Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d1a5f9bd-ede4-4387-85bf-7fdfd794a298.roa
File:                     d1a5f9bd-ede4-4387-85bf-7fdfd794a298.roa (raw, json)
Hash identifier:          LRSFm5nq4W1TXuZzN4MzEaKsXV7LINqejO/ZBg1v85k=
Subject key identifier:   F1:E5:75:9C:31:FB:28:39:B2:1C:62:CD:4A:7C:E4:81:66:B3:B7:F5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0D6AD533DA6FB8E545172365B634447F741B1D0C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d1a5f9bd-ede4-4387-85bf-7fdfd794a298.roa
Signing time:             Tue 23 Sep 2025 16:42:27 +0000
ROA not before:           Tue 23 Sep 2025 16:42:27 +0000
ROA not after:            Tue 28 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.26.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:6a:d5:33:da:6f:b8:e5:45:17:23:65:b6:34:44:7f:74:1b:1d:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 23 16:42:27 2025 GMT
            Not After : Oct 28 23:59:59 2025 GMT
        Subject: serialNumber=b36eada2f9052fba7b277e1391e17c39cda6aa1928093d454896778bcd5ddb81, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:58:28:39:c0:bb:d9:83:46:a1:8c:f1:36:7b:
                    dd:0e:dd:0d:9d:7d:ee:be:30:26:13:e5:79:f5:69:
                    df:7b:52:e2:15:a7:d4:f6:dd:73:49:5d:1e:e7:8c:
                    cc:fc:fa:7b:b0:17:25:82:68:ce:20:8a:e5:58:69:
                    e0:2f:c4:df:69:a1:76:bf:60:98:5b:49:d5:65:6d:
                    8c:5f:ae:3d:2c:0d:52:50:1d:20:81:b2:63:4c:09:
                    cf:d5:ee:c9:fc:26:17:d4:9f:f8:8b:2e:fe:10:86:
                    f2:67:21:6f:44:e3:a6:04:e7:26:00:91:56:93:74:
                    e4:06:50:7e:5b:9f:8e:a2:b4:94:a4:d6:05:0a:66:
                    67:80:ce:b2:aa:00:4d:c6:ee:f8:d2:8f:7a:d8:8a:
                    2f:93:c6:25:30:95:bb:82:9e:0b:d4:56:34:11:b8:
                    84:b5:1e:4d:92:2d:4e:b0:f1:a2:d7:fb:12:58:c6:
                    8b:15:5c:8a:ee:96:a7:2d:00:d8:c7:9b:7f:f6:8e:
                    8e:96:ef:b1:13:74:af:10:a7:d3:6e:dc:a6:57:62:
                    85:46:e6:50:92:be:be:6e:f7:ab:9f:48:7e:07:70:
                    f9:07:f4:4a:b2:6a:f7:04:02:85:54:62:df:d8:6b:
                    7e:4a:24:6e:09:99:de:23:2f:ac:e3:50:cb:b1:3f:
                    9a:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:E5:75:9C:31:FB:28:39:B2:1C:62:CD:4A:7C:E4:81:66:B3:B7:F5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d1a5f9bd-ede4-4387-85bf-7fdfd794a298.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.26.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         ac:33:52:f7:1f:cd:2a:8d:c6:f6:80:ad:47:29:c5:0f:d5:f5:
         6f:36:05:60:f2:08:1e:be:ed:d9:a2:60:d8:43:ab:1e:24:bb:
         f5:30:2c:ac:92:58:d3:8f:c3:c3:c5:89:75:eb:e9:72:ae:2b:
         bb:ad:a9:ad:2d:71:e3:be:2e:3c:48:68:49:5b:8a:cc:b0:63:
         6c:96:21:c9:6d:81:1d:22:1b:71:05:97:78:51:df:38:4d:dd:
         76:51:d9:67:e4:6f:8c:18:aa:87:14:56:f3:59:08:81:65:34:
         b7:92:ac:19:7b:1e:82:89:46:65:27:c1:e8:5d:17:a5:74:86:
         55:3e:5f:e5:e7:85:5b:73:03:4c:5e:51:c6:c0:76:0c:21:8d:
         fa:2b:28:d7:b9:7e:79:d6:b5:7b:ff:0b:a4:87:2c:ea:ce:35:
         0e:f6:f4:45:36:58:b9:30:9d:77:63:bd:89:d3:bb:5c:3e:4e:
         a4:e7:e3:d1:81:0a:4c:c8:58:09:17:5e:c8:cc:84:74:4e:de:
         2f:2b:52:32:4c:27:1c:ac:15:e6:33:11:b1:36:7a:74:de:c2:
         8f:ed:bc:46:8f:b3:79:be:d2:80:b6:f3:b8:8d:32:ff:b8:73:
         7c:4d:d9:b8:07:91:a4:9d:f3:44:a3:b7:1b:78:90:0c:a2:14:
         09:f1:89:a4
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUDWrVM9pvuOVFFyNltjREf3QbHQwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTIzMTY0MjI3WhcNMjUxMDI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BiMzZlYWRhMmY5MDUyZmJhN2IyNzdlMTM5MWUxN2MzOWNk
YTZhYTE5MjgwOTNkNDU0ODk2Nzc4YmNkNWRkYjgxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDPWCg5wLvZg0ahjPE2e90O3Q2dfe6+MCYT5Xn1ad97UuIV
p9T23XNJXR7njMz8+nuwFyWCaM4giuVYaeAvxN9poXa/YJhbSdVlbYxfrj0sDVJQ
HSCBsmNMCc/V7sn8JhfUn/iLLv4QhvJnIW9E46YE5yYAkVaTdOQGUH5bn46itJSk
1gUKZmeAzrKqAE3G7vjSj3rYii+TxiUwlbuCngvUVjQRuIS1Hk2SLU6w8aLX+xJY
xosVXIrulqctANjHm3/2jo6W77ETdK8Qp9Nu3KZXYoVG5lCSvr5u96ufSH4HcPkH
9EqyavcEAoVUYt/Ya35KJG4Jmd4jL6zjUMuxP5r3AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU8eV1nDH7KDmyHGLNSnzkgWazt/UwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2QxYTVmOWJkLWVkZTQtNDM4Ny04NWJmLTdmZGZkNzk0YTI5OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA2GjANBgkqhkiG9w0BAQsFAAOCAQEArDNS9x/NKo3G9oCtRynFD9X1bzYF
YPIIHr7t2aJg2EOrHiS79TAsrJJY04/Dw8WJdevpcq4ru62prS1x474uPEhoSVuK
zLBjbJYhyW2BHSIbcQWXeFHfOE3ddlHZZ+RvjBiqhxRW81kIgWU0t5KsGXsegolG
ZSfB6F0XpXSGVT5f5eeFW3MDTF5RxsB2DCGN+iso17l+eda1e/8LpIcs6s41Dvb0
RTZYuTCdd2O9idO7XD5OpOfj0YEKTMhYCRdeyMyEdE7eLytSMkwnHKwV5jMRsTZ6
dN7Cj+28Ro+zeb7SgLbzuI0y/7hzfE3ZuAeRpJ3zRKO3G3iQDKIUCfGJpA==
-----END CERTIFICATE-----