Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e4274e13-b3eb-47ca-8f50-e130d402b187.roa
File:                     e4274e13-b3eb-47ca-8f50-e130d402b187.roa (raw, json)
Hash identifier:          7fu61xYjgSdMXFfkAX77M9rZGsjGACd3TMfBxTM+WJI=
Subject key identifier:   5D:FA:5D:06:20:FA:78:CB:75:62:FD:E6:F1:DD:AB:B9:42:D5:E2:2A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       679A54ED2F833F0D082035F6B35B324D44DBEAE0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e4274e13-b3eb-47ca-8f50-e130d402b187.roa
Signing time:             Sun 26 Oct 2025 00:11:27 +0000
ROA not before:           Sun 26 Oct 2025 00:11:27 +0000
ROA not after:            Sun 30 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.167.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:9a:54:ed:2f:83:3f:0d:08:20:35:f6:b3:5b:32:4d:44:db:ea:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 26 00:11:27 2025 GMT
            Not After : Nov 30 23:59:59 2025 GMT
        Subject: serialNumber=c5deb07a14f79ac60a7e277c37550d43678fb5be3ae97aae861353874b18e4ad, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:83:92:a7:2c:6c:04:10:c6:d7:d7:31:13:92:
                    9d:6e:67:0e:4a:6f:7e:c4:14:2c:22:df:bd:92:3e:
                    f4:39:3e:9f:fd:1e:a8:05:9a:97:d7:91:ac:46:d7:
                    72:7d:f9:ab:04:ed:17:24:56:db:e4:69:b9:1f:50:
                    f0:10:b5:c6:08:a1:2b:2a:7a:69:d2:ae:ca:10:0f:
                    88:94:1a:92:db:c1:06:6d:33:4b:5a:c3:b4:13:5a:
                    69:84:39:d5:a4:71:50:7f:97:fb:a8:de:0a:38:d0:
                    6f:4f:9d:72:6a:b3:a7:8f:94:b1:77:2b:21:31:aa:
                    68:ee:a7:53:3e:56:e4:33:f4:5f:c2:f1:f2:17:a6:
                    a6:7e:90:ff:8f:5b:83:fe:b7:26:2c:c3:90:8a:a2:
                    8a:b8:cd:21:f2:7f:7e:c2:f5:59:04:3f:6d:1a:b3:
                    ca:4f:1f:2e:34:c3:a6:95:15:39:18:68:fc:ee:28:
                    17:07:cd:b3:dd:35:95:50:67:c4:77:b9:ab:92:d5:
                    06:b6:41:c9:34:e9:4c:1b:9d:c4:e8:99:8a:35:88:
                    3e:46:98:73:5f:40:6e:b7:cd:75:25:15:a4:b9:46:
                    48:79:a2:71:41:85:2c:6d:8c:b8:22:db:65:88:3b:
                    a4:7c:55:cb:5b:90:35:9e:2c:5d:0b:df:2f:17:5d:
                    af:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:FA:5D:06:20:FA:78:CB:75:62:FD:E6:F1:DD:AB:B9:42:D5:E2:2A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e4274e13-b3eb-47ca-8f50-e130d402b187.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.167.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         87:76:c4:58:c5:c3:66:59:d6:b6:23:3f:4c:0b:76:a4:2a:59:
         3a:f5:7d:81:a2:5b:28:5e:67:b7:e2:3f:6a:75:bc:bc:08:26:
         4e:4d:62:93:43:c5:4e:a9:23:3f:70:77:6f:7a:1c:bc:e8:fb:
         f0:3e:a6:61:87:b7:e8:53:50:d2:49:95:1e:00:1d:b6:65:ea:
         9d:4c:41:e4:07:dc:f8:6f:44:ad:8c:c7:ab:1f:13:ae:ed:dd:
         ab:d1:3e:13:14:4b:ee:2e:ab:12:fa:ed:f3:9f:6a:1d:43:36:
         cb:76:5b:63:fe:8d:d8:d2:94:a8:1f:7d:66:f9:99:29:a7:b2:
         db:2d:05:89:3e:43:3c:64:68:3f:03:5d:6e:5c:d9:63:ec:a3:
         ca:66:e3:52:67:e7:18:e0:89:16:52:5b:2e:5d:ad:2a:86:bf:
         20:58:04:a6:1f:e7:eb:b1:8f:ad:c5:de:03:9c:20:ad:ac:aa:
         bc:89:61:d6:e8:65:ad:f0:ee:5d:d2:4a:02:e6:ad:e4:e8:97:
         46:9a:c3:1d:db:a8:30:4f:2c:fd:3a:18:4b:99:71:2e:3f:1b:
         3b:a5:1b:eb:85:04:db:9e:b8:95:2d:07:15:71:77:e1:15:28:
         c0:0f:9e:9e:8b:b7:be:3c:3f:8f:a9:4a:cd:1a:4f:e8:b4:21:
         e9:a6:7c:97
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUZ5pU7S+DPw0IIDX2s1syTUTb6uAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI2MDAxMTI3WhcNMjUxMTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BjNWRlYjA3YTE0Zjc5YWM2MGE3ZTI3N2MzNzU1MGQ0MzY3
OGZiNWJlM2FlOTdhYWU4NjEzNTM4NzRiMThlNGFkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDag5KnLGwEEMbX1zETkp1uZw5Kb37EFCwi372SPvQ5Pp/9
HqgFmpfXkaxG13J9+asE7RckVtvkabkfUPAQtcYIoSsqemnSrsoQD4iUGpLbwQZt
M0taw7QTWmmEOdWkcVB/l/uo3go40G9PnXJqs6ePlLF3KyExqmjup1M+VuQz9F/C
8fIXpqZ+kP+PW4P+tyYsw5CKooq4zSHyf37C9VkEP20as8pPHy40w6aVFTkYaPzu
KBcHzbPdNZVQZ8R3uauS1Qa2Qck06UwbncTomYo1iD5GmHNfQG63zXUlFaS5Rkh5
onFBhSxtjLgi22WIO6R8VctbkDWeLF0L3y8XXa+HAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUXfpdBiD6eMt1Yv3m8d2ruULV4iowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U0Mjc0ZTEzLWIzZWItNDdjYS04ZjUwLWUxMzBkNDAyYjE4Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4pzANBgkqhkiG9w0BAQsFAAOCAQEAh3bEWMXDZlnWtiM/TAt2pCpZOvV9
gaJbKF5nt+I/anW8vAgmTk1ik0PFTqkjP3B3b3ocvOj78D6mYYe36FNQ0kmVHgAd
tmXqnUxB5Afc+G9ErYzHqx8Tru3dq9E+ExRL7i6rEvrt859qHUM2y3ZbY/6N2NKU
qB99ZvmZKaey2y0FiT5DPGRoPwNdblzZY+yjymbjUmfnGOCJFlJbLl2tKoa/IFgE
ph/n67GPrcXeA5wgrayqvIlh1uhlrfDuXdJKAuat5OiXRprDHduoME8s/ToYS5lx
Lj8bO6Ub64UE2564lS0HFXF34RUowA+enou3vjw/j6lKzRpP6LQh6aZ8lw==
-----END CERTIFICATE-----