Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5caee27d-582e-4205-bb1f-60952cb4c9cb.roa
File:                     5caee27d-582e-4205-bb1f-60952cb4c9cb.roa (raw, json)
Hash identifier:          CDLv3PCAq7hXNaPuahkU0x5R6/ESYnYKf6ZRl2JKMg4=
Subject key identifier:   D3:F1:B0:AB:FA:60:B8:FD:00:94:B3:EA:F6:63:F7:9F:A8:0B:E0:88
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       190BE2C9D3C72342C49B4B72DFB20B0F7B89A69F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5caee27d-582e-4205-bb1f-60952cb4c9cb.roa
Signing time:             Tue 21 Oct 2025 00:10:06 +0000
ROA not before:           Tue 21 Oct 2025 00:10:06 +0000
ROA not after:            Tue 25 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        16.61.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:0b:e2:c9:d3:c7:23:42:c4:9b:4b:72:df:b2:0b:0f:7b:89:a6:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 21 00:10:06 2025 GMT
            Not After : Nov 25 23:59:59 2025 GMT
        Subject: serialNumber=7bf336ba8585386304eb5d12ff22933dcd052a2c781db83605420eb975760675, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:63:e2:04:18:38:06:84:3b:ec:f0:f3:5c:11:
                    32:4d:48:96:4c:ae:4a:a3:14:3d:14:5a:80:bf:17:
                    2c:3b:83:62:63:0d:f8:9f:06:7a:26:77:12:a3:d8:
                    0b:93:54:ed:57:eb:e1:21:d0:25:11:d4:07:be:d2:
                    6a:d9:6e:79:3d:28:0a:a2:3a:57:e3:2e:7d:3f:11:
                    db:b2:bb:9d:e5:23:4c:97:48:87:c3:80:d4:7b:c8:
                    f6:87:73:76:a0:60:9c:7a:0e:5c:08:5f:03:90:a4:
                    65:d8:56:61:53:c7:7e:e7:c3:c4:7a:2f:ad:37:9a:
                    88:2a:21:aa:e7:78:99:bf:40:97:f8:ab:0c:55:b8:
                    58:62:d2:78:a8:07:cb:0d:bc:5a:f0:47:7e:0a:36:
                    2c:f6:97:54:0c:56:7a:0f:8d:4b:dc:d6:1f:f3:5f:
                    99:7b:60:f2:3e:2c:ef:e0:cd:29:4e:2e:3d:8b:01:
                    25:04:1a:9a:27:fe:e1:5f:54:aa:6a:3c:0c:35:2d:
                    3e:f9:46:d7:63:4b:6b:e0:69:9e:79:45:2d:d8:af:
                    e0:48:26:28:57:8e:ed:f0:ab:c8:87:bc:cc:8e:69:
                    6a:91:62:16:a7:c3:59:04:f9:63:bc:5c:00:73:28:
                    27:a9:91:4d:af:1b:79:6c:1e:92:10:33:29:2c:b0:
                    59:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:F1:B0:AB:FA:60:B8:FD:00:94:B3:EA:F6:63:F7:9F:A8:0B:E0:88
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5caee27d-582e-4205-bb1f-60952cb4c9cb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.61.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         c9:c1:fd:40:cf:19:3f:18:1e:eb:6e:ba:8e:23:61:3b:26:ef:
         e1:b8:84:01:c1:9a:c0:64:3a:0a:ae:e8:ea:2f:53:72:46:ff:
         d4:73:61:ac:67:25:4c:28:7f:e2:10:a6:51:67:26:60:3d:e7:
         9d:19:f7:dd:92:67:ac:50:5c:f8:88:09:c8:4d:aa:ef:22:b5:
         7d:c4:12:0f:94:9c:9b:a8:93:6e:15:43:a8:10:3f:29:d4:24:
         4e:03:07:c0:6b:ec:2a:b5:c6:24:a3:5b:24:12:8e:62:f2:af:
         19:4e:14:f7:f8:cb:1d:c0:48:52:db:f3:80:66:02:12:38:2b:
         96:8d:7c:35:f9:f9:a6:0d:6c:bf:9a:b5:36:2a:92:fd:7a:b3:
         0b:3d:e0:46:10:55:59:eb:39:33:2a:f9:f3:64:de:e0:ea:c4:
         03:22:e6:a7:72:13:84:10:8c:db:e5:26:b3:8c:f1:bb:50:9b:
         30:ef:8b:08:df:96:cb:98:67:b0:a3:5d:a0:71:53:84:a3:14:
         4c:85:62:dc:88:fa:ee:8e:d6:0e:65:87:f8:17:0a:bb:57:c2:
         a6:54:98:dc:84:26:82:33:cb:15:38:5b:57:05:38:0f:fa:99:
         b2:cc:e6:22:52:23:ef:6d:7f:60:8b:38:9e:0a:26:8e:ae:fb:
         0f:f4:d5:cb
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUGQviydPHI0LEm0ty37ILD3uJpp8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIxMDAxMDA2WhcNMjUxMTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A3YmYzMzZiYTg1ODUzODYzMDRlYjVkMTJmZjIyOTMzZGNk
MDUyYTJjNzgxZGI4MzYwNTQyMGViOTc1NzYwNjc1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDtY+IEGDgGhDvs8PNcETJNSJZMrkqjFD0UWoC/Fyw7g2Jj
DfifBnomdxKj2AuTVO1X6+Eh0CUR1Ae+0mrZbnk9KAqiOlfjLn0/Eduyu53lI0yX
SIfDgNR7yPaHc3agYJx6DlwIXwOQpGXYVmFTx37nw8R6L603mogqIarneJm/QJf4
qwxVuFhi0nioB8sNvFrwR34KNiz2l1QMVnoPjUvc1h/zX5l7YPI+LO/gzSlOLj2L
ASUEGpon/uFfVKpqPAw1LT75RtdjS2vgaZ55RS3Yr+BIJihXju3wq8iHvMyOaWqR
Yhanw1kE+WO8XABzKCepkU2vG3lsHpIQMykssFlfAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU0/Gwq/pguP0AlLPq9mP3n6gL4IgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzVjYWVlMjdkLTU4MmUtNDIwNS1iYjFmLTYwOTUyY2I0YzljYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQPTANBgkqhkiG9w0BAQsFAAOCAQEAycH9QM8ZPxge6266jiNhOybv4biE
AcGawGQ6Cq7o6i9Tckb/1HNhrGclTCh/4hCmUWcmYD3nnRn33ZJnrFBc+IgJyE2q
7yK1fcQSD5Scm6iTbhVDqBA/KdQkTgMHwGvsKrXGJKNbJBKOYvKvGU4U9/jLHcBI
UtvzgGYCEjgrlo18Nfn5pg1sv5q1NiqS/XqzCz3gRhBVWes5Myr582Te4OrEAyLm
p3IThBCM2+Ums4zxu1CbMO+LCN+Wy5hnsKNdoHFThKMUTIVi3Ij67o7WDmWH+BcK
u1fCplSY3IQmgjPLFThbVwU4D/qZsszmIlIj721/YIs4ngomjq77D/TVyw==
-----END CERTIFICATE-----