Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/42e80cfb-6694-44ed-8b7d-4f7bcc286fe7.roa
File:                     42e80cfb-6694-44ed-8b7d-4f7bcc286fe7.roa (raw, json)
Hash identifier:          wJWIEfU5adiyHSADSbwSkiUYbePjKZs+AOGJE5oEVkk=
Subject key identifier:   42:36:DB:3C:09:3B:3E:05:E9:75:8A:B3:D1:90:80:5E:57:31:2D:1F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       30BEF57466EB17F71DAA17DD9BCBCD3D8A8AD56C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/42e80cfb-6694-44ed-8b7d-4f7bcc286fe7.roa
Signing time:             Sun 26 Oct 2025 00:10:05 +0000
ROA not before:           Sun 26 Oct 2025 00:10:05 +0000
ROA not after:            Sun 30 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        56.187.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:be:f5:74:66:eb:17:f7:1d:aa:17:dd:9b:cb:cd:3d:8a:8a:d5:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 26 00:10:05 2025 GMT
            Not After : Nov 30 23:59:59 2025 GMT
        Subject: serialNumber=d2b2f341b836c17d13adbbaf98774fa2241aa0a80400a7955e3639fa07d980e0, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:2d:48:03:1e:13:44:e1:eb:58:8e:00:13:54:
                    dc:99:da:70:11:29:9f:5d:92:1d:f1:18:fa:25:0c:
                    95:33:51:46:9c:52:d3:e6:92:ee:28:60:b0:8f:45:
                    94:77:ca:40:4c:93:df:05:8b:ed:2e:81:75:a7:7b:
                    34:9c:45:c5:68:57:73:f8:18:45:fb:2f:57:2e:03:
                    c9:e8:38:51:3f:6c:d0:6e:fb:92:48:39:64:36:37:
                    e7:c9:cb:5a:fb:4c:8d:82:c7:c0:3f:20:83:01:bc:
                    f6:b7:fd:59:83:09:03:5f:9d:ce:76:57:7b:f7:87:
                    43:1e:1c:0c:61:77:dc:01:74:bb:f6:b0:c7:d4:b0:
                    ae:95:5d:4d:4c:d1:f2:3e:91:15:91:81:69:0d:05:
                    f0:46:84:0a:ad:da:e8:a8:b3:f8:9c:66:70:8e:72:
                    16:fa:fc:f6:6f:9b:19:e7:74:7c:36:28:87:c0:06:
                    15:87:33:fd:76:71:7b:32:2d:06:9d:f6:a9:f5:55:
                    23:20:8c:5d:4b:fb:74:7a:b0:5d:ca:8b:81:a3:b3:
                    bd:97:f8:c0:22:64:f6:5f:2f:c3:00:83:f3:8d:a0:
                    22:7d:56:9a:b3:58:7a:ac:a2:b4:7b:f6:76:06:5a:
                    22:42:32:43:95:3c:a5:ff:a0:a7:40:9c:a4:22:93:
                    82:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:36:DB:3C:09:3B:3E:05:E9:75:8A:B3:D1:90:80:5E:57:31:2D:1F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/42e80cfb-6694-44ed-8b7d-4f7bcc286fe7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.187.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         99:33:82:42:ab:a5:85:e0:1f:5a:15:8b:07:d9:e8:19:a4:a4:
         c4:12:a0:b5:61:8f:48:a3:7c:64:0b:9b:78:e8:40:62:dc:4a:
         90:ec:f4:2a:dd:11:59:37:b6:05:a9:2b:60:10:ce:d2:e1:e8:
         38:f2:a2:c0:2c:2f:6e:d1:4d:4b:55:51:da:85:b6:17:cc:a9:
         89:fe:59:f2:5a:62:45:bd:e0:86:fc:1f:ef:0d:51:80:f7:76:
         b4:cd:6b:27:65:53:39:5b:70:47:af:e8:6b:b7:4d:cf:e2:73:
         a6:a6:07:7b:0d:27:f6:dd:dd:f9:e3:7a:93:8b:f4:2e:97:55:
         72:dd:32:2e:cb:a0:24:16:b4:df:21:3f:9f:e3:45:b2:97:de:
         7a:44:ea:c1:9a:50:41:58:6e:2e:51:d9:de:ab:a7:ad:3b:9c:
         3b:73:67:e2:d2:a5:7f:5d:2a:5d:66:f5:36:76:80:ee:6e:06:
         45:9b:f5:73:99:7b:dd:c7:a3:5d:2f:ad:86:37:76:65:3d:bc:
         72:d0:37:0c:2b:cd:1c:98:ca:8b:41:53:a1:3f:44:ee:a0:d0:
         5f:c2:39:8a:c3:30:9f:f5:cb:22:fa:ce:98:e6:7e:03:43:dc:
         e4:43:96:2c:56:08:54:db:4b:1d:2d:04:e1:ce:7b:c9:0a:19:
         4c:59:c1:f6
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUML71dGbrF/cdqhfdm8vNPYqK1WwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI2MDAxMDA1WhcNMjUxMTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BkMmIyZjM0MWI4MzZjMTdkMTNhZGJiYWY5ODc3NGZhMjI0
MWFhMGE4MDQwMGE3OTU1ZTM2MzlmYTA3ZDk4MGUwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCiLUgDHhNE4etYjgATVNyZ2nARKZ9dkh3xGPolDJUzUUac
UtPmku4oYLCPRZR3ykBMk98Fi+0ugXWnezScRcVoV3P4GEX7L1cuA8noOFE/bNBu
+5JIOWQ2N+fJy1r7TI2Cx8A/IIMBvPa3/VmDCQNfnc52V3v3h0MeHAxhd9wBdLv2
sMfUsK6VXU1M0fI+kRWRgWkNBfBGhAqt2uios/icZnCOchb6/PZvmxnndHw2KIfA
BhWHM/12cXsyLQad9qn1VSMgjF1L+3R6sF3Ki4Gjs72X+MAiZPZfL8MAg/ONoCJ9
VpqzWHqsorR79nYGWiJCMkOVPKX/oKdAnKQik4KDAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUQjbbPAk7PgXpdYqz0ZCAXlcxLR8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQyZTgwY2ZiLTY2OTQtNDRlZC04YjdkLTRmN2JjYzI4NmZlNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4uzANBgkqhkiG9w0BAQsFAAOCAQEAmTOCQqulheAfWhWLB9noGaSkxBKg
tWGPSKN8ZAubeOhAYtxKkOz0Kt0RWTe2BakrYBDO0uHoOPKiwCwvbtFNS1VR2oW2
F8ypif5Z8lpiRb3ghvwf7w1RgPd2tM1rJ2VTOVtwR6/oa7dNz+JzpqYHew0n9t3d
+eN6k4v0LpdVct0yLsugJBa03yE/n+NFspfeekTqwZpQQVhuLlHZ3qunrTucO3Nn
4tKlf10qXWb1NnaA7m4GRZv1c5l73cejXS+thjd2ZT28ctA3DCvNHJjKi0FToT9E
7qDQX8I5isMwn/XLIvrOmOZ+A0Pc5EOWLFYIVNtLHS0E4c57yQoZTFnB9g==
-----END CERTIFICATE-----