Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b8e867f3-9430-4ec2-8be1-c7406b137e2a.roa
File:                     b8e867f3-9430-4ec2-8be1-c7406b137e2a.roa (raw, json)
Hash identifier:          tTjlMOBpWjMsDu0y2fKprq67+/fCWaoI509y4yLJfx0=
Subject key identifier:   BB:EC:C8:54:93:CC:B7:9A:0F:BC:BC:F5:B1:24:FE:AF:1B:E4:C2:98
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       182B3AD0B469868099939AA74CACB67FDDCE04D5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b8e867f3-9430-4ec2-8be1-c7406b137e2a.roa
Signing time:             Sun 26 Oct 2025 00:30:53 +0000
ROA not before:           Sun 26 Oct 2025 00:30:53 +0000
ROA not after:            Sun 30 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.82.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:2b:3a:d0:b4:69:86:80:99:93:9a:a7:4c:ac:b6:7f:dd:ce:04:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 26 00:30:53 2025 GMT
            Not After : Nov 30 23:59:59 2025 GMT
        Subject: serialNumber=5f05080285bf788e2360a69611563db63a051b9a14f3feeb1c4a2b14fcd7af8c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:0c:f2:df:6b:0b:79:af:2b:ca:2d:3f:2c:3d:
                    f8:57:bb:b3:91:da:14:c1:e6:28:83:12:bb:00:f5:
                    0a:a6:88:b2:bb:86:d7:53:2d:ef:c3:94:bc:86:1a:
                    33:09:af:fa:18:b6:59:8d:cb:b2:f2:c2:90:a7:ab:
                    f8:fd:13:e2:de:72:29:91:d2:e5:17:30:fc:12:dd:
                    da:2d:7a:0b:42:a7:c9:32:42:9e:2a:06:76:f7:bc:
                    6e:9b:7b:b5:fa:29:74:9f:9b:44:7b:4e:45:0a:dd:
                    33:33:ce:42:cb:cf:1f:41:0a:a0:9e:06:cc:61:03:
                    cb:7d:e8:c4:96:4b:fa:72:f2:21:e3:56:aa:3a:43:
                    62:fb:ae:e3:97:73:38:c2:eb:fe:b8:e4:cd:92:5f:
                    1d:9e:7c:78:e1:71:6d:d9:c2:63:cc:7e:69:b6:19:
                    df:40:36:95:79:60:30:79:9d:4f:2e:0a:05:6d:3d:
                    f4:f1:a0:43:ad:c0:23:a6:ed:bd:cc:20:37:dd:8d:
                    a5:52:3f:12:e1:fd:d3:65:f4:28:b0:f6:c2:87:a0:
                    42:8f:6f:12:1a:a8:f0:8d:4e:8d:34:1c:b8:59:fd:
                    c1:78:71:15:9b:31:06:c9:ef:9b:d4:7c:64:0c:f5:
                    0c:25:cb:39:fe:b2:0b:05:0e:cb:f4:ff:70:0d:66:
                    62:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:EC:C8:54:93:CC:B7:9A:0F:BC:BC:F5:B1:24:FE:AF:1B:E4:C2:98
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b8e867f3-9430-4ec2-8be1-c7406b137e2a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.82.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         cb:90:d6:9c:ad:25:5a:3f:be:a8:ec:ba:bd:51:dd:25:85:7e:
         bd:ab:be:07:ff:ec:6b:01:39:6d:10:de:ee:59:47:04:ae:76:
         e4:54:2f:a4:a4:c1:43:9a:84:87:91:94:9c:da:68:22:08:ef:
         17:33:c0:ce:c5:f9:8f:88:a1:d9:26:5c:75:34:e1:0a:02:17:
         95:40:b5:7a:a2:43:3b:c1:ae:d1:a6:ae:3f:aa:c4:46:93:66:
         26:20:0f:09:20:35:ca:d1:e7:c0:c9:eb:9f:56:e2:c0:e3:16:
         11:38:e9:0e:1f:30:da:77:51:d6:21:b0:47:e1:9a:75:2e:bf:
         be:a2:7f:1c:2a:35:90:fa:81:7d:d3:2a:35:27:24:0c:98:24:
         a3:4d:f0:b7:6b:64:6a:5c:92:8b:fa:dc:c3:ba:71:cc:02:8d:
         ea:a5:02:69:38:de:67:1f:91:61:7e:2d:5b:3c:ec:b4:3f:a9:
         f2:c2:1e:38:7b:61:64:59:41:e0:41:ad:44:07:10:a9:9e:3a:
         04:8a:c9:e7:4f:91:fa:5c:3e:53:7f:3a:33:f2:10:1f:4f:1c:
         6a:83:71:36:4c:b9:5c:19:97:bf:ed:90:bb:26:07:d7:61:03:
         d4:3e:0e:d1:ea:36:85:14:af:84:41:f6:d5:93:cd:24:42:d9:
         04:81:44:3e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUGCs60LRphoCZk5qnTKy2f93OBNUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI2MDAzMDUzWhcNMjUxMTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0A1ZjA1MDgwMjg1YmY3ODhlMjM2MGE2OTYxMTU2M2RiNjNh
MDUxYjlhMTRmM2ZlZWIxYzRhMmIxNGZjZDdhZjhjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCnDPLfawt5ryvKLT8sPfhXu7OR2hTB5iiDErsA9QqmiLK7
htdTLe/DlLyGGjMJr/oYtlmNy7LywpCnq/j9E+LecimR0uUXMPwS3dotegtCp8ky
Qp4qBnb3vG6be7X6KXSfm0R7TkUK3TMzzkLLzx9BCqCeBsxhA8t96MSWS/py8iHj
Vqo6Q2L7ruOXczjC6/645M2SXx2efHjhcW3ZwmPMfmm2Gd9ANpV5YDB5nU8uCgVt
PfTxoEOtwCOm7b3MIDfdjaVSPxLh/dNl9Ciw9sKHoEKPbxIaqPCNTo00HLhZ/cF4
cRWbMQbJ75vUfGQM9Qwlyzn+sgsFDsv0/3ANZmLlAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUu+zIVJPMt5oPvLz1sST+rxvkwpgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I4ZTg2N2YzLTk0MzAtNGVjMi04YmUxLWM3NDA2YjEzN2UyYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4UjANBgkqhkiG9w0BAQsFAAOCAQEAy5DWnK0lWj++qOy6vVHdJYV+vau+
B//sawE5bRDe7llHBK525FQvpKTBQ5qEh5GUnNpoIgjvFzPAzsX5j4ih2SZcdTTh
CgIXlUC1eqJDO8Gu0aauP6rERpNmJiAPCSA1ytHnwMnrn1biwOMWETjpDh8w2ndR
1iGwR+GadS6/vqJ/HCo1kPqBfdMqNSckDJgko03wt2tkalySi/rcw7pxzAKN6qUC
aTjeZx+RYX4tWzzstD+p8sIeOHthZFlB4EGtRAcQqZ46BIrJ50+R+lw+U386M/IQ
H08caoNxNky5XBmXv+2QuyYH12ED1D4O0eo2hRSvhEH21ZPNJELZBIFEPg==
-----END CERTIFICATE-----