Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b397d45c-b1e5-4ff4-ba96-1f1c1039ca3b.roa
File:                     b397d45c-b1e5-4ff4-ba96-1f1c1039ca3b.roa (raw, json)
Hash identifier:          daKVu7YJOFEOOGCPXGNBpqjQxiY/iEwGZsNJ1ahOkG8=
Subject key identifier:   94:0D:85:09:44:5C:0E:43:7C:54:68:88:BE:83:2B:92:D2:A1:62:14
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3822BA3891ED40CC2937646861996E7927363180
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b397d45c-b1e5-4ff4-ba96-1f1c1039ca3b.roa
Signing time:             Fri 31 Oct 2025 01:01:00 +0000
ROA not before:           Fri 31 Oct 2025 01:01:00 +0000
ROA not after:            Fri 05 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.154.40.0/21 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:22:ba:38:91:ed:40:cc:29:37:64:68:61:99:6e:79:27:36:31:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 31 01:01:00 2025 GMT
            Not After : Dec  5 23:59:59 2025 GMT
        Subject: serialNumber=74adba228779202f23a51c3b19b5111b38bf17cb2b43938d34390977419f7c02, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:d9:96:9c:b2:f4:7d:97:61:e1:b9:4c:93:b8:
                    af:a6:68:0b:60:d2:a6:68:cb:ce:7c:7e:a9:c2:4d:
                    3d:a9:79:2f:b7:e5:fd:7a:62:5d:ac:ab:55:be:ef:
                    ed:42:2d:41:53:ae:b0:28:78:44:fa:97:36:7e:f0:
                    9b:06:ac:5b:5a:e7:b3:86:b8:be:ba:8c:eb:cc:2d:
                    d8:15:9d:25:85:65:5d:3d:a4:ff:27:19:a9:c9:27:
                    a7:1d:5e:d8:4d:8a:04:e5:e9:40:44:b7:2a:f2:13:
                    78:d2:3d:93:60:81:81:07:f7:14:b6:80:e0:f5:84:
                    04:1d:f0:96:a1:98:01:f7:b2:a2:19:ef:76:8c:ae:
                    79:53:62:57:14:09:08:6a:7b:4e:f5:64:20:1d:b1:
                    dc:92:42:b3:07:67:e6:1b:8f:6a:05:9e:f5:19:e7:
                    69:62:6d:ee:5c:b0:4f:dd:e7:28:4c:39:63:b2:f9:
                    55:7f:1e:0d:7d:c6:16:1d:01:b3:2a:d9:eb:b6:3c:
                    7d:32:a3:db:4c:2f:ba:26:8e:c4:20:fb:36:79:b3:
                    e1:a6:f2:62:e4:3c:db:03:25:50:62:2a:64:4a:6f:
                    02:4a:62:cd:c8:3b:0a:3b:6d:6c:5e:ae:52:c0:16:
                    db:e7:d0:47:03:9d:ce:7b:a8:e4:a7:5f:0d:0b:0e:
                    a7:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:0D:85:09:44:5C:0E:43:7C:54:68:88:BE:83:2B:92:D2:A1:62:14
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b397d45c-b1e5-4ff4-ba96-1f1c1039ca3b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.154.40.0/21

    Signature Algorithm: sha256WithRSAEncryption
         d6:94:2f:d2:3c:2d:94:16:44:bc:3c:bc:f5:eb:f7:4b:e6:5a:
         42:8b:6c:56:bc:37:d8:b6:03:bf:ba:ab:47:e4:7f:0c:48:2a:
         ed:54:91:ca:89:41:a7:8e:c2:91:4b:43:64:84:17:80:b0:5e:
         ac:05:f4:a2:89:a2:c7:06:6b:68:d4:01:b7:4a:da:3c:26:d2:
         4e:96:da:84:b1:82:f4:b4:80:34:fa:08:e3:e0:2c:0e:9d:ac:
         d4:b1:ab:97:3f:12:6b:b0:ce:77:e2:a7:31:5d:a9:25:ed:48:
         87:df:e0:ad:17:eb:9a:22:45:15:d9:97:f8:d8:a8:96:33:62:
         26:46:79:50:ea:d7:ad:5b:42:d8:ea:64:29:29:ab:cc:39:31:
         ea:43:2d:2e:f6:5c:01:87:15:0d:01:60:bb:27:7a:35:05:45:
         63:26:90:a0:36:c2:b4:5b:6c:a7:f0:ea:ba:85:35:a6:82:3a:
         19:7a:4e:62:9b:dc:d7:a6:87:7b:f9:a2:0e:f5:0b:88:d7:7c:
         45:5e:96:77:7c:72:e3:c1:ff:2c:58:83:22:56:71:90:0b:b5:
         91:3a:0c:85:f1:b5:fe:66:a0:26:90:77:ac:7f:df:09:f4:a1:
         16:35:7b:f3:7f:dc:09:a9:24:7c:0d:0f:99:2f:43:d9:4d:e2:
         22:e4:0b:df
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOCK6OJHtQMwpN2RoYZlueSc2MYAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDMxMDEwMTAwWhcNMjUxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A3NGFkYmEyMjg3NzkyMDJmMjNhNTFjM2IxOWI1MTExYjM4
YmYxN2NiMmI0MzkzOGQzNDM5MDk3NzQxOWY3YzAyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCd2ZacsvR9l2HhuUyTuK+maAtg0qZoy858fqnCTT2peS+3
5f16Yl2sq1W+7+1CLUFTrrAoeET6lzZ+8JsGrFta57OGuL66jOvMLdgVnSWFZV09
pP8nGanJJ6cdXthNigTl6UBEtyryE3jSPZNggYEH9xS2gOD1hAQd8JahmAH3sqIZ
73aMrnlTYlcUCQhqe071ZCAdsdySQrMHZ+Ybj2oFnvUZ52libe5csE/d5yhMOWOy
+VV/Hg19xhYdAbMq2eu2PH0yo9tML7omjsQg+zZ5s+Gm8mLkPNsDJVBiKmRKbwJK
Ys3IOwo7bWxerlLAFtvn0EcDnc57qOSnXw0LDqcVAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUlA2FCURcDkN8VGiIvoMrktKhYhQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2IzOTdkNDVjLWIxZTUtNGZmNC1iYTk2LTFmMWMxMDM5Y2EzYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMNmigwDQYJKoZIhvcNAQELBQADggEBANaUL9I8LZQWRLw8vPXr90vmWkKL
bFa8N9i2A7+6q0fkfwxIKu1UkcqJQaeOwpFLQ2SEF4CwXqwF9KKJoscGa2jUAbdK
2jwm0k6W2oSxgvS0gDT6COPgLA6drNSxq5c/EmuwznfipzFdqSXtSIff4K0X65oi
RRXZl/jYqJYzYiZGeVDq161bQtjqZCkpq8w5MepDLS72XAGHFQ0BYLsnejUFRWMm
kKA2wrRbbKfw6rqFNaaCOhl6TmKb3Nemh3v5og71C4jXfEVelnd8cuPB/yxYgyJW
cZALtZE6DIXxtf5moCaQd6x/3wn0oRY1e/N/3AmpJHwND5kvQ9lN4iLkC98=
-----END CERTIFICATE-----