Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/48c16ea6-712e-4567-935b-9fb07c5cf605.roa
File:                     48c16ea6-712e-4567-935b-9fb07c5cf605.roa (raw, json)
Hash identifier:          C/7aCGLlvuAYXecos3rettnat2W4mf3stKVue3WfwkA=
Subject key identifier:   BE:7F:AF:08:BF:D1:10:83:46:26:82:3D:9D:BE:6E:D8:7A:93:90:BC
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0F581AFB0C4C41260C3BB3360D465D82110B030C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/48c16ea6-712e-4567-935b-9fb07c5cf605.roa
Signing time:             Thu 13 Nov 2025 00:50:08 +0000
ROA not before:           Thu 13 Nov 2025 00:50:08 +0000
ROA not after:            Thu 18 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        130.181.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:58:1a:fb:0c:4c:41:26:0c:3b:b3:36:0d:46:5d:82:11:0b:03:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 13 00:50:08 2025 GMT
            Not After : Dec 18 23:59:59 2025 GMT
        Subject: serialNumber=bf5d0905d908737c643166db2e42a669bad80070b5116e577610f2f0a1485eba, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:d1:b0:8b:62:81:c3:91:cc:69:97:19:bc:b2:
                    1b:0a:ec:4c:14:bf:89:90:4c:96:b8:a0:2b:5a:c5:
                    08:00:4f:9f:70:f9:4e:54:e5:c7:b7:b3:12:07:ba:
                    e0:e5:d4:e5:80:86:80:00:95:a3:67:78:60:9a:c1:
                    ca:1e:bd:fa:87:80:b7:84:a9:2b:2d:fa:ef:fd:eb:
                    7e:c4:ca:6f:ac:29:2d:29:46:62:b5:cc:36:7f:00:
                    36:6d:89:8f:69:62:7e:6b:71:82:26:be:0b:f2:7e:
                    01:47:2c:21:f8:61:61:fb:6f:4e:35:f7:54:c3:1f:
                    02:d2:6a:b5:01:06:33:8b:77:19:24:3d:f4:b1:f5:
                    32:ba:fb:fd:01:94:de:63:07:74:48:11:26:7d:1d:
                    d2:1b:89:e7:75:a3:33:e2:0f:01:6c:bf:bf:22:03:
                    c5:04:96:a6:a6:cc:7b:bd:1e:6e:2b:30:ec:47:02:
                    96:29:81:1a:cc:ec:ff:3f:8e:57:cb:72:49:17:ee:
                    6f:d2:63:c7:7b:03:4a:8f:8b:88:e3:c6:75:0d:ad:
                    c1:82:5e:5c:1c:ec:2d:eb:e1:4e:0b:91:63:ca:ed:
                    76:06:1d:f4:29:1a:0a:be:66:97:ec:42:6f:63:f2:
                    04:d1:c4:54:ec:c2:4f:90:bf:aa:df:81:71:44:12:
                    55:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:7F:AF:08:BF:D1:10:83:46:26:82:3D:9D:BE:6E:D8:7A:93:90:BC
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/48c16ea6-712e-4567-935b-9fb07c5cf605.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  130.181.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         ae:6e:f2:05:1e:73:06:87:ab:f1:47:7a:06:c6:c5:b0:55:59:
         ff:19:de:15:5f:75:07:5e:c8:68:6e:ac:af:66:70:f9:89:15:
         a7:3e:8c:f8:9b:ef:84:b1:0b:26:28:ae:6f:52:d5:28:cc:06:
         ba:f7:d0:bc:57:1d:19:72:bb:89:97:94:63:f2:39:ba:88:52:
         8a:c9:65:a1:87:8f:cd:87:43:39:68:60:8a:5f:0b:0e:00:05:
         1e:1a:66:64:7c:1e:f0:5c:ed:6d:7f:dc:13:a2:9e:c6:60:d5:
         49:1a:0e:a6:af:6c:8b:ed:b7:89:53:81:31:8a:d4:6e:80:a2:
         18:e6:a1:68:9b:6b:30:3f:87:1a:87:03:92:1e:9e:84:6e:18:
         db:bd:e0:02:87:f4:88:d3:d7:64:f9:f7:0f:61:5b:d1:3c:1a:
         3e:37:d8:31:d8:91:fb:1e:9e:76:b7:03:5f:ec:0f:89:3b:52:
         ae:c8:b8:6c:0e:9c:47:18:01:21:d3:4a:6a:be:0e:f0:41:ab:
         dc:ff:01:37:bb:42:d6:13:ed:8c:6e:5e:5d:f4:7d:67:da:23:
         03:ef:d2:ac:88:69:58:8a:0b:a4:1a:81:0c:8a:40:63:7d:99:
         c9:da:e8:a6:4f:a9:f4:bb:b4:f5:ac:3d:f3:25:0a:83:13:0c:
         8d:20:d2:62
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUD1ga+wxMQSYMO7M2DUZdghELAwwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEzMDA1MDA4WhcNMjUxMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BiZjVkMDkwNWQ5MDg3MzdjNjQzMTY2ZGIyZTQyYTY2OWJh
ZDgwMDcwYjUxMTZlNTc3NjEwZjJmMGExNDg1ZWJhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCU0bCLYoHDkcxplxm8shsK7EwUv4mQTJa4oCtaxQgAT59w
+U5U5ce3sxIHuuDl1OWAhoAAlaNneGCawcoevfqHgLeEqSst+u/9637Eym+sKS0p
RmK1zDZ/ADZtiY9pYn5rcYImvgvyfgFHLCH4YWH7b04191TDHwLSarUBBjOLdxkk
PfSx9TK6+/0BlN5jB3RIESZ9HdIbied1ozPiDwFsv78iA8UElqamzHu9Hm4rMOxH
ApYpgRrM7P8/jlfLckkX7m/SY8d7A0qPi4jjxnUNrcGCXlwc7C3r4U4LkWPK7XYG
HfQpGgq+ZpfsQm9j8gTRxFTswk+Qv6rfgXFEElXrAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUvn+vCL/REINGJoI9nb5u2HqTkLwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ4YzE2ZWE2LTcxMmUtNDU2Ny05MzViLTlmYjA3YzVjZjYwNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCCtTANBgkqhkiG9w0BAQsFAAOCAQEArm7yBR5zBoer8Ud6BsbFsFVZ/xne
FV91B17IaG6sr2Zw+YkVpz6M+JvvhLELJiiub1LVKMwGuvfQvFcdGXK7iZeUY/I5
uohSislloYePzYdDOWhgil8LDgAFHhpmZHwe8FztbX/cE6KexmDVSRoOpq9si+23
iVOBMYrUboCiGOahaJtrMD+HGocDkh6ehG4Y273gAof0iNPXZPn3D2Fb0TwaPjfY
MdiR+x6edrcDX+wPiTtSrsi4bA6cRxgBIdNKar4O8EGr3P8BN7tC1hPtjG5eXfR9
Z9ojA+/SrIhpWIoLpBqBDIpAY32Zydropk+p9Lu09aw98yUKgxMMjSDSYg==
-----END CERTIFICATE-----