Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c157daeb-02b3-4c76-8856-8cd67b712856.roa
File:                     c157daeb-02b3-4c76-8856-8cd67b712856.roa (raw, json)
Hash identifier:          v7Z8+wq69uSFM9e1V+qvrWeCj1ypYE59VBsuALT8Tnw=
Subject key identifier:   E0:21:D7:37:81:06:D0:CE:E1:A4:79:70:F1:DE:59:70:30:EA:FF:E6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       57F50992BBD17C6C7CC56E5353CBFA353CA6FE3C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c157daeb-02b3-4c76-8856-8cd67b712856.roa
Signing time:             Sun 26 Oct 2025 00:50:07 +0000
ROA not before:           Sun 26 Oct 2025 00:50:07 +0000
ROA not after:            Sun 30 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        57.75.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:f5:09:92:bb:d1:7c:6c:7c:c5:6e:53:53:cb:fa:35:3c:a6:fe:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 26 00:50:07 2025 GMT
            Not After : Nov 30 23:59:59 2025 GMT
        Subject: serialNumber=ea319a722ac9df8a75683d94393db2c10d4d2a84afbdb4da7de2839003392b21, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:61:af:d1:76:90:cc:89:49:28:72:9c:9c:5d:
                    b3:48:97:a7:d4:be:a6:fe:77:a6:26:a6:db:03:f3:
                    a3:43:2b:a4:36:94:a3:41:98:30:b0:73:14:20:e5:
                    e0:ee:b3:7b:89:2c:ca:01:aa:3b:4e:ae:70:fb:3c:
                    5e:40:e5:0d:86:a3:91:c4:eb:7e:97:b0:f8:6b:50:
                    49:f9:c9:1d:31:5a:7a:6b:fd:43:97:dd:9a:a9:a3:
                    0e:e4:c8:0d:f8:94:88:09:26:27:58:55:35:b9:6d:
                    5e:f8:a3:92:cc:de:fc:32:60:45:af:d8:53:46:a9:
                    e9:45:ef:e9:41:c6:b4:d4:68:bd:7c:f8:fe:39:35:
                    91:2b:19:58:94:df:23:ac:09:de:27:19:71:e0:5d:
                    87:dc:58:8e:73:ec:55:79:95:e2:59:09:f6:5c:89:
                    3e:6d:ab:bc:7f:20:de:26:82:cd:1f:51:1b:95:3d:
                    d4:90:a4:f8:5c:46:81:d0:db:14:6d:c7:a2:98:f6:
                    f4:aa:ae:ef:91:49:58:5b:c4:35:73:e1:c5:c2:ee:
                    76:42:84:02:9b:3c:fc:48:57:9a:08:9b:db:4f:0c:
                    e0:28:df:a3:cd:d9:fa:38:98:f9:d9:8e:a8:7f:c5:
                    fa:c0:8f:13:5c:58:ac:51:4f:13:c7:32:d4:93:18:
                    fd:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:21:D7:37:81:06:D0:CE:E1:A4:79:70:F1:DE:59:70:30:EA:FF:E6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c157daeb-02b3-4c76-8856-8cd67b712856.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  57.75.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         c2:60:cd:0d:60:7f:bc:78:dc:22:68:cb:c2:c8:1a:17:2f:78:
         25:3e:ae:a9:83:01:b5:75:b8:9a:3b:9e:a9:19:29:b7:8c:6d:
         a6:99:fb:6b:d9:e0:a7:32:90:82:28:0d:a2:55:aa:c5:65:ef:
         89:84:ca:1c:a4:52:6e:68:fd:8d:df:e5:86:69:89:c9:e7:97:
         5a:98:30:c9:89:c1:b8:79:eb:16:a7:b2:f0:e3:eb:3a:7e:32:
         5f:1b:2a:47:b6:29:72:b6:02:1f:96:15:9c:08:e0:3d:24:c1:
         8b:42:21:e6:9d:ca:59:52:18:dc:25:9c:bd:04:dd:2f:9a:af:
         54:15:ce:f0:53:c9:a1:11:1a:f1:50:a3:78:48:ea:3c:d7:40:
         db:86:86:04:08:9c:c1:99:6e:db:25:3a:09:a8:25:7d:fc:07:
         cb:cc:e6:93:7b:54:c6:c7:b6:10:cb:df:28:f8:d9:2b:30:f7:
         de:de:e1:c0:3a:84:a6:a8:c3:87:07:b5:9e:b1:f6:b5:f2:ca:
         86:6a:29:13:05:1a:07:34:27:e8:a8:36:21:bb:ce:49:01:00:
         ab:43:44:c9:37:6d:8b:70:10:1f:ba:67:b5:06:a4:20:50:00:
         d6:f0:b7:31:30:a0:c8:b8:ca:a5:be:9b:c9:1d:fe:bd:a7:51:
         a0:91:d2:25
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUV/UJkrvRfGx8xW5TU8v6NTym/jwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI2MDA1MDA3WhcNMjUxMTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BlYTMxOWE3MjJhYzlkZjhhNzU2ODNkOTQzOTNkYjJjMTBk
NGQyYTg0YWZiZGI0ZGE3ZGUyODM5MDAzMzkyYjIxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvYa/RdpDMiUkocpycXbNIl6fUvqb+d6YmptsD86NDK6Q2
lKNBmDCwcxQg5eDus3uJLMoBqjtOrnD7PF5A5Q2Go5HE636XsPhrUEn5yR0xWnpr
/UOX3Zqpow7kyA34lIgJJidYVTW5bV74o5LM3vwyYEWv2FNGqelF7+lBxrTUaL18
+P45NZErGViU3yOsCd4nGXHgXYfcWI5z7FV5leJZCfZciT5tq7x/IN4mgs0fURuV
PdSQpPhcRoHQ2xRtx6KY9vSqru+RSVhbxDVz4cXC7nZChAKbPPxIV5oIm9tPDOAo
36PN2fo4mPnZjqh/xfrAjxNcWKxRTxPHMtSTGP0xAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU4CHXN4EG0M7hpHlw8d5ZcDDq/+YwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2MxNTdkYWViLTAyYjMtNGM3Ni04ODU2LThjZDY3YjcxMjg1Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA5SzANBgkqhkiG9w0BAQsFAAOCAQEAwmDNDWB/vHjcImjLwsgaFy94JT6u
qYMBtXW4mjueqRkpt4xtppn7a9ngpzKQgigNolWqxWXviYTKHKRSbmj9jd/lhmmJ
yeeXWpgwyYnBuHnrFqey8OPrOn4yXxsqR7YpcrYCH5YVnAjgPSTBi0Ih5p3KWVIY
3CWcvQTdL5qvVBXO8FPJoREa8VCjeEjqPNdA24aGBAicwZlu2yU6CaglffwHy8zm
k3tUxse2EMvfKPjZKzD33t7hwDqEpqjDhwe1nrH2tfLKhmopEwUaBzQn6Kg2IbvO
SQEAq0NEyTdti3AQH7pntQakIFAA1vC3MTCgyLjKpb6byR3+vadRoJHSJQ==
-----END CERTIFICATE-----