         7e:ac:bd:8f:c2:af:61:76:e8:d2:9b:45:d7:56:91:58:42:bf:
         f8:d8:4e:3d:4a:f7:8b:56:c2:92:9c:95:55:91:1d:8c:7d:17:
         2d:c1:5e:f3:de:85:d3:40:a2:95:07:6d:2c:e9:d8:60:32:a1:
         a2:15:1a:22:34:6d:08:7f:25:f7:8c:22:63:03:de:a3:ce:d0:
         8f:22:16:8c:28:b9:6e:16:81:97:79:27:c1:9e:af:7b:3d:43:
         ef:be:fc:11:b0:39:07:4d:f2:37:fb:94:34:d9:b6:d5:1a:c0:
         5d:6e:c9:be:20:6a:04:87:9c:d4:d8:6b:2d:68:64:5a:ca:86:
         f5:d9:5a:c6:aa:a6:10:26:bc:fa:84:f5:06:ba:71:c1:9d:2c:
         28:1f:e5:a3
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIULLysJv0bYBbzJUKNC/QGm+Hf0q8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA0MDAzNzM1WhcNMjUxMTA4MjM1OTU5
WjB6MUkwRwYDVQQFE0BlODRiYmY5NDYzM2UwNGZmNWI5MjQ3ODBhYTNhMmI3NDNh
ZmZlNDAzOWI4ZjNkMGQ1ZjFiZWVjZTAyNjczYWQyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCerQryQrjGErQj54ORJR8EKozOUZcldqZlOI86L961suiX
mUR0mcLVi0sIq+mwv/MowCA0eDCdEfYAQoZD2Nj1o6qjEKnFdqABU9/Fm8X4fiQ/
+Rrekyabxey5swxyMFrzothxU9voGVtTKKxov8p6TRHlSBZ/iAFRRgXjIczPraXE
OG+AbfDA3Wb1TfiYp1jESG7rc0MsnA7A5eDlHDkNvkOpP7YOm8Smty9RNVju3J6G
xQcEr9R8IRiYGCAXtwXkB+nOPimRCE1nY3XQx6v3+xrW45OeeclwA2UvIGEiQHJi
v1X/9tb/XPFDO6RZ8d7pImYyt5RIWst1PXTpJ9qHAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUqIlVGd0fvf1Q1P1hI/LEbLUKZCwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ0NTNmYmE2LWMyNGYtNGMxZC1hODU0LWZlNWUxNGZiNzhkZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAP2TANBgkqhkiG9w0BAQsFAAOCAQEAuBdxnbJ4EPCWcami4oiPujOz8OFh
HZc20FVwTwtURRiorqoHwM1SvBlYO4rqykZdNa4TNR227DhlSM6QcMetghOpc6o+
7dcB7XowRo4kfTf4EqlSfOOwFlC90Z/CmD9/jYW3LbG2IZ8S7eI9fqy9j8KvYXbo
0ptF11aRWEK/+NhOPUr3i1bCkpyVVZEdjH0XLcFe896F00CilQdtLOnYYDKhohUa
IjRtCH8l94wiYwPeo87QjyIWjCi5bhaBl3knwZ6vez1D7778EbA5B03yN/uUNNm2
1RrAXW7JviBqBIec1NhrLWhkWsqG9dlaxqqmECa8+oT1BrpxwZ0sKB/low==
-----END CERTIFICATE-----