Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/815964ed-9722-4cc0-98c4-f1d0eb521f6f.roa
File:                     815964ed-9722-4cc0-98c4-f1d0eb521f6f.roa (raw, json)
Hash identifier:          xDYO3r1fEV1rw/qY2DEQeQZRl/plgBwfaoJEvqe2JU0=
Subject key identifier:   19:74:64:68:30:B1:E0:43:40:53:C0:17:CE:0E:FB:C4:D1:70:87:84
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       51BD15BE30EEA372B9C18A4E74FA038D82C786FE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/815964ed-9722-4cc0-98c4-f1d0eb521f6f.roa
Signing time:             Wed 01 Oct 2025 00:22:08 +0000
ROA not before:           Wed 01 Oct 2025 00:22:08 +0000
ROA not after:            Wed 05 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.102.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:bd:15:be:30:ee:a3:72:b9:c1:8a:4e:74:fa:03:8d:82:c7:86:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  1 00:22:08 2025 GMT
            Not After : Nov  5 23:59:59 2025 GMT
        Subject: serialNumber=62c2e082e6650039ad40b97d389006a223060e828db86b459761f5d845dadb95, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:cb:54:11:3e:ae:a4:b9:b0:09:0d:9f:42:e1:
                    7a:4c:52:f8:d4:46:02:76:a3:32:d0:d5:cf:04:3e:
                    c6:e4:8d:88:a4:69:a4:74:60:29:b0:3b:ea:79:d7:
                    d6:0d:58:63:57:cb:66:47:44:f6:da:75:fc:7f:00:
                    f0:2f:8c:bb:ce:05:f9:f4:dd:f9:40:58:9d:d7:2e:
                    73:ba:64:24:c7:b6:fd:7d:25:e8:1d:2c:ce:d1:af:
                    6f:e3:84:e6:c1:2d:3c:7e:73:a7:7f:2f:6b:ba:4d:
                    42:b1:50:2f:4b:b4:4d:c3:5d:ca:68:60:45:55:fa:
                    74:d2:7f:e0:ca:a6:40:76:bc:d1:dd:0d:40:3c:bf:
                    e2:a5:92:30:46:21:64:5f:11:40:57:6e:a2:0e:c3:
                    83:7c:07:4f:8b:b2:89:66:14:4c:a6:47:d3:ad:e0:
                    6d:c3:5c:4a:68:98:c6:d7:11:15:b0:25:67:25:0d:
                    49:08:26:6a:25:9e:97:55:58:cc:e8:2d:0c:2c:be:
                    b3:54:13:64:96:a5:66:fd:a6:b6:07:1c:23:af:6f:
                    47:14:d9:68:bb:38:31:1a:1e:6c:d9:14:14:95:46:
                    c7:07:eb:65:d7:f3:36:d2:ff:6a:48:a3:dd:08:96:
                    cf:cb:4f:cf:c5:a9:3b:24:9e:9b:50:32:78:46:b4:
                    d1:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:74:64:68:30:B1:E0:43:40:53:C0:17:CE:0E:FB:C4:D1:70:87:84
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/815964ed-9722-4cc0-98c4-f1d0eb521f6f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.102.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         d4:0f:42:81:c7:73:2e:ad:27:63:87:da:55:46:89:89:5c:97:
         3a:45:e4:29:36:2c:77:9d:88:6e:b8:9b:96:0b:6b:10:b6:6d:
         95:7e:04:d8:1b:b4:44:9d:3d:92:d4:d6:17:30:b9:b9:02:2d:
         c5:97:3e:17:5d:79:1b:4f:8b:82:a6:4a:4e:59:05:98:5c:5c:
         90:09:f2:bb:57:51:8a:44:2f:4e:06:c8:d7:1b:70:46:41:05:
         4c:d8:44:be:ff:a9:c8:5b:06:88:43:3b:da:df:16:d3:93:a5:
         fc:cb:d1:47:16:20:9c:cc:d9:82:70:3e:cc:1c:ee:7d:fa:25:
         b8:d8:a9:d9:ec:82:5f:b2:66:b3:fa:dc:84:d0:9b:e4:2d:c4:
         04:7b:19:25:bf:0b:b2:7a:b3:c5:ae:f3:30:b8:06:ed:c5:64:
         e5:71:88:5b:01:78:bd:bc:aa:d2:3a:08:77:e0:cd:20:01:f5:
         79:92:ab:ce:36:2b:19:dd:6b:fb:ec:d8:2a:d2:c1:d0:15:5a:
         55:6b:76:68:7b:aa:b5:63:be:10:d7:c8:f7:9d:09:97:9e:18:
         bb:f5:e8:14:8b:3b:67:04:67:89:08:ac:eb:49:b7:eb:fc:ea:
         9b:63:cf:af:41:7f:cb:dd:d9:ef:7d:8f:ca:b8:53:35:2a:f4:
         3b:ab:aa:23
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUUb0VvjDuo3K5wYpOdPoDjYLHhv4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDAyMjA4WhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A2MmMyZTA4MmU2NjUwMDM5YWQ0MGI5N2QzODkwMDZhMjIz
MDYwZTgyOGRiODZiNDU5NzYxZjVkODQ1ZGFkYjk1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDQy1QRPq6kubAJDZ9C4XpMUvjURgJ2ozLQ1c8EPsbkjYik
aaR0YCmwO+p519YNWGNXy2ZHRPbadfx/APAvjLvOBfn03flAWJ3XLnO6ZCTHtv19
JegdLM7Rr2/jhObBLTx+c6d/L2u6TUKxUC9LtE3DXcpoYEVV+nTSf+DKpkB2vNHd
DUA8v+KlkjBGIWRfEUBXbqIOw4N8B0+LsolmFEymR9Ot4G3DXEpomMbXERWwJWcl
DUkIJmolnpdVWMzoLQwsvrNUE2SWpWb9prYHHCOvb0cU2Wi7ODEaHmzZFBSVRscH
62XX8zbS/2pIo90Ils/LT8/FqTsknptQMnhGtNGtAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUGXRkaDCx4ENAU8AXzg77xNFwh4QwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzgxNTk2NGVkLTk3MjItNGNjMC05OGM0LWYxZDBlYjUyMWY2Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA2ZjANBgkqhkiG9w0BAQsFAAOCAQEA1A9CgcdzLq0nY4faVUaJiVyXOkXk
KTYsd52IbriblgtrELZtlX4E2Bu0RJ09ktTWFzC5uQItxZc+F115G0+LgqZKTlkF
mFxckAnyu1dRikQvTgbI1xtwRkEFTNhEvv+pyFsGiEM72t8W05Ol/MvRRxYgnMzZ
gnA+zBzuffoluNip2eyCX7Jms/rchNCb5C3EBHsZJb8Lsnqzxa7zMLgG7cVk5XGI
WwF4vbyq0joId+DNIAH1eZKrzjYrGd1r++zYKtLB0BVaVWt2aHuqtWO+ENfI950J
l54Yu/XoFIs7ZwRniQis60m36/zqm2PPr0F/y93Z732PyrhTNSr0O6uqIw==
-----END CERTIFICATE-----