Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3140b59c-e29d-4b8a-8974-b6c470960f1b.roa
File:                     3140b59c-e29d-4b8a-8974-b6c470960f1b.roa (raw, json)
Hash identifier:          uMCpRhph/AifzFnkZeaDlwvmL1Z1Wk3O5rrorw7xrrQ=
Subject key identifier:   16:C8:BB:B9:1B:8B:E5:DE:1C:87:93:6B:F0:76:C9:63:77:93:3F:9E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       05A04223F38DE82EEA28641ABF03AEB89F471447
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3140b59c-e29d-4b8a-8974-b6c470960f1b.roa
Signing time:             Sun 02 Nov 2025 00:30:10 +0000
ROA not before:           Sun 02 Nov 2025 00:30:10 +0000
ROA not after:            Sun 07 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.115.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:a0:42:23:f3:8d:e8:2e:ea:28:64:1a:bf:03:ae:b8:9f:47:14:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  2 00:30:10 2025 GMT
            Not After : Dec  7 23:59:59 2025 GMT
        Subject: serialNumber=3fc8456dea5744f3e7a65192e35f3138f479e6151a93ee3a4993a3e4f053593c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:ee:f6:85:2d:9d:4a:c7:f7:ea:5d:aa:d8:ad:
                    b8:2d:2d:a4:51:ab:cf:31:57:42:62:36:52:7c:7d:
                    dc:d6:01:12:e8:ba:41:0f:e6:00:15:78:66:c3:cd:
                    68:60:48:d9:95:c4:5a:39:34:4c:c2:93:e7:fb:98:
                    67:28:5e:60:ea:4d:90:e6:a2:21:26:06:82:0e:27:
                    58:e4:d5:8c:49:c2:cc:eb:e6:28:ab:06:a3:f1:ce:
                    7a:8e:10:12:39:7b:03:6b:a1:a6:6b:39:48:fe:7f:
                    86:28:cd:10:ce:1b:bf:cb:fe:c4:78:dd:7b:75:9f:
                    f0:96:25:cb:26:a5:4d:3b:e7:0a:10:25:03:c8:23:
                    75:08:f2:dd:28:77:e6:4b:b4:40:29:3e:36:2a:5a:
                    0b:9f:e0:8a:5b:f6:d2:f6:77:55:cd:97:80:4a:25:
                    e1:0a:3c:67:69:a4:16:e0:ae:88:5e:d6:e5:41:51:
                    18:81:12:2b:a0:2a:95:6e:f5:ed:8a:c8:5c:31:db:
                    34:08:9e:57:7f:8d:98:0b:7a:c4:99:51:46:5d:78:
                    6b:08:8e:3b:bf:88:b1:33:4b:3e:18:93:e1:15:ce:
                    97:a7:b8:ca:10:e5:f6:2c:d7:1d:2c:98:db:ed:68:
                    39:43:bf:fa:13:81:9c:e7:bd:08:ef:4b:06:6f:42:
                    f5:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:C8:BB:B9:1B:8B:E5:DE:1C:87:93:6B:F0:76:C9:63:77:93:3F:9E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3140b59c-e29d-4b8a-8974-b6c470960f1b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.115.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         d5:bb:da:73:58:14:e8:e5:d3:87:ce:6e:56:02:7d:e3:1f:7c:
         3d:1e:d9:fc:0a:59:92:6b:e2:52:c4:c1:7f:b3:eb:bb:07:15:
         1e:dc:98:0b:16:54:f6:a2:8b:6e:3e:fc:10:92:5e:9e:bb:70:
         29:df:4a:b0:3d:b7:fd:45:c6:b1:36:55:40:7b:72:2f:e8:8f:
         32:81:b2:e5:a1:47:a2:3d:95:7b:75:56:36:8d:16:e5:07:2b:
         d4:22:f7:2b:75:2c:6b:1b:9c:02:e8:64:e3:9b:da:93:76:8a:
         dd:c6:5e:37:fb:de:44:a6:dd:32:10:ee:78:0b:21:0d:83:97:
         c9:e9:2a:1e:df:98:61:f2:db:ab:79:49:df:0c:ab:9d:23:03:
         30:92:b9:8c:60:9d:0b:2b:ac:e0:73:e3:f6:5f:6c:2e:4c:89:
         4c:3a:5c:65:0c:ad:9c:72:01:98:89:c3:ba:34:c6:ac:ca:e9:
         3f:14:99:63:bb:32:fa:f2:1d:cd:02:e4:09:fc:fb:4d:56:60:
         21:67:67:64:0f:46:3c:eb:3d:1f:59:69:56:23:33:d3:aa:de:
         81:51:76:8d:2b:6b:ad:ae:4f:8c:5b:7e:cb:fd:8e:5f:b6:b9:
         e9:3c:8a:c9:66:c2:ae:ee:f3:11:0e:bc:97:03:aa:df:ed:13:
         fc:d9:ff:04
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUBaBCI/ON6C7qKGQavwOuuJ9HFEcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTAyMDAzMDEwWhcNMjUxMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0AzZmM4NDU2ZGVhNTc0NGYzZTdhNjUxOTJlMzVmMzEzOGY0
NzllNjE1MWE5M2VlM2E0OTkzYTNlNGYwNTM1OTNjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCF7vaFLZ1Kx/fqXarYrbgtLaRRq88xV0JiNlJ8fdzWARLo
ukEP5gAVeGbDzWhgSNmVxFo5NEzCk+f7mGcoXmDqTZDmoiEmBoIOJ1jk1YxJwszr
5iirBqPxznqOEBI5ewNroaZrOUj+f4YozRDOG7/L/sR43Xt1n/CWJcsmpU075woQ
JQPII3UI8t0od+ZLtEApPjYqWguf4Ipb9tL2d1XNl4BKJeEKPGdppBbgrohe1uVB
URiBEiugKpVu9e2KyFwx2zQInld/jZgLesSZUUZdeGsIjju/iLEzSz4Yk+EVzpen
uMoQ5fYs1x0smNvtaDlDv/oTgZznvQjvSwZvQvU9AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUFsi7uRuL5d4ch5Nr8HbJY3eTP54wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzMxNDBiNTljLWUyOWQtNGI4YS04OTc0LWI2YzQ3MDk2MGYxYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4czANBgkqhkiG9w0BAQsFAAOCAQEA1bvac1gU6OXTh85uVgJ94x98PR7Z
/ApZkmviUsTBf7PruwcVHtyYCxZU9qKLbj78EJJenrtwKd9KsD23/UXGsTZVQHty
L+iPMoGy5aFHoj2Ve3VWNo0W5Qcr1CL3K3UsaxucAuhk45vak3aK3cZeN/veRKbd
MhDueAshDYOXyekqHt+YYfLbq3lJ3wyrnSMDMJK5jGCdCyus4HPj9l9sLkyJTDpc
ZQytnHIBmInDujTGrMrpPxSZY7sy+vIdzQLkCfz7TVZgIWdnZA9GPOs9H1lpViMz
06regVF2jStrra5PjFt+y/2OX7a56TyKyWbCru7zEQ68lwOq3+0T/Nn/BA==
-----END CERTIFICATE-----