Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a08ba7ca-e89d-4d87-8eb3-23f2061ec4f1.roa
File:                     a08ba7ca-e89d-4d87-8eb3-23f2061ec4f1.roa (raw, json)
Hash identifier:          9hEfSYQezRgB58yEcUzJwOlsxTtGJ9E1/AYBNd39Z+M=
Subject key identifier:   14:12:0E:DB:B0:DC:C8:00:9D:69:08:70:76:9C:AB:CA:DE:75:4F:DB
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6DDDCD93BD508F41081CD6EED9B9211A8F2E40F0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a08ba7ca-e89d-4d87-8eb3-23f2061ec4f1.roa
Signing time:             Wed 05 Nov 2025 00:10:44 +0000
ROA not before:           Wed 05 Nov 2025 00:10:44 +0000
ROA not after:            Wed 10 Dec 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        16.64.0.0/17 maxlen: 17
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:dd:cd:93:bd:50:8f:41:08:1c:d6:ee:d9:b9:21:1a:8f:2e:40:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  5 00:10:44 2025 GMT
            Not After : Dec 10 23:59:59 2025 GMT
        Subject: serialNumber=c40a35f3fb7f4087ce8295409fc601404a915ef2f866763becf570c963723324, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:65:24:ee:7d:2f:9f:30:06:b3:ed:c5:e5:40:
                    03:db:65:a3:1b:85:44:4e:51:b4:6d:5f:5b:43:6b:
                    e6:1d:2a:d2:1b:18:00:12:00:d6:4d:5a:ed:3a:ce:
                    00:e6:e8:6d:5a:1c:c1:af:c4:34:b8:9b:b2:de:1b:
                    dd:c8:fc:d1:34:7a:3a:46:88:6e:18:c1:4e:2a:ac:
                    a6:bd:a3:01:95:c3:94:54:13:4b:0e:67:65:1b:50:
                    2c:50:d8:10:00:5d:cc:43:ad:64:26:fb:85:bc:2e:
                    59:6b:95:d9:70:7d:1f:08:6d:76:ae:17:e3:40:96:
                    9a:e9:45:06:50:63:45:b6:d0:75:be:ca:77:ba:94:
                    ae:f8:ee:89:46:8f:d6:7a:60:bc:9d:80:1c:d6:5c:
                    f8:53:56:f5:67:b2:1f:47:16:c4:e5:db:32:33:4f:
                    a9:ff:fe:e9:3e:61:c7:91:92:50:04:9a:b9:ec:ab:
                    8b:82:0f:ae:8e:d7:ab:bc:60:c0:ac:df:99:dd:df:
                    ac:c7:29:73:64:02:e7:7d:42:14:8c:c2:70:60:76:
                    7e:17:de:ae:df:2b:0b:31:98:48:c1:74:38:91:fb:
                    64:32:60:ce:b7:86:03:dc:4d:fa:42:73:9e:68:73:
                    58:da:e5:65:58:42:ce:cf:e3:6e:6f:46:e0:df:47:
                    56:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:12:0E:DB:B0:DC:C8:00:9D:69:08:70:76:9C:AB:CA:DE:75:4F:DB
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a08ba7ca-e89d-4d87-8eb3-23f2061ec4f1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.64.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         82:22:29:71:e9:e7:c4:7c:48:e5:2d:a9:f3:b6:85:ed:72:32:
         6a:6d:71:17:d3:46:15:9e:c4:e4:14:3d:3e:27:df:64:f9:3c:
         f0:b8:e9:e5:7b:52:41:52:80:75:b0:96:58:15:89:04:8a:0d:
         f8:b6:72:bf:7d:6b:85:2d:13:cd:c9:d5:69:ca:b0:bc:04:3f:
         86:de:d9:3c:c1:7d:2d:83:bf:aa:c7:1b:1d:b6:ae:42:22:66:
         d1:e3:e4:d6:e3:3f:7b:a5:d6:66:f4:15:b5:f4:15:23:f6:3e:
         a9:ed:12:e8:b8:5b:0c:ad:d0:10:ce:5e:ac:0f:72:1e:60:57:
         47:63:84:5a:37:98:8c:ca:47:36:a3:98:9b:a3:8d:84:15:5a:
         c6:53:f6:a0:0b:a5:74:ce:02:52:77:d2:76:3c:42:fd:bb:8a:
         90:46:f5:a6:1e:d7:6f:48:54:57:fb:7b:e3:35:ba:1d:b6:9b:
         6f:5f:a5:ce:25:08:79:0b:53:b4:4c:ed:7a:73:ff:7d:54:f9:
         c1:a2:a7:ca:60:19:ce:8e:b8:56:47:43:cc:36:8b:9c:d1:a2:
         f2:8a:cc:f2:c5:26:95:74:c0:8a:1d:66:5a:c4:94:9b:78:ec:
         14:91:af:75:29:4c:b8:27:e7:a4:c5:a2:71:f3:da:b4:98:c8:
         10:93:59:f4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbd3Nk71Qj0EIHNbu2bkhGo8uQPAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTA1MDAxMDQ0WhcNMjUxMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BjNDBhMzVmM2ZiN2Y0MDg3Y2U4Mjk1NDA5ZmM2MDE0MDRh
OTE1ZWYyZjg2Njc2M2JlY2Y1NzBjOTYzNzIzMzI0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDVZSTufS+fMAaz7cXlQAPbZaMbhUROUbRtX1tDa+YdKtIb
GAASANZNWu06zgDm6G1aHMGvxDS4m7LeG93I/NE0ejpGiG4YwU4qrKa9owGVw5RU
E0sOZ2UbUCxQ2BAAXcxDrWQm+4W8LllrldlwfR8IbXauF+NAlprpRQZQY0W20HW+
yne6lK747olGj9Z6YLydgBzWXPhTVvVnsh9HFsTl2zIzT6n//uk+YceRklAEmrns
q4uCD66O16u8YMCs35nd36zHKXNkAud9QhSMwnBgdn4X3q7fKwsxmEjBdDiR+2Qy
YM63hgPcTfpCc55oc1ja5WVYQs7P425vRuDfR1a7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUFBIO27DcyACdaQhwdpyryt51T9swHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2EwOGJhN2NhLWU4OWQtNGQ4Ny04ZWIzLTIzZjIwNjFlYzRmMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAcQQAAwDQYJKoZIhvcNAQELBQADggEBAIIiKXHp58R8SOUtqfO2he1yMmpt
cRfTRhWexOQUPT4n32T5PPC46eV7UkFSgHWwllgViQSKDfi2cr99a4UtE83J1WnK
sLwEP4be2TzBfS2Dv6rHGx22rkIiZtHj5NbjP3ul1mb0FbX0FSP2PqntEui4Wwyt
0BDOXqwPch5gV0djhFo3mIzKRzajmJujjYQVWsZT9qALpXTOAlJ30nY8Qv27ipBG
9aYe129IVFf7e+M1uh22m29fpc4lCHkLU7RM7Xpz/31U+cGip8pgGc6OuFZHQ8w2
i5zRovKKzPLFJpV0wIodZlrElJt47BSRr3UpTLgn56TFonHz2rSYyBCTWfQ=
-----END CERTIFICATE-----