Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3a3bf936-3d01-4b4d-b4bb-05c306c81a95.roa
File:                     3a3bf936-3d01-4b4d-b4bb-05c306c81a95.roa (raw, json)
Hash identifier:          SGD9JGxo9drkSpfwU8VJXDs0oRRUkdxLmj0BN1vbqQw=
Subject key identifier:   8E:71:76:E9:04:B0:F6:65:1F:84:8D:26:42:D5:25:F0:DC:7D:F3:85
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       53E145644E45B8E127915EFB3D05D3859CB01B47
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3a3bf936-3d01-4b4d-b4bb-05c306c81a95.roa
Signing time:             Wed 22 Oct 2025 00:20:12 +0000
ROA not before:           Wed 22 Oct 2025 00:20:12 +0000
ROA not after:            Wed 26 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        57.139.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:e1:45:64:4e:45:b8:e1:27:91:5e:fb:3d:05:d3:85:9c:b0:1b:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 22 00:20:12 2025 GMT
            Not After : Nov 26 23:59:59 2025 GMT
        Subject: serialNumber=cae09bf0a84a1fa46d77cb7f7b5cfb9bd6d623c61bc17d5e25f92f483907074d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:3e:a2:be:2c:59:6a:80:0d:53:0e:4a:2b:cd:
                    eb:3f:f9:52:87:04:cc:c4:70:1c:08:e0:ef:1b:fd:
                    0f:2f:43:15:cc:0c:fb:97:fb:b4:7e:1e:99:17:f3:
                    c6:1a:0b:44:83:11:93:d2:c8:67:de:6b:b3:78:bc:
                    ae:89:c7:3b:d6:72:0e:2c:22:12:d9:f5:76:03:e4:
                    f5:5a:8a:30:9f:06:a2:95:03:df:ef:66:7d:ba:04:
                    8c:db:cb:6c:a4:5c:d8:aa:03:88:55:f8:b8:ce:9a:
                    3e:65:63:5d:5d:f9:93:47:c6:fa:b7:34:ad:43:4f:
                    e1:81:85:2d:ad:16:0e:b9:63:47:8f:22:de:ba:8a:
                    12:13:41:2a:9a:16:77:a8:68:27:d1:f7:d2:be:42:
                    e9:20:33:23:9e:de:c6:e2:7d:d0:25:9e:d0:94:1c:
                    b6:c8:ab:30:49:78:40:96:c7:87:74:db:53:d6:65:
                    6a:d4:6a:d6:0a:d7:50:a4:7d:7a:25:1c:34:41:b2:
                    09:c1:c7:75:16:46:d1:84:27:4c:87:50:cf:21:11:
                    11:05:8a:28:c4:55:6b:65:9f:1f:92:61:9f:d6:fb:
                    27:ef:df:43:8d:e3:ac:50:e6:98:06:72:cd:af:58:
                    83:7f:d1:6f:17:92:38:9a:56:ec:dd:66:ac:b7:fb:
                    01:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:71:76:E9:04:B0:F6:65:1F:84:8D:26:42:D5:25:F0:DC:7D:F3:85
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3a3bf936-3d01-4b4d-b4bb-05c306c81a95.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  57.139.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         d0:3b:ad:94:f8:61:73:98:e4:05:c4:fd:76:e1:78:4f:37:17:
         12:e3:e0:9e:74:b1:14:20:5c:6e:94:ad:aa:11:29:8f:70:46:
         5b:2f:d7:3c:9c:21:72:31:4a:56:f0:c4:26:ac:05:8d:a0:82:
         16:b7:84:db:b2:7a:43:3d:e2:8d:ea:cb:06:54:a4:a6:d6:90:
         f1:36:c0:11:f3:2a:04:e5:db:93:c4:f1:2a:e8:ed:9c:f5:17:
         9d:d1:44:9e:62:9b:94:65:2d:15:5f:83:c0:d4:94:eb:53:84:
         11:6a:c2:75:e6:74:f9:d7:3c:78:10:d0:9d:2e:63:ab:8d:aa:
         2a:b7:35:4d:28:0f:ae:0a:0b:9f:2f:99:ef:03:77:10:45:e3:
         e8:53:97:c4:e9:05:34:7c:73:4d:fb:5e:31:0f:e5:09:6b:4d:
         7f:12:1a:7a:4f:f2:2c:e5:f1:d7:8b:c9:62:87:26:56:b8:94:
         25:4a:9a:2c:97:90:7a:ea:4b:de:09:f9:16:82:4f:0d:bb:85:
         4a:41:2d:fe:84:65:a0:ca:bf:11:87:6c:b7:4f:1f:ec:47:ad:
         64:f2:ea:9d:bb:ad:6f:93:06:89:dd:68:0d:7f:22:73:cc:c6:
         9a:19:8b:41:ca:86:87:79:f5:8f:dd:6b:12:07:05:ab:9d:c1:
         7e:57:46:f3
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUU+FFZE5FuOEnkV77PQXThZywG0cwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIyMDAyMDEyWhcNMjUxMTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0BjYWUwOWJmMGE4NGExZmE0NmQ3N2NiN2Y3YjVjZmI5YmQ2
ZDYyM2M2MWJjMTdkNWUyNWY5MmY0ODM5MDcwNzRkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDsPqK+LFlqgA1TDkorzes/+VKHBMzEcBwI4O8b/Q8vQxXM
DPuX+7R+HpkX88YaC0SDEZPSyGfea7N4vK6JxzvWcg4sIhLZ9XYD5PVaijCfBqKV
A9/vZn26BIzby2ykXNiqA4hV+LjOmj5lY11d+ZNHxvq3NK1DT+GBhS2tFg65Y0eP
It66ihITQSqaFneoaCfR99K+QukgMyOe3sbifdAlntCUHLbIqzBJeECWx4d021PW
ZWrUatYK11CkfXolHDRBsgnBx3UWRtGEJ0yHUM8hEREFiijEVWtlnx+SYZ/W+yfv
30ON46xQ5pgGcs2vWIN/0W8XkjiaVuzdZqy3+wGBAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUjnF26QSw9mUfhI0mQtUl8Nx984UwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNhM2JmOTM2LTNkMDEtNGI0ZC1iNGJiLTA1YzMwNmM4MWE5NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA5izANBgkqhkiG9w0BAQsFAAOCAQEA0DutlPhhc5jkBcT9duF4TzcXEuPg
nnSxFCBcbpStqhEpj3BGWy/XPJwhcjFKVvDEJqwFjaCCFreE27J6Qz3ijerLBlSk
ptaQ8TbAEfMqBOXbk8TxKujtnPUXndFEnmKblGUtFV+DwNSU61OEEWrCdeZ0+dc8
eBDQnS5jq42qKrc1TSgPrgoLny+Z7wN3EEXj6FOXxOkFNHxzTfteMQ/lCWtNfxIa
ek/yLOXx14vJYocmVriUJUqaLJeQeupL3gn5FoJPDbuFSkEt/oRloMq/EYdst08f
7EetZPLqnbutb5MGid1oDX8ic8zGmhmLQcqGh3n1j91rEgcFq53BfldG8w==
-----END CERTIFICATE-----