Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6c0ad2af-5d81-4a6f-ae25-f847eed45374.roa
File:                     6c0ad2af-5d81-4a6f-ae25-f847eed45374.roa (raw, json)
Hash identifier:          mlqAhRt8jePCEeHZqoQ5dw/nNohuMp1Ven5mqfyGDdU=
Subject key identifier:   C4:30:10:38:81:4E:67:C3:A4:03:C9:2F:75:8D:B0:C7:5E:FB:17:8E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       38003D1019C62B1DEFBE78E806561F3FD855B06B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6c0ad2af-5d81-4a6f-ae25-f847eed45374.roa
Signing time:             Fri 31 Oct 2025 00:30:13 +0000
ROA not before:           Fri 31 Oct 2025 00:30:13 +0000
ROA not after:            Fri 05 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        44.215.116.0/22 maxlen: 22
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:00:3d:10:19:c6:2b:1d:ef:be:78:e8:06:56:1f:3f:d8:55:b0:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 31 00:30:13 2025 GMT
            Not After : Dec  5 23:59:59 2025 GMT
        Subject: serialNumber=c94697a037d6da3d6ac255c5ec28d45f32a87953f880591d5ccbea9cb4e422bf, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:95:1f:50:2d:f6:ba:b0:50:6a:dd:aa:0a:d7:
                    f2:b0:45:03:ad:d2:cb:67:ad:21:aa:63:f2:bd:98:
                    6e:fc:54:53:94:66:22:8d:1e:d3:44:fc:ce:0a:b3:
                    cc:77:b6:6a:9f:cd:ea:c0:e7:6d:a6:7d:c6:9c:a7:
                    09:74:74:1a:a3:e7:3f:5d:6f:6d:53:45:84:a0:50:
                    86:da:86:ea:dc:9f:75:9a:f5:63:40:01:05:b0:8b:
                    99:90:66:08:fb:08:67:ff:8c:ba:a0:dc:5c:c9:23:
                    c6:62:9e:dc:e1:54:db:a5:d7:d9:8b:05:ab:90:46:
                    5d:ba:b7:2e:0c:ee:cf:33:1a:a1:85:ee:8d:a9:d5:
                    47:58:e4:ea:66:4a:15:01:b4:28:4d:0c:13:4c:99:
                    65:30:75:53:05:29:14:7b:1d:b5:d3:92:42:ed:9f:
                    89:45:5c:46:57:f1:3c:b8:bf:f9:b9:1c:02:74:21:
                    c9:c2:8e:1c:60:f9:35:bc:06:dd:54:fd:62:78:b7:
                    25:ea:6f:5d:c2:32:13:a9:66:9e:8f:54:c3:d6:86:
                    c9:21:e2:78:18:93:c7:7e:a7:d8:38:74:ca:46:f3:
                    dc:f1:43:d7:c3:ed:10:ca:08:70:d5:92:d5:e9:a0:
                    e6:a7:de:f6:73:65:05:bd:ec:8a:ce:74:9d:3d:c5:
                    ca:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:30:10:38:81:4E:67:C3:A4:03:C9:2F:75:8D:B0:C7:5E:FB:17:8E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6c0ad2af-5d81-4a6f-ae25-f847eed45374.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  44.215.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         af:9e:0b:76:0a:20:25:47:6e:60:35:7c:e7:90:98:55:29:98:
         8c:c2:43:ee:b9:4e:bf:09:6e:59:24:f0:13:cf:b8:b1:56:e0:
         4e:12:ca:86:b5:34:1d:10:3e:8c:bd:20:70:62:ff:f5:1b:47:
         df:02:39:97:03:3d:65:10:48:ba:c3:e2:c4:cd:c4:0f:d1:8c:
         d1:d7:bb:ee:3d:53:b6:37:5e:bf:fb:87:eb:d5:e1:f5:be:f2:
         ee:62:42:21:ee:18:77:ef:d4:a8:66:a1:72:d1:99:fd:f1:5b:
         2f:d2:97:32:c4:bd:24:86:84:0e:36:a1:01:50:5d:3d:a3:06:
         10:99:5a:17:11:87:fc:5c:31:b5:aa:42:e2:8a:bc:31:21:7a:
         a5:93:fd:ed:87:f4:e6:53:12:70:ae:d6:ab:6e:c6:df:48:76:
         41:3c:ee:7f:8c:5b:a4:c5:7e:33:25:26:17:81:cf:50:3a:24:
         2e:02:91:40:a2:e1:d7:7d:64:6d:55:28:8a:2e:1e:9a:5b:37:
         d6:04:87:d4:c2:e7:c5:2e:19:7d:e6:86:d3:9f:cc:34:79:80:
         50:b7:69:b0:ce:34:29:be:84:1c:23:a7:ef:dd:c5:38:cd:e6:
         2e:d4:16:6b:af:83:cc:28:75:1b:40:86:e2:ad:ae:b5:98:dd:
         f0:ba:4d:9b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOAA9EBnGKx3vvnjoBlYfP9hVsGswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDMxMDAzMDEzWhcNMjUxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BjOTQ2OTdhMDM3ZDZkYTNkNmFjMjU1YzVlYzI4ZDQ1ZjMy
YTg3OTUzZjg4MDU5MWQ1Y2NiZWE5Y2I0ZTQyMmJmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCtlR9QLfa6sFBq3aoK1/KwRQOt0stnrSGqY/K9mG78VFOU
ZiKNHtNE/M4Ks8x3tmqfzerA522mfcacpwl0dBqj5z9db21TRYSgUIbahurcn3Wa
9WNAAQWwi5mQZgj7CGf/jLqg3FzJI8ZintzhVNul19mLBauQRl26ty4M7s8zGqGF
7o2p1UdY5OpmShUBtChNDBNMmWUwdVMFKRR7HbXTkkLtn4lFXEZX8Ty4v/m5HAJ0
IcnCjhxg+TW8Bt1U/WJ4tyXqb13CMhOpZp6PVMPWhskh4ngYk8d+p9g4dMpG89zx
Q9fD7RDKCHDVktXpoOan3vZzZQW97IrOdJ09xcq/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUxDAQOIFOZ8OkA8kvdY2wx177F44wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZjMGFkMmFmLTVkODEtNGE2Zi1hZTI1LWY4NDdlZWQ0NTM3NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIs13QwDQYJKoZIhvcNAQELBQADggEBAK+eC3YKICVHbmA1fOeQmFUpmIzC
Q+65Tr8Jblkk8BPPuLFW4E4Syoa1NB0QPoy9IHBi//UbR98COZcDPWUQSLrD4sTN
xA/RjNHXu+49U7Y3Xr/7h+vV4fW+8u5iQiHuGHfv1KhmoXLRmf3xWy/SlzLEvSSG
hA42oQFQXT2jBhCZWhcRh/xcMbWqQuKKvDEheqWT/e2H9OZTEnCu1qtuxt9IdkE8
7n+MW6TFfjMlJheBz1A6JC4CkUCi4dd9ZG1VKIouHppbN9YEh9TC58UuGX3mhtOf
zDR5gFC3abDONCm+hBwjp+/dxTjN5i7UFmuvg8wodRtAhuKtrrWY3fC6TZs=
-----END CERTIFICATE-----