Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/26ebf15b-8b83-4ca7-9786-65e57e8877c3.roa
File:                     26ebf15b-8b83-4ca7-9786-65e57e8877c3.roa (raw, json)
Hash identifier:          w6ViFx0Utm1OVmjkQrqmeAzCsHyDSsS+ZQ/T5xiNzi0=
Subject key identifier:   1E:5E:B6:53:5E:88:D7:D4:38:2E:AC:C5:D7:FD:EA:BF:A6:00:37:84
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6CEF4FFBE43BE866D8A546C4417DE4AB0E70D857
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/26ebf15b-8b83-4ca7-9786-65e57e8877c3.roa
Signing time:             Sun 02 Nov 2025 00:00:06 +0000
ROA not before:           Sun 02 Nov 2025 00:00:06 +0000
ROA not after:            Sun 07 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.250.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:ef:4f:fb:e4:3b:e8:66:d8:a5:46:c4:41:7d:e4:ab:0e:70:d8:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  2 00:00:06 2025 GMT
            Not After : Dec  7 23:59:59 2025 GMT
        Subject: serialNumber=f8071faa53e87a65f4fc6c8360ad764ee21e22fc5eb88e6c6f5c0db298f978be, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:e6:62:61:99:c4:eb:52:c4:d6:3d:99:1b:84:
                    80:c6:47:b8:12:dd:40:2e:00:c4:8f:04:f8:98:ac:
                    c2:90:54:89:f2:3e:a4:47:a3:79:86:a1:46:ba:eb:
                    e0:5c:e4:90:2c:96:c4:d4:e9:7e:c6:68:4d:2f:bf:
                    c0:1f:49:96:dc:36:ed:4e:c4:aa:3e:01:39:77:2d:
                    6e:ca:be:7b:df:14:e3:04:82:fe:1e:a4:db:4c:89:
                    4c:e6:74:53:f3:b7:ab:f2:17:5a:4c:61:e4:77:bd:
                    7d:17:22:ce:02:5a:b2:a9:91:af:34:78:26:3c:95:
                    1d:63:0a:e5:fc:f2:3d:5e:6f:3c:56:2b:e1:a6:b2:
                    8a:82:15:70:df:3f:92:4c:5e:cf:f1:b6:64:5a:44:
                    b3:ea:2d:e1:7e:92:80:56:12:50:df:24:01:2a:ad:
                    2e:79:17:76:49:85:c9:ee:43:f5:f2:e5:f4:14:05:
                    ad:b1:08:fa:00:d1:c1:ea:e2:ff:07:45:c6:b7:54:
                    f5:1c:53:ae:5d:97:8c:7f:4d:9b:70:58:94:d1:4d:
                    cd:8e:8f:1f:3e:8c:4b:78:55:56:1c:8d:50:34:5c:
                    b6:5b:f4:4a:8e:74:cd:da:39:7f:20:29:9d:09:00:
                    b3:42:89:15:24:e2:a8:ab:8e:e9:02:3b:92:60:d1:
                    ef:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:5E:B6:53:5E:88:D7:D4:38:2E:AC:C5:D7:FD:EA:BF:A6:00:37:84
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/26ebf15b-8b83-4ca7-9786-65e57e8877c3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.250.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         96:8e:8a:22:af:d4:41:e2:69:24:45:53:77:8a:4b:9a:d7:4e:
         9e:b5:d9:b9:0e:93:7c:1a:14:85:5f:ed:f3:94:f8:e2:93:a4:
         cd:ae:a9:01:7c:cf:e5:3a:31:51:9a:e6:6a:54:b7:e4:45:a5:
         c6:e2:35:79:b3:87:11:9e:05:e6:f3:f3:50:ff:11:55:8b:1f:
         06:78:80:ac:50:3a:bd:a1:59:6c:ad:65:08:fc:db:29:eb:c6:
         a8:d4:bd:0f:0d:41:cd:9b:80:76:63:f2:9e:5b:59:1f:fa:13:
         04:78:9c:d4:78:7b:65:a0:64:a1:ae:59:64:ed:e2:b8:fa:f0:
         5a:36:48:8d:df:e4:81:b8:ac:89:a7:a3:49:e3:b5:bc:5b:94:
         7a:3c:12:bd:5c:61:2a:27:c2:13:17:bc:0b:50:fe:1a:d0:21:
         48:31:f5:2a:55:4d:1e:b4:d3:e6:b0:b7:f0:1b:16:20:d0:04:
         67:b7:0d:29:e2:07:19:22:bf:ea:6c:3f:9a:37:15:94:d8:f6:
         60:f3:7a:52:4d:5d:21:29:aa:1e:35:22:22:26:ab:c6:08:ff:
         c3:aa:ed:b1:82:e7:a3:1d:af:50:54:ae:d7:d6:51:75:3f:8e:
         fb:6e:4f:cd:bb:e1:e3:50:29:cc:11:a6:c8:fc:3a:9e:35:44:
         a3:77:fb:3e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUbO9P++Q76GbYpUbEQX3kqw5w2FcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTAyMDAwMDA2WhcNMjUxMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BmODA3MWZhYTUzZTg3YTY1ZjRmYzZjODM2MGFkNzY0ZWUy
MWUyMmZjNWViODhlNmM2ZjVjMGRiMjk4Zjk3OGJlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDG5mJhmcTrUsTWPZkbhIDGR7gS3UAuAMSPBPiYrMKQVIny
PqRHo3mGoUa66+Bc5JAslsTU6X7GaE0vv8AfSZbcNu1OxKo+ATl3LW7KvnvfFOME
gv4epNtMiUzmdFPzt6vyF1pMYeR3vX0XIs4CWrKpka80eCY8lR1jCuX88j1ebzxW
K+GmsoqCFXDfP5JMXs/xtmRaRLPqLeF+koBWElDfJAEqrS55F3ZJhcnuQ/Xy5fQU
Ba2xCPoA0cHq4v8HRca3VPUcU65dl4x/TZtwWJTRTc2Ojx8+jEt4VVYcjVA0XLZb
9EqOdM3aOX8gKZ0JALNCiRUk4qirjukCO5Jg0e87AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUHl62U16I19Q4LqzF1/3qv6YAN4QwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI2ZWJmMTViLThiODMtNGNhNy05Nzg2LTY1ZTU3ZTg4NzdjMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4+jANBgkqhkiG9w0BAQsFAAOCAQEAlo6KIq/UQeJpJEVTd4pLmtdOnrXZ
uQ6TfBoUhV/t85T44pOkza6pAXzP5ToxUZrmalS35EWlxuI1ebOHEZ4F5vPzUP8R
VYsfBniArFA6vaFZbK1lCPzbKevGqNS9Dw1BzZuAdmPynltZH/oTBHic1Hh7ZaBk
oa5ZZO3iuPrwWjZIjd/kgbisiaejSeO1vFuUejwSvVxhKifCExe8C1D+GtAhSDH1
KlVNHrTT5rC38BsWINAEZ7cNKeIHGSK/6mw/mjcVlNj2YPN6Uk1dISmqHjUiIiar
xgj/w6rtsYLnox2vUFSu19ZRdT+O+25Pzbvh41ApzBGmyPw6njVEo3f7Pg==
-----END CERTIFICATE-----