Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fe4dae27-bd0b-4693-9fd3-05309ef5d4ee.roa
File:                     fe4dae27-bd0b-4693-9fd3-05309ef5d4ee.roa (raw, json)
Hash identifier:          KAeL6OD57dPl5IHSgfcyHRRjumVPFqjpH6qjf5ZD9cc=
Subject key identifier:   61:A8:66:63:53:6A:60:B5:13:8B:CB:01:1C:7D:5B:BA:56:7E:82:07
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3C27734C063D429EB71ADB6C82D27EE1EBAFB70B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fe4dae27-bd0b-4693-9fd3-05309ef5d4ee.roa
Signing time:             Sat 25 Oct 2025 00:21:28 +0000
ROA not before:           Sat 25 Oct 2025 00:21:28 +0000
ROA not after:            Sat 29 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.181.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:27:73:4c:06:3d:42:9e:b7:1a:db:6c:82:d2:7e:e1:eb:af:b7:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 25 00:21:28 2025 GMT
            Not After : Nov 29 23:59:59 2025 GMT
        Subject: serialNumber=eadefa47d0c0c85814346dfec3b864cc56e946bcb3d52671e6d528e015746cd8, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:97:b7:b6:1d:50:d8:ab:fa:ee:24:41:d9:ef:
                    87:4b:c0:82:77:c0:dc:81:94:98:c1:98:dd:1b:3c:
                    62:8c:24:f8:1f:0a:01:7d:d7:d8:b0:c6:e6:b9:4b:
                    56:57:c9:ba:01:a5:be:86:a2:ea:02:96:a5:d5:53:
                    da:c3:69:09:a4:47:b9:21:6d:39:8d:7c:23:bc:55:
                    0a:8f:d7:c7:8b:ef:ff:2a:a4:08:6a:6f:9f:43:ea:
                    dc:5b:68:6b:95:08:10:59:12:46:39:5c:d9:d9:b9:
                    4b:7f:5c:a9:72:a8:de:1d:e7:be:c7:d7:6f:f5:b8:
                    95:93:06:73:22:a1:9f:b6:8d:85:0f:88:22:c0:c2:
                    7c:84:0d:d0:38:cd:ce:6a:28:50:32:bc:92:59:87:
                    3b:1b:45:d5:6e:d0:3d:ac:e8:8f:4b:cc:fb:2f:29:
                    29:1c:38:7e:c9:d9:6a:fb:8a:3f:65:0c:be:e8:6d:
                    94:62:c7:b9:61:ee:dd:33:bb:66:ee:49:4f:d4:71:
                    47:67:bc:93:e0:5d:d3:b5:7f:0e:08:2a:44:28:4c:
                    8e:42:6a:07:ea:89:44:b8:16:c0:58:e5:44:8b:99:
                    24:3d:e8:ef:a6:18:c7:e0:f5:21:92:38:31:35:c6:
                    8d:b1:6c:e3:f7:38:16:62:e6:36:a8:48:84:13:8f:
                    44:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:A8:66:63:53:6A:60:B5:13:8B:CB:01:1C:7D:5B:BA:56:7E:82:07
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fe4dae27-bd0b-4693-9fd3-05309ef5d4ee.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.181.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         7e:b5:ff:ce:b7:df:66:90:28:8f:5a:3e:aa:c6:ef:9e:4b:ba:
         35:8f:75:53:98:2d:c3:dd:21:50:6e:e2:2e:e7:9c:62:6e:6c:
         c2:ee:46:3f:59:80:29:18:96:39:33:ce:07:0f:76:1e:0d:df:
         78:0f:18:f0:98:1b:79:13:cd:b5:0a:ca:4f:86:be:b2:d6:b1:
         88:41:a5:f8:ba:4d:7c:df:8d:60:96:e4:c7:5e:3a:1b:c9:b9:
         a7:2e:e0:76:65:9d:8b:bf:92:bb:e2:d6:b8:8d:5b:a0:5a:4e:
         f9:98:63:53:40:29:33:41:95:aa:73:0b:ee:8d:79:74:4c:7d:
         dc:8f:ba:99:bb:2c:8a:1f:2e:e9:4d:fa:96:69:8d:ed:61:49:
         8d:bf:7c:d1:06:c9:07:e2:cc:a6:3d:b9:83:22:64:8a:58:24:
         4a:a2:78:4d:98:2e:ef:3b:87:38:7b:60:bd:70:7e:5c:38:d3:
         b5:6e:b7:cc:76:4c:58:d5:bc:82:2d:f4:04:59:fa:65:5c:d8:
         58:54:6f:73:4f:75:5f:0d:fc:97:cd:a3:d5:99:63:43:91:cd:
         86:c8:92:ab:51:f9:f6:b9:e8:fb:63:d3:2f:ea:65:9d:ad:60:
         2d:35:7f:79:35:18:a1:34:f0:c1:fd:db:fa:75:8d:63:89:35:
         bb:5a:65:66
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUPCdzTAY9Qp63GttsgtJ+4euvtwswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI1MDAyMTI4WhcNMjUxMTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BlYWRlZmE0N2QwYzBjODU4MTQzNDZkZmVjM2I4NjRjYzU2
ZTk0NmJjYjNkNTI2NzFlNmQ1MjhlMDE1NzQ2Y2Q4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCjl7e2HVDYq/ruJEHZ74dLwIJ3wNyBlJjBmN0bPGKMJPgf
CgF919iwxua5S1ZXyboBpb6GouoClqXVU9rDaQmkR7khbTmNfCO8VQqP18eL7/8q
pAhqb59D6txbaGuVCBBZEkY5XNnZuUt/XKlyqN4d577H12/1uJWTBnMioZ+2jYUP
iCLAwnyEDdA4zc5qKFAyvJJZhzsbRdVu0D2s6I9LzPsvKSkcOH7J2Wr7ij9lDL7o
bZRix7lh7t0zu2buSU/UcUdnvJPgXdO1fw4IKkQoTI5CagfqiUS4FsBY5USLmSQ9
6O+mGMfg9SGSODE1xo2xbOP3OBZi5jaoSIQTj0QxAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUYahmY1NqYLUTi8sBHH1bulZ+ggcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ZlNGRhZTI3LWJkMGItNDY5My05ZmQzLTA1MzA5ZWY1ZDRlZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQtTANBgkqhkiG9w0BAQsFAAOCAQEAfrX/zrffZpAoj1o+qsbvnku6NY91
U5gtw90hUG7iLuecYm5swu5GP1mAKRiWOTPOBw92Hg3feA8Y8JgbeRPNtQrKT4a+
staxiEGl+LpNfN+NYJbkx146G8m5py7gdmWdi7+Su+LWuI1boFpO+ZhjU0ApM0GV
qnML7o15dEx93I+6mbssih8u6U36lmmN7WFJjb980QbJB+LMpj25gyJkilgkSqJ4
TZgu7zuHOHtgvXB+XDjTtW63zHZMWNW8gi30BFn6ZVzYWFRvc091Xw38l82j1Zlj
Q5HNhsiSq1H59rno+2PTL+plna1gLTV/eTUYoTTwwf3b+nWNY4k1u1plZg==
-----END CERTIFICATE-----