Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/02a6c221-9314-4afd-bee3-8183cfd76fb0.roa
File:                     02a6c221-9314-4afd-bee3-8183cfd76fb0.roa (raw, json)
Hash identifier:          yunf+3qKqopsq8InOF5edjXqWuYunIB3pFv4XzOpPV0=
Subject key identifier:   63:45:44:7C:E2:B0:83:AA:A9:D1:45:89:8F:F2:7E:95:60:B0:2E:A5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3192127F05F9CA221E30CBE1C153D972D6FA5B51
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/02a6c221-9314-4afd-bee3-8183cfd76fb0.roa
Signing time:             Sat 01 Nov 2025 00:10:36 +0000
ROA not before:           Sat 01 Nov 2025 00:10:36 +0000
ROA not after:            Sat 06 Dec 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        16.15.192.0/18 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:92:12:7f:05:f9:ca:22:1e:30:cb:e1:c1:53:d9:72:d6:fa:5b:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  1 00:10:36 2025 GMT
            Not After : Dec  6 23:59:59 2025 GMT
        Subject: serialNumber=b37c91ed9d2db2a32d6e906300514aaaa5792aac06958eec3f93add2b92d9fa1, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:2a:82:bd:c0:ce:98:84:50:31:5c:1c:47:0e:
                    c6:55:c3:f2:ed:b6:e3:2b:b1:bd:fb:c0:e6:61:ae:
                    a3:c6:56:28:60:f1:5b:8b:c6:26:79:f6:97:46:64:
                    56:88:75:b7:86:77:7b:c2:80:e9:46:11:1c:c8:c1:
                    73:07:b3:0f:33:7b:60:d0:04:23:09:e7:bb:5a:24:
                    b1:03:d2:0e:27:b4:fe:ca:27:10:48:ce:70:bb:59:
                    55:52:ca:03:03:63:7f:54:73:ce:1a:a1:78:0d:f6:
                    37:0a:7d:ca:19:05:3b:86:ea:56:c4:2f:3a:d0:e5:
                    42:ed:56:be:1c:be:35:94:ed:3e:b1:ba:67:bb:61:
                    81:da:bb:22:e6:11:9c:f6:b8:6d:af:69:73:0e:e9:
                    97:da:3c:17:19:a5:7d:a3:6d:ab:11:e1:e3:e6:41:
                    ef:58:e6:a0:b9:cc:29:75:65:a1:ef:da:e5:5c:93:
                    63:19:01:d6:7e:3d:9e:32:44:ff:52:a1:05:54:37:
                    30:69:5e:43:38:de:55:c2:e3:93:f0:a2:44:5b:4b:
                    86:9b:18:c0:b9:39:26:bc:ea:44:c2:e9:11:39:bd:
                    71:06:72:dc:71:16:79:be:2f:ee:08:c0:96:30:c9:
                    cb:dc:69:7b:f4:81:47:94:b4:46:88:b3:da:c4:10:
                    25:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:45:44:7C:E2:B0:83:AA:A9:D1:45:89:8F:F2:7E:95:60:B0:2E:A5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/02a6c221-9314-4afd-bee3-8183cfd76fb0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.15.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         29:fb:56:f4:09:c9:85:5c:04:a7:d1:ac:7d:31:e4:dd:60:e6:
         a4:ec:40:92:f6:99:6c:45:58:84:8b:cf:b3:3a:1d:8e:be:dd:
         79:c3:67:d3:49:56:e8:71:95:c6:76:1a:91:f3:5d:87:4e:f7:
         a2:37:bf:56:f3:78:30:b7:fd:29:2c:ff:08:7b:e8:7a:cc:18:
         e1:38:27:e5:ca:1e:23:2b:2e:5c:85:b3:0e:15:8a:32:b7:04:
         92:82:67:2f:e3:1c:c3:3b:49:2f:91:a8:94:40:59:aa:ed:bc:
         92:9f:4b:bc:34:d1:3b:fe:43:7f:6c:be:27:3d:0f:74:2c:5c:
         07:0b:bc:04:79:79:ae:21:1c:af:c4:93:2b:40:48:df:2c:5f:
         7c:3c:10:b0:fa:1d:86:55:95:c4:d9:19:aa:e7:fc:0b:cb:f4:
         f5:89:8b:d3:cd:cb:21:d3:3c:b5:32:bf:31:6d:a1:54:7a:45:
         c2:7e:b7:9c:41:e4:c2:97:5e:6b:7d:b1:d7:f5:55:fd:ea:38:
         d9:b1:91:d8:98:7e:e7:85:eb:b4:8b:2f:9b:4c:7b:11:5e:af:
         94:af:08:98:e7:4c:bf:c1:27:ab:54:88:ba:d4:9f:37:ff:29:
         1a:3c:e9:5e:61:38:b5:10:a3:07:74:62:c2:31:b6:8a:1b:5b:
         bf:cf:14:d6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMZISfwX5yiIeMMvhwVPZctb6W1EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTAxMDAxMDM2WhcNMjUxMjA2MjM1OTU5
WjB6MUkwRwYDVQQFE0BiMzdjOTFlZDlkMmRiMmEzMmQ2ZTkwNjMwMDUxNGFhYWE1
NzkyYWFjMDY5NThlZWMzZjkzYWRkMmI5MmQ5ZmExMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDIKoK9wM6YhFAxXBxHDsZVw/LttuMrsb37wOZhrqPGVihg
8VuLxiZ59pdGZFaIdbeGd3vCgOlGERzIwXMHsw8ze2DQBCMJ57taJLED0g4ntP7K
JxBIznC7WVVSygMDY39Uc84aoXgN9jcKfcoZBTuG6lbELzrQ5ULtVr4cvjWU7T6x
ume7YYHauyLmEZz2uG2vaXMO6ZfaPBcZpX2jbasR4ePmQe9Y5qC5zCl1ZaHv2uVc
k2MZAdZ+PZ4yRP9SoQVUNzBpXkM43lXC45PwokRbS4abGMC5OSa86kTC6RE5vXEG
ctxxFnm+L+4IwJYwycvcaXv0gUeUtEaIs9rEECUtAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUY0VEfOKwg6qp0UWJj/J+lWCwLqUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzAyYTZjMjIxLTkzMTQtNGFmZC1iZWUzLTgxODNjZmQ3NmZiMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAYQD8AwDQYJKoZIhvcNAQELBQADggEBACn7VvQJyYVcBKfRrH0x5N1g5qTs
QJL2mWxFWISLz7M6HY6+3XnDZ9NJVuhxlcZ2GpHzXYdO96I3v1bzeDC3/Sks/wh7
6HrMGOE4J+XKHiMrLlyFsw4VijK3BJKCZy/jHMM7SS+RqJRAWartvJKfS7w00Tv+
Q39svic9D3QsXAcLvAR5ea4hHK/EkytASN8sX3w8ELD6HYZVlcTZGarn/AvL9PWJ
i9PNyyHTPLUyvzFtoVR6RcJ+t5xB5MKXXmt9sdf1Vf3qONmxkdiYfueF67SLL5tM
exFer5SvCJjnTL/BJ6tUiLrUnzf/KRo86V5hOLUQowd0YsIxtoobW7/PFNY=
-----END CERTIFICATE-----