Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ec82d39f-e496-445b-b47e-f9450ba4b273.roa
File:                     ec82d39f-e496-445b-b47e-f9450ba4b273.roa (raw, json)
Hash identifier:          to4ykSYSvKOfWkxAxf17AfiTHdbEaYoo/Ka26TxJizY=
Subject key identifier:   A5:2D:2A:8A:C1:C6:74:A2:0B:03:F7:54:F1:51:C3:5E:C4:AA:B8:2F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       04C38DD489D5963590A156C0905061230A88A7EF
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ec82d39f-e496-445b-b47e-f9450ba4b273.roa
Signing time:             Fri 03 Oct 2025 00:40:16 +0000
ROA not before:           Fri 03 Oct 2025 00:40:16 +0000
ROA not after:            Fri 07 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.93.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:c3:8d:d4:89:d5:96:35:90:a1:56:c0:90:50:61:23:0a:88:a7:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  3 00:40:16 2025 GMT
            Not After : Nov  7 23:59:59 2025 GMT
        Subject: serialNumber=dd894924306b6eb35e9d3d7579cc19c05ed5ce02aaddccb81780f5d4c0f4e5f6, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:90:23:45:8d:e1:fd:46:2c:b9:47:ae:51:46:
                    aa:58:c2:e2:4d:6b:b2:c2:e6:c7:45:b8:8b:ad:c1:
                    6b:21:f3:a7:ab:cf:bb:d7:cc:1e:56:aa:93:a4:3e:
                    b3:f7:57:6d:c4:c9:c4:1b:33:9e:6f:40:57:5a:4d:
                    ee:1d:2f:14:7b:72:a3:29:3b:76:10:35:b1:76:26:
                    2e:43:7d:01:c8:3d:c4:d7:b0:98:1e:6b:4f:e8:29:
                    12:2f:01:c7:11:b5:2e:e3:54:5b:de:1f:66:22:e0:
                    8a:3e:5b:65:cd:b0:78:a0:6e:13:f5:29:6a:f4:6d:
                    f2:65:ed:da:5e:5e:cf:f6:a9:7d:7e:31:b4:f9:c1:
                    1d:6a:72:64:32:3e:df:84:ff:4c:a9:4a:d3:3e:50:
                    a8:dc:12:27:20:16:b1:91:00:f9:4a:de:b4:bc:88:
                    7d:e1:64:65:57:6e:dc:fc:8c:39:d9:24:1c:bc:85:
                    a2:74:9f:c2:76:cc:0f:fe:96:6c:4e:ab:49:59:10:
                    12:42:27:15:57:6d:bc:f9:2c:f9:77:cd:73:68:0a:
                    94:ad:db:ac:27:c9:13:92:4b:74:04:9f:06:05:e7:
                    e0:ce:16:b1:18:b8:c9:4a:7d:25:34:dc:81:93:9d:
                    c7:f6:77:03:e4:f2:de:38:6a:a4:4a:a7:c9:36:eb:
                    1a:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:2D:2A:8A:C1:C6:74:A2:0B:03:F7:54:F1:51:C3:5E:C4:AA:B8:2F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ec82d39f-e496-445b-b47e-f9450ba4b273.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.93.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         a9:2b:cb:25:34:fa:8a:85:11:c0:0f:7d:55:b2:3e:13:29:6c:
         c4:70:4e:e6:d5:7f:99:ec:53:b1:fb:ba:6e:e1:7e:c4:aa:df:
         c6:a2:54:86:ca:a2:31:ff:77:61:ea:38:de:6d:91:98:41:71:
         28:c1:79:6f:47:91:d5:7b:f3:59:0a:6c:e8:6e:1d:b5:64:49:
         80:ff:6c:85:1d:0b:f5:96:e7:94:22:53:d8:b9:69:82:b5:c4:
         21:ae:75:ce:5f:c7:b4:91:ba:f7:39:24:de:56:d0:c0:bd:71:
         0a:40:65:1f:99:8d:c5:6d:96:06:fe:bf:81:27:52:c1:aa:6b:
         45:d3:a0:ed:20:af:f7:6b:2e:62:e6:b0:f2:7d:23:46:5b:78:
         b7:e5:42:03:fc:ea:ae:8d:20:9a:ec:1e:33:10:8e:e0:4c:63:
         9a:de:a7:b0:49:6d:20:55:68:e8:d7:c2:fa:6f:30:75:b6:c0:
         a8:11:33:c5:97:fd:53:79:cd:63:aa:b1:d4:50:ca:b5:8d:56:
         60:bd:bf:98:88:ab:ef:7f:86:32:60:06:df:9e:25:6f:e4:1c:
         81:17:81:3f:35:90:c5:8a:89:6a:9e:69:a3:77:5a:9e:5f:73:
         a4:27:e5:7f:bd:d3:61:da:19:96:2f:db:86:d6:c4:21:7f:fd:
         7b:8f:56:62
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUBMON1InVljWQoVbAkFBhIwqIp+8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAzMDA0MDE2WhcNMjUxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BkZDg5NDkyNDMwNmI2ZWIzNWU5ZDNkNzU3OWNjMTljMDVl
ZDVjZTAyYWFkZGNjYjgxNzgwZjVkNGMwZjRlNWY2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCQkCNFjeH9Riy5R65RRqpYwuJNa7LC5sdFuIutwWsh86er
z7vXzB5WqpOkPrP3V23EycQbM55vQFdaTe4dLxR7cqMpO3YQNbF2Ji5DfQHIPcTX
sJgea0/oKRIvAccRtS7jVFveH2Yi4Io+W2XNsHigbhP1KWr0bfJl7dpeXs/2qX1+
MbT5wR1qcmQyPt+E/0ypStM+UKjcEicgFrGRAPlK3rS8iH3hZGVXbtz8jDnZJBy8
haJ0n8J2zA/+lmxOq0lZEBJCJxVXbbz5LPl3zXNoCpSt26wnyROSS3QEnwYF5+DO
FrEYuMlKfSU03IGTncf2dwPk8t44aqRKp8k26xoFAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUpS0qisHGdKILA/dU8VHDXsSquC8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2VjODJkMzlmLWU0OTYtNDQ1Yi1iNDdlLWY5NDUwYmE0YjI3My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4XTANBgkqhkiG9w0BAQsFAAOCAQEAqSvLJTT6ioURwA99VbI+EylsxHBO
5tV/mexTsfu6buF+xKrfxqJUhsqiMf93Yeo43m2RmEFxKMF5b0eR1XvzWQps6G4d
tWRJgP9shR0L9ZbnlCJT2LlpgrXEIa51zl/HtJG69zkk3lbQwL1xCkBlH5mNxW2W
Bv6/gSdSwaprRdOg7SCv92suYuaw8n0jRlt4t+VCA/zqro0gmuweMxCO4Exjmt6n
sEltIFVo6NfC+m8wdbbAqBEzxZf9U3nNY6qx1FDKtY1WYL2/mIir73+GMmAG354l
b+QcgReBPzWQxYqJap5po3danl9zpCflf73TYdoZli/bhtbEIX/9e49WYg==
-----END CERTIFICATE-----