Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9c6ab720-bcf1-4213-aee9-832ddfc3cf45.roa
File:                     9c6ab720-bcf1-4213-aee9-832ddfc3cf45.roa (raw, json)
Hash identifier:          FF9ssCOFtoAHstxKRP91rwOfiiJDeCGmdcAWuUKyAfU=
Subject key identifier:   AB:CF:90:3E:7C:17:1C:53:79:63:B5:DC:35:1B:DC:B8:46:C6:5F:74
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4F7C3466EB4467B76D186FFE9C8AE4884CFD8B16
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9c6ab720-bcf1-4213-aee9-832ddfc3cf45.roa
Signing time:             Fri 31 Oct 2025 00:30:08 +0000
ROA not before:           Fri 31 Oct 2025 00:30:08 +0000
ROA not after:            Fri 05 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.160.0.0/20 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:7c:34:66:eb:44:67:b7:6d:18:6f:fe:9c:8a:e4:88:4c:fd:8b:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 31 00:30:08 2025 GMT
            Not After : Dec  5 23:59:59 2025 GMT
        Subject: serialNumber=4a5f5675ee87f384fdac575103d047df86ece94bfa271aabd03a417e130976a0, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:d2:45:f0:63:4e:45:6e:ca:b2:61:fd:71:bb:
                    71:12:7b:38:85:9e:3c:a1:c2:6a:1e:f8:6e:a4:7e:
                    bd:f7:cd:5b:f9:d4:71:b6:bc:85:ec:55:cf:20:b2:
                    0a:d9:a7:36:20:22:1a:b0:8e:21:3c:58:b6:90:10:
                    e1:16:23:a5:64:2a:27:f6:dc:bd:82:7f:89:49:41:
                    84:91:36:32:fb:ed:a0:47:b8:d2:37:8f:43:6d:3c:
                    c3:f4:09:6c:0d:27:ac:24:ce:2c:29:fd:c1:28:b9:
                    28:5c:32:8a:06:4c:74:b2:b7:24:54:1b:99:8e:7b:
                    ff:db:03:b4:46:f9:1c:dc:86:5b:18:30:08:83:c4:
                    99:7b:8d:26:ed:d2:d9:f1:e5:39:66:84:1e:7f:84:
                    b6:70:4d:3b:1e:d3:bc:f9:5a:7c:6d:41:1c:64:f8:
                    3c:d9:33:dd:da:08:6c:0d:04:c3:11:10:bf:b0:f4:
                    77:4f:b1:e2:92:02:26:9e:6b:c7:a6:12:03:a9:32:
                    50:71:57:3a:68:42:61:57:5e:92:34:5e:ff:bb:d8:
                    99:c8:ae:4f:cc:2c:e4:d5:9f:19:05:87:88:20:49:
                    28:74:9a:97:a4:4d:7d:7f:32:6f:73:c2:1d:89:fe:
                    cb:89:1c:28:a4:2f:27:4d:2b:bc:63:ce:b3:9b:d5:
                    74:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:CF:90:3E:7C:17:1C:53:79:63:B5:DC:35:1B:DC:B8:46:C6:5F:74
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9c6ab720-bcf1-4213-aee9-832ddfc3cf45.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.160.0.0/20

    Signature Algorithm: sha256WithRSAEncryption
         5c:8c:68:94:69:68:fe:bb:a1:67:89:52:52:0e:83:41:b6:54:
         d1:19:27:2a:8f:6b:f3:6c:56:2e:0f:b1:91:bb:f4:1a:00:b8:
         08:88:57:ee:5e:76:4d:6d:5b:ba:a3:c4:2c:1a:e6:e5:70:f1:
         7d:e8:9a:6f:a6:3d:b4:60:a6:0e:46:31:fd:21:b2:e5:69:83:
         20:1c:db:ad:11:b4:bc:c0:46:17:f1:38:a0:af:42:9a:89:3f:
         f7:89:53:f3:ac:53:d6:0c:cf:4e:c9:26:8a:57:8c:67:e1:99:
         fd:c5:1c:79:4e:00:69:ac:9c:16:fe:d5:f9:61:09:de:50:8d:
         6d:6f:1d:e7:16:ec:12:5b:55:e7:ce:07:0b:90:9b:4d:0c:72:
         18:94:b5:cd:bf:b2:ea:b1:3f:48:fe:18:75:16:0b:65:ff:fb:
         51:ce:c5:6d:17:35:2e:25:1a:60:9c:19:aa:9c:8e:a6:d0:ee:
         ff:1f:8a:fd:ff:39:81:86:d8:99:48:16:86:9c:08:c3:64:6b:
         b9:ff:50:64:21:16:35:58:3b:13:fd:47:d7:8d:fc:fd:a7:e8:
         e5:0f:ad:42:8e:fb:37:c3:5c:47:6d:67:64:18:4e:38:10:71:
         c0:01:87:57:8b:54:3c:96:d8:d5:bd:68:99:f0:1a:3b:cc:f3:
         2f:33:f5:e7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUT3w0ZutEZ7dtGG/+nIrkiEz9ixYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDMxMDAzMDA4WhcNMjUxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A0YTVmNTY3NWVlODdmMzg0ZmRhYzU3NTEwM2QwNDdkZjg2
ZWNlOTRiZmEyNzFhYWJkMDNhNDE3ZTEzMDk3NmEwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCd0kXwY05FbsqyYf1xu3ESeziFnjyhwmoe+G6kfr33zVv5
1HG2vIXsVc8gsgrZpzYgIhqwjiE8WLaQEOEWI6VkKif23L2Cf4lJQYSRNjL77aBH
uNI3j0NtPMP0CWwNJ6wkziwp/cEouShcMooGTHSytyRUG5mOe//bA7RG+RzchlsY
MAiDxJl7jSbt0tnx5TlmhB5/hLZwTTse07z5WnxtQRxk+DzZM93aCGwNBMMREL+w
9HdPseKSAiaea8emEgOpMlBxVzpoQmFXXpI0Xv+72JnIrk/MLOTVnxkFh4ggSSh0
mpekTX1/Mm9zwh2J/suJHCikLydNK7xjzrOb1XQ7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUq8+QPnwXHFN5Y7XcNRvcuEbGX3QwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzljNmFiNzIwLWJjZjEtNDIxMy1hZWU5LTgzMmRkZmMzY2Y0NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQNoAAwDQYJKoZIhvcNAQELBQADggEBAFyMaJRpaP67oWeJUlIOg0G2VNEZ
JyqPa/NsVi4PsZG79BoAuAiIV+5edk1tW7qjxCwa5uVw8X3omm+mPbRgpg5GMf0h
suVpgyAc260RtLzARhfxOKCvQpqJP/eJU/OsU9YMz07JJopXjGfhmf3FHHlOAGms
nBb+1flhCd5QjW1vHecW7BJbVefOBwuQm00MchiUtc2/suqxP0j+GHUWC2X/+1HO
xW0XNS4lGmCcGaqcjqbQ7v8fiv3/OYGG2JlIFoacCMNka7n/UGQhFjVYOxP9R9eN
/P2n6OUPrUKO+zfDXEdtZ2QYTjgQccABh1eLVDyW2NW9aJnwGjvM8y8z9ec=
-----END CERTIFICATE-----