Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4fee6d78-1728-44bd-b799-ca975927c66a.roa
File:                     4fee6d78-1728-44bd-b799-ca975927c66a.roa (raw, json)
Hash identifier:          c8rVmf2K2INW1CxbIEA8BPQ5KOfAOrsV20vDl6HCuTY=
Subject key identifier:   B3:CD:91:E9:DE:9B:E8:8B:03:15:1A:2B:0E:C2:04:B7:9B:74:D4:97
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       46948CCB31DA4038DD08D88A7C23DFC1A2C2669F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4fee6d78-1728-44bd-b799-ca975927c66a.roa
Signing time:             Sun 26 Oct 2025 00:21:06 +0000
ROA not before:           Sun 26 Oct 2025 00:21:06 +0000
ROA not after:            Sun 30 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.186.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:94:8c:cb:31:da:40:38:dd:08:d8:8a:7c:23:df:c1:a2:c2:66:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 26 00:21:06 2025 GMT
            Not After : Nov 30 23:59:59 2025 GMT
        Subject: serialNumber=219f4a9aea8751e09795b60da22cd58fd41e8fa144b41519e8b5225b94b4a1be, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:62:bc:a9:e1:eb:ca:91:e5:7f:3a:16:1f:fc:
                    4b:e7:af:57:ec:f3:39:ba:a3:74:30:7a:55:b1:e5:
                    67:b2:ff:3b:bd:d0:89:d9:63:03:05:55:43:a3:01:
                    29:e9:50:43:c9:28:87:bc:a6:0a:28:54:f8:2c:3b:
                    d6:38:c3:ab:11:9d:0d:6a:8a:1c:c4:5a:8c:6e:b7:
                    f5:fd:b7:ac:26:84:ab:cd:03:33:d6:0c:0d:51:ab:
                    a2:b7:a4:be:17:46:cf:47:ba:42:33:8c:71:a9:7d:
                    11:6e:d3:86:6c:2c:5a:fe:46:41:b6:31:35:9c:7f:
                    6c:89:43:26:ae:89:01:32:b4:af:c0:08:ae:b2:54:
                    49:55:d4:00:28:f0:93:a3:39:cf:59:e3:c1:d8:7f:
                    82:d9:2f:f5:bd:9a:bb:64:c2:b9:88:34:f0:0c:a1:
                    fc:f3:7e:42:81:a5:26:64:05:c7:22:a5:18:10:a8:
                    2c:19:6a:88:1b:44:21:6e:d0:bf:7f:2b:9a:96:7e:
                    a7:8a:24:2a:00:25:75:1a:e2:80:cc:c8:d1:41:29:
                    f6:26:0d:a3:08:6d:3a:fb:23:01:5b:4e:c7:e0:d6:
                    3f:a4:fc:6e:1d:74:d5:cc:a2:a1:1a:04:c2:ad:98:
                    12:df:7c:96:4d:c4:b1:6c:94:f8:ec:61:74:3e:1c:
                    15:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:CD:91:E9:DE:9B:E8:8B:03:15:1A:2B:0E:C2:04:B7:9B:74:D4:97
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4fee6d78-1728-44bd-b799-ca975927c66a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.186.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         75:d6:a5:9f:f4:ae:18:a2:4d:bc:cd:f2:b6:28:97:08:64:07:
         89:10:b1:fc:55:35:fa:c4:00:6e:9a:22:f3:93:8f:da:74:1d:
         9c:fc:45:50:92:57:90:14:57:a0:13:49:73:fa:e6:33:17:d1:
         0e:ab:51:72:b6:6e:0e:eb:9a:36:a3:95:fc:88:74:1e:aa:59:
         c5:b2:3c:a8:4e:08:03:50:6a:fc:1e:50:e4:f4:f9:c6:24:18:
         2c:60:e0:17:cc:81:fc:c7:3c:f9:ca:29:ea:e4:d3:97:b2:4a:
         40:3b:72:cd:e3:a9:4b:be:5d:08:5c:86:61:d6:60:c1:6f:80:
         1d:d8:72:06:04:27:fd:8b:12:e9:f4:95:6c:1b:18:e4:93:9f:
         76:1f:b1:6f:45:85:f4:5a:27:a2:68:03:bb:2d:3a:bb:64:fb:
         9c:a6:ca:d5:ed:e3:fd:cc:ac:92:37:5b:ea:c3:6e:71:b6:86:
         5b:a4:fe:61:32:de:4a:b2:5d:30:0a:17:66:bc:4b:80:55:b8:
         aa:2a:5e:f1:45:8f:9d:c5:2b:a8:62:da:fb:34:5a:8e:c3:c8:
         db:d4:0f:21:df:dc:37:d3:e4:b4:b5:f4:a1:56:ba:33:cc:8b:
         65:6b:36:8a:1c:5c:c0:1b:9a:a1:af:b4:bb:5b:3d:90:45:83:
         f4:63:1d:20
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIURpSMyzHaQDjdCNiKfCPfwaLCZp8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI2MDAyMTA2WhcNMjUxMTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0AyMTlmNGE5YWVhODc1MWUwOTc5NWI2MGRhMjJjZDU4ZmQ0
MWU4ZmExNDRiNDE1MTllOGI1MjI1Yjk0YjRhMWJlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDNYryp4evKkeV/OhYf/Evnr1fs8zm6o3QwelWx5Wey/zu9
0InZYwMFVUOjASnpUEPJKIe8pgooVPgsO9Y4w6sRnQ1qihzEWoxut/X9t6wmhKvN
AzPWDA1Rq6K3pL4XRs9HukIzjHGpfRFu04ZsLFr+RkG2MTWcf2yJQyauiQEytK/A
CK6yVElV1AAo8JOjOc9Z48HYf4LZL/W9mrtkwrmINPAMofzzfkKBpSZkBccipRgQ
qCwZaogbRCFu0L9/K5qWfqeKJCoAJXUa4oDMyNFBKfYmDaMIbTr7IwFbTsfg1j+k
/G4ddNXMoqEaBMKtmBLffJZNxLFslPjsYXQ+HBVLAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUs82R6d6b6IsDFRorDsIEt5t01JcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRmZWU2ZDc4LTE3MjgtNDRiZC1iNzk5LWNhOTc1OTI3YzY2YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4ujANBgkqhkiG9w0BAQsFAAOCAQEAddaln/SuGKJNvM3ytiiXCGQHiRCx
/FU1+sQAbpoi85OP2nQdnPxFUJJXkBRXoBNJc/rmMxfRDqtRcrZuDuuaNqOV/Ih0
HqpZxbI8qE4IA1Bq/B5Q5PT5xiQYLGDgF8yB/Mc8+cop6uTTl7JKQDtyzeOpS75d
CFyGYdZgwW+AHdhyBgQn/YsS6fSVbBsY5JOfdh+xb0WF9FonomgDuy06u2T7nKbK
1e3j/cyskjdb6sNucbaGW6T+YTLeSrJdMAoXZrxLgFW4qipe8UWPncUrqGLa+zRa
jsPI29QPId/cN9PktLX0oVa6M8yLZWs2ihxcwBuaoa+0u1s9kEWD9GMdIA==
-----END CERTIFICATE-----