Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/672a7362-e583-47b6-a477-44ef54138188.roa
File:                     672a7362-e583-47b6-a477-44ef54138188.roa (raw, json)
Hash identifier:          JRwFpbZARl36IRULVid5PUcOsRF8CFGqJlt4n9z2atE=
Subject key identifier:   BE:75:EA:53:D1:63:7A:0A:AB:7F:B4:D0:06:3D:D1:1D:44:81:2D:DC
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       E5DC0E299F547532E17F852570BBD072F666D3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/672a7362-e583-47b6-a477-44ef54138188.roa
Signing time:             Wed 22 Oct 2025 00:20:56 +0000
ROA not before:           Wed 22 Oct 2025 00:20:56 +0000
ROA not after:            Wed 26 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        35.26.0.0/15 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            e5:dc:0e:29:9f:54:75:32:e1:7f:85:25:70:bb:d0:72:f6:66:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 22 00:20:56 2025 GMT
            Not After : Nov 26 23:59:59 2025 GMT
        Subject: serialNumber=47b96ff967a857c0764b0f13c7ed469b09af3f23de2c29722531bd6191dcf385, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:09:b0:75:a0:ca:46:d8:4d:49:35:b6:24:5f:
                    fa:0f:22:50:f4:da:00:15:83:22:5d:df:01:0b:22:
                    81:3f:58:a0:a5:e8:2c:bc:2c:27:a2:e2:93:07:41:
                    69:32:97:5a:30:3a:c4:8a:12:b5:da:f2:b3:4d:47:
                    d6:b5:73:be:29:cd:f8:14:ad:3a:51:37:be:b7:de:
                    ce:35:8b:84:2b:5b:51:d0:c7:6a:33:34:3b:5f:7f:
                    78:6b:78:7a:46:9d:47:61:e3:be:7c:74:16:15:80:
                    f4:8e:82:3c:f7:78:a9:e6:14:a6:8b:9e:73:7e:d3:
                    62:fd:15:5f:3b:45:b7:c0:70:be:3a:7d:45:82:b5:
                    a7:ee:2b:25:ea:df:bc:88:a7:cc:b7:c7:42:f0:f7:
                    5e:78:b6:20:8e:21:37:fe:fe:ef:23:6d:85:ea:75:
                    d0:8a:05:a1:2d:bd:91:c2:b0:c3:9f:28:af:f4:99:
                    dc:1e:55:95:39:0d:fe:a8:e6:40:00:3a:7a:dc:9c:
                    4a:dc:8e:01:3b:9c:5e:47:6c:a4:c9:72:2f:66:f0:
                    01:83:73:5a:5f:56:68:30:25:f6:46:80:e8:95:44:
                    af:df:ac:d1:fd:1d:bd:7f:21:fb:b1:84:3d:d5:0b:
                    68:b4:26:b5:92:2a:52:88:49:e6:ee:23:a2:c6:8d:
                    bb:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:75:EA:53:D1:63:7A:0A:AB:7F:B4:D0:06:3D:D1:1D:44:81:2D:DC
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/672a7362-e583-47b6-a477-44ef54138188.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.26.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         25:62:8a:07:7c:55:45:e2:2c:f8:75:45:1a:05:93:2f:d3:6d:
         18:44:41:aa:f3:90:92:34:10:21:16:c4:5f:6a:25:60:1e:a7:
         77:6f:02:75:20:76:4d:7b:2b:ae:ec:74:92:23:67:1c:bb:b9:
         c5:9e:a7:3e:64:06:d8:1f:89:2f:7a:0e:10:24:db:55:59:79:
         9c:6d:e8:99:3d:56:f3:9f:59:b1:a5:b7:05:c3:4d:3f:10:50:
         a9:11:c1:27:82:f5:79:0f:32:92:ea:43:5b:73:41:e5:53:74:
         92:a7:43:eb:4d:70:49:34:43:b3:f6:a1:8a:95:ab:d6:96:36:
         7d:7e:1c:0e:b0:26:d6:06:67:a9:a1:3b:46:26:84:18:57:de:
         1a:ae:2e:4c:17:de:cb:4d:d9:21:e7:73:3e:cc:57:87:9b:73:
         f3:56:32:79:b2:5a:4b:0c:6f:83:8a:86:77:14:73:7d:1f:45:
         b2:ea:e5:28:6d:e9:6e:29:14:13:0c:b3:79:dd:13:dc:11:c4:
         c5:d0:aa:ac:bf:a5:24:3c:bb:90:f9:9d:be:4c:4a:37:27:b7:
         aa:d4:6c:10:33:57:40:3c:9a:bb:e1:9d:43:6b:c1:6b:45:3c:
         e2:6c:70:bd:04:09:bd:c0:7e:12:3d:15:cf:59:fc:dd:12:69:
         97:66:b5:43
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUAOXcDimfVHUy4X+FJXC70HL2ZtMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIyMDAyMDU2WhcNMjUxMTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0A0N2I5NmZmOTY3YTg1N2MwNzY0YjBmMTNjN2VkNDY5YjA5
YWYzZjIzZGUyYzI5NzIyNTMxYmQ2MTkxZGNmMzg1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDeCbB1oMpG2E1JNbYkX/oPIlD02gAVgyJd3wELIoE/WKCl
6Cy8LCei4pMHQWkyl1owOsSKErXa8rNNR9a1c74pzfgUrTpRN7633s41i4QrW1HQ
x2ozNDtff3hreHpGnUdh4758dBYVgPSOgjz3eKnmFKaLnnN+02L9FV87RbfAcL46
fUWCtafuKyXq37yIp8y3x0Lw9154tiCOITf+/u8jbYXqddCKBaEtvZHCsMOfKK/0
mdweVZU5Df6o5kAAOnrcnErcjgE7nF5HbKTJci9m8AGDc1pfVmgwJfZGgOiVRK/f
rNH9Hb1/IfuxhD3VC2i0JrWSKlKISebuI6LGjbu3AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUvnXqU9Fjegqrf7TQBj3RHUSBLdwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY3MmE3MzYyLWU1ODMtNDdiNi1hNDc3LTQ0ZWY1NDEzODE4OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEjGjANBgkqhkiG9w0BAQsFAAOCAQEAJWKKB3xVReIs+HVFGgWTL9NtGERB
qvOQkjQQIRbEX2olYB6nd28CdSB2TXsrrux0kiNnHLu5xZ6nPmQG2B+JL3oOECTb
VVl5nG3omT1W859ZsaW3BcNNPxBQqRHBJ4L1eQ8ykupDW3NB5VN0kqdD601wSTRD
s/ahipWr1pY2fX4cDrAm1gZnqaE7RiaEGFfeGq4uTBfey03ZIedzPsxXh5tz81Yy
ebJaSwxvg4qGdxRzfR9FsurlKG3pbikUEwyzed0T3BHExdCqrL+lJDy7kPmdvkxK
Nye3qtRsEDNXQDyau+GdQ2vBa0U84mxwvQQJvcB+Ej0Vz1n83RJpl2a1Qw==
-----END CERTIFICATE-----