Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4f0b048d-2305-43d3-a474-0e095ab7e09b.roa
File:                     4f0b048d-2305-43d3-a474-0e095ab7e09b.roa (raw, json)
Hash identifier:          ieuyGDtOWfGAAIx1jCd02JSniTWNkYXiuCqEkk34CLA=
Subject key identifier:   0E:CE:25:CC:FF:4A:89:0C:CE:4F:07:92:52:76:3E:6F:38:B4:79:A5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5E75C96B6CD32A9020B873FF5D7FEC27672A1B99
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4f0b048d-2305-43d3-a474-0e095ab7e09b.roa
Signing time:             Sun 02 Nov 2025 00:30:39 +0000
ROA not before:           Sun 02 Nov 2025 00:30:39 +0000
ROA not after:            Sun 07 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        69.53.192.0/20 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:75:c9:6b:6c:d3:2a:90:20:b8:73:ff:5d:7f:ec:27:67:2a:1b:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  2 00:30:39 2025 GMT
            Not After : Dec  7 23:59:59 2025 GMT
        Subject: serialNumber=331ec7c8d3464c598aeb6580bf61b77a8cb5059a8ce5e07e99be7f35bae08ef1, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:89:44:99:a5:a1:d3:8d:88:d2:f9:db:21:a6:
                    ad:6f:60:05:7e:a1:d1:80:31:1e:16:62:3f:9a:8a:
                    5f:c9:57:83:1c:53:8a:08:44:1a:75:9a:ef:c6:9d:
                    a1:80:78:42:82:a0:d7:d6:83:d6:84:1e:99:56:74:
                    02:4e:6c:9b:05:de:32:0f:b9:f6:9e:ff:ad:3d:09:
                    95:9f:6b:e2:be:f6:d8:66:ce:7c:6f:56:c2:63:5f:
                    39:ad:aa:b7:9e:0d:98:8a:c8:dd:a1:2d:b7:2e:04:
                    7b:03:a5:c5:07:42:8d:74:81:0c:91:87:84:21:66:
                    7b:ce:d4:39:7a:fd:c0:3f:24:92:33:84:03:41:1c:
                    0e:51:b7:5b:51:66:9f:69:8a:1e:ad:10:34:2b:69:
                    09:5f:82:5a:72:58:25:1b:51:99:72:38:6e:46:55:
                    17:1c:d8:6c:43:01:7e:e9:d9:28:c4:bb:6e:3c:4b:
                    6b:18:5e:9b:ca:4c:33:4b:bf:94:74:ba:82:0d:86:
                    1d:00:3b:d5:7b:89:c3:fc:18:dd:a0:9d:d5:a6:1d:
                    7f:c0:8a:ab:e3:ce:06:4f:29:44:0f:26:af:4b:dd:
                    27:65:42:3e:e1:0a:0a:1c:92:18:0b:9f:e9:92:ea:
                    16:38:29:1c:38:af:40:0e:2a:e1:d4:ef:c2:bd:36:
                    e8:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:CE:25:CC:FF:4A:89:0C:CE:4F:07:92:52:76:3E:6F:38:B4:79:A5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4f0b048d-2305-43d3-a474-0e095ab7e09b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  69.53.192.0/20

    Signature Algorithm: sha256WithRSAEncryption
         b0:93:f9:da:ca:93:f6:92:06:2c:b4:04:e7:f8:62:2b:ad:e0:
         d4:cd:0d:f7:c1:2e:5e:3b:3b:d7:a4:7b:48:58:7d:ed:94:54:
         0c:a0:a4:7c:ac:2b:18:92:81:5d:1f:56:33:35:f3:14:90:93:
         38:c0:12:81:eb:92:b9:28:93:a3:87:38:11:57:a9:7f:70:39:
         da:9a:88:7b:71:db:8a:dc:84:96:03:2d:94:ec:e1:1f:61:0f:
         6f:50:94:5e:11:4e:83:0a:46:ce:9a:3c:5d:04:2b:ce:87:bf:
         47:0a:91:05:45:bf:fd:ae:a6:36:72:a1:30:95:78:b3:bf:43:
         16:84:39:01:b6:1c:9d:a8:a8:72:ec:63:e1:7e:fd:b3:4b:44:
         f9:65:a2:26:98:4b:ea:f5:36:43:00:c7:52:f8:17:36:9a:86:
         30:94:80:1c:4f:bf:93:b3:b4:57:e9:69:f7:0c:eb:ef:07:7e:
         d6:7c:21:b8:62:e5:ed:75:b4:f5:61:37:da:63:fa:a8:a2:0c:
         2e:7f:a8:0a:57:bc:a8:0a:7f:0a:16:54:f4:51:65:e8:4a:8f:
         31:98:76:e2:03:d2:48:30:90:97:2f:fd:12:ba:dd:77:2e:e8:
         bc:89:e8:03:22:e2:7c:8f:7b:e9:b5:cf:bc:ce:4d:c1:f3:11:
         69:20:be:bf
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXnXJa2zTKpAguHP/XX/sJ2cqG5kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTAyMDAzMDM5WhcNMjUxMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0AzMzFlYzdjOGQzNDY0YzU5OGFlYjY1ODBiZjYxYjc3YThj
YjUwNTlhOGNlNWUwN2U5OWJlN2YzNWJhZTA4ZWYxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2iUSZpaHTjYjS+dshpq1vYAV+odGAMR4WYj+ail/JV4Mc
U4oIRBp1mu/GnaGAeEKCoNfWg9aEHplWdAJObJsF3jIPufae/609CZWfa+K+9thm
znxvVsJjXzmtqreeDZiKyN2hLbcuBHsDpcUHQo10gQyRh4QhZnvO1Dl6/cA/JJIz
hANBHA5Rt1tRZp9pih6tEDQraQlfglpyWCUbUZlyOG5GVRcc2GxDAX7p2SjEu248
S2sYXpvKTDNLv5R0uoINhh0AO9V7icP8GN2gndWmHX/AiqvjzgZPKUQPJq9L3Sdl
Qj7hCgockhgLn+mS6hY4KRw4r0AOKuHU78K9NuhHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUDs4lzP9KiQzOTweSUnY+bzi0eaUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRmMGIwNDhkLTIzMDUtNDNkMy1hNDc0LTBlMDk1YWI3ZTA5Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBARFNcAwDQYJKoZIhvcNAQELBQADggEBALCT+drKk/aSBiy0BOf4Yiut4NTN
DffBLl47O9eke0hYfe2UVAygpHysKxiSgV0fVjM18xSQkzjAEoHrkrkok6OHOBFX
qX9wOdqaiHtx24rchJYDLZTs4R9hD29QlF4RToMKRs6aPF0EK86Hv0cKkQVFv/2u
pjZyoTCVeLO/QxaEOQG2HJ2oqHLsY+F+/bNLRPlloiaYS+r1NkMAx1L4FzaahjCU
gBxPv5OztFfpafcM6+8HftZ8Ibhi5e11tPVhN9pj+qiiDC5/qApXvKgKfwoWVPRR
ZehKjzGYduID0kgwkJcv/RK63Xcu6LyJ6AMi4nyPe+m1z7zOTcHzEWkgvr8=
-----END CERTIFICATE-----