Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ed9be880-ae2a-4318-8a4e-68b0d8002e36.roa
File:                     ed9be880-ae2a-4318-8a4e-68b0d8002e36.roa (raw, json)
Hash identifier:          j89iIJNyqw+st5mP7RFhQJzT9WD3RrAt0qscXgb3p8c=
Subject key identifier:   F2:CC:FB:6F:DB:ED:4B:68:79:A9:12:83:0D:A7:1B:1B:EF:6A:FA:6B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       45F935C8CD774CAB081FB08F703E87824E514789
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ed9be880-ae2a-4318-8a4e-68b0d8002e36.roa
Signing time:             Tue 21 Oct 2025 00:41:32 +0000
ROA not before:           Tue 21 Oct 2025 00:41:32 +0000
ROA not after:            Tue 25 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        160.223.128.0/19 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:f9:35:c8:cd:77:4c:ab:08:1f:b0:8f:70:3e:87:82:4e:51:47:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 21 00:41:32 2025 GMT
            Not After : Nov 25 23:59:59 2025 GMT
        Subject: serialNumber=1e13fead586aba5ee8d6f4e6153837d328646dcf3ed3f63fd642399640d9269e, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:9e:d3:69:0e:0c:4b:de:e1:62:e7:bf:c6:b5:
                    ad:5d:fc:71:2e:fb:3d:14:8e:36:76:f2:80:6e:60:
                    8b:6b:bf:50:eb:bd:69:04:0f:c2:e5:96:08:67:2c:
                    cf:8c:00:e1:f2:0f:4b:72:ef:0d:cc:f9:24:37:ac:
                    b5:87:f9:50:2c:2f:31:07:97:6e:75:3a:c8:43:a8:
                    a5:93:74:ae:12:17:47:97:e2:af:61:43:12:55:b3:
                    0a:25:56:eb:e3:e4:4a:10:ee:76:57:d8:99:b1:75:
                    46:9e:f5:40:41:3d:98:c4:f9:e0:eb:f5:90:85:06:
                    69:af:ef:b7:88:d2:0c:b6:e6:32:c4:50:e6:70:24:
                    ca:b3:5e:a6:07:65:90:45:58:0c:9d:e7:f2:78:79:
                    0c:e7:54:1f:6f:de:af:8b:51:ad:6f:a3:ed:95:1d:
                    63:d6:bf:04:1c:0f:c4:c8:0e:8f:98:4a:b9:b9:49:
                    9c:83:c8:ac:d4:99:15:26:6a:7d:a6:55:d2:4a:fc:
                    8c:c5:ef:76:60:c1:7c:a0:c9:9f:63:4d:6e:c6:07:
                    cf:e6:a3:c7:cf:2b:54:e2:b8:91:d5:fc:9f:53:d6:
                    5e:15:0d:5c:52:4f:e0:c7:c2:dd:69:e2:69:37:ef:
                    a1:96:12:4b:1f:77:15:e4:e6:51:f8:33:60:95:ca:
                    c4:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:CC:FB:6F:DB:ED:4B:68:79:A9:12:83:0D:A7:1B:1B:EF:6A:FA:6B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ed9be880-ae2a-4318-8a4e-68b0d8002e36.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.223.128.0/19

    Signature Algorithm: sha256WithRSAEncryption
         1a:dd:ee:46:6b:f2:e7:71:10:0e:3a:c0:ef:a5:14:f8:84:9e:
         42:bd:5a:24:d4:2e:a0:e1:57:35:2c:6c:b6:e0:a7:83:8a:49:
         68:18:36:57:5c:d9:32:09:5a:6e:2c:50:49:88:3c:b4:9f:d4:
         e3:2a:45:7d:87:36:95:7a:cc:f7:a3:be:7d:e8:0f:db:1e:dc:
         7c:79:95:c2:a9:de:56:20:8a:5d:39:2b:1b:04:a7:7b:15:78:
         30:df:a4:8f:2d:36:db:3a:8e:de:53:d3:c8:cc:8d:e0:10:fc:
         ff:e3:fd:40:93:55:a7:c8:f4:6c:28:1c:5c:ab:4e:96:da:c8:
         86:33:7e:82:ec:9b:4c:b8:ce:8f:04:f2:50:61:27:ab:b9:dc:
         39:fc:d8:c1:8a:f3:be:a4:df:12:cc:32:e4:24:27:b0:14:6d:
         70:2d:58:21:fb:44:98:8b:03:da:92:4e:ff:26:05:51:97:94:
         6b:e4:e7:96:0d:be:b6:c5:b3:55:c1:b5:8d:1e:57:7b:4a:f7:
         b4:5e:49:a8:91:2c:16:46:54:25:3a:a6:6d:3d:e9:a8:e8:0f:
         56:3b:13:ed:dd:c3:14:50:f7:9e:37:3d:a5:ed:0e:75:b2:e7:
         6a:c0:2c:61:4d:66:3f:b8:05:da:58:53:b5:0c:44:f8:7e:e0:
         f5:f2:bd:a0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURfk1yM13TKsIH7CPcD6Hgk5RR4kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIxMDA0MTMyWhcNMjUxMTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0AxZTEzZmVhZDU4NmFiYTVlZThkNmY0ZTYxNTM4MzdkMzI4
NjQ2ZGNmM2VkM2Y2M2ZkNjQyMzk5NjQwZDkyNjllMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDmntNpDgxL3uFi57/Gta1d/HEu+z0UjjZ28oBuYItrv1Dr
vWkED8LllghnLM+MAOHyD0ty7w3M+SQ3rLWH+VAsLzEHl251OshDqKWTdK4SF0eX
4q9hQxJVswolVuvj5EoQ7nZX2JmxdUae9UBBPZjE+eDr9ZCFBmmv77eI0gy25jLE
UOZwJMqzXqYHZZBFWAyd5/J4eQznVB9v3q+LUa1vo+2VHWPWvwQcD8TIDo+YSrm5
SZyDyKzUmRUman2mVdJK/IzF73ZgwXygyZ9jTW7GB8/mo8fPK1TiuJHV/J9T1l4V
DVxST+DHwt1p4mk376GWEksfdxXk5lH4M2CVysQhAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU8sz7b9vtS2h5qRKDDacbG+9q+mswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2VkOWJlODgwLWFlMmEtNDMxOC04YTRlLTY4YjBkODAwMmUzNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAWg34AwDQYJKoZIhvcNAQELBQADggEBABrd7kZr8udxEA46wO+lFPiEnkK9
WiTULqDhVzUsbLbgp4OKSWgYNldc2TIJWm4sUEmIPLSf1OMqRX2HNpV6zPejvn3o
D9se3Hx5lcKp3lYgil05KxsEp3sVeDDfpI8tNts6jt5T08jMjeAQ/P/j/UCTVafI
9GwoHFyrTpbayIYzfoLsm0y4zo8E8lBhJ6u53Dn82MGK876k3xLMMuQkJ7AUbXAt
WCH7RJiLA9qSTv8mBVGXlGvk55YNvrbFs1XBtY0eV3tK97ReSaiRLBZGVCU6pm09
6ajoD1Y7E+3dwxRQ9543PaXtDnWy52rALGFNZj+4BdpYU7UMRPh+4PXyvaA=
-----END CERTIFICATE-----