Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c1e2410b-4363-4c0b-ab46-b6cc35c50be4.roa
File:                     c1e2410b-4363-4c0b-ab46-b6cc35c50be4.roa (raw, json)
Hash identifier:          Clg2ecL7PRbMiiqEXjjqq03oYeiLCBR2LNMy8plXdfY=
Subject key identifier:   D7:51:27:26:B1:77:25:E3:C8:2E:43:90:76:B0:AD:B0:5C:26:11:94
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1DA9DB5BE27D0657E8175FFB2876D8FADF808B88
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c1e2410b-4363-4c0b-ab46-b6cc35c50be4.roa
Signing time:             Fri 31 Oct 2025 00:30:14 +0000
ROA not before:           Fri 31 Oct 2025 00:30:14 +0000
ROA not after:            Fri 05 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        50.16.128.0/19 maxlen: 19
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:a9:db:5b:e2:7d:06:57:e8:17:5f:fb:28:76:d8:fa:df:80:8b:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 31 00:30:14 2025 GMT
            Not After : Dec  5 23:59:59 2025 GMT
        Subject: serialNumber=f609c76d7f0da0eb304a01fa5c1f81d3b4b7d1ef774170aa2c3f883cc382e360, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:26:d7:5d:51:0f:6f:3b:62:b9:d4:ca:c7:3c:
                    14:38:1a:80:a0:78:18:89:55:f6:6e:73:42:cd:51:
                    6d:f3:01:0e:06:6b:42:53:a0:6e:c4:f2:a8:0e:98:
                    27:ff:ce:46:8b:63:a4:b8:8d:da:8a:aa:ba:47:4b:
                    7a:e8:07:53:36:4d:e9:f0:1a:ee:42:44:73:b2:7b:
                    ec:55:22:b6:b0:ac:75:c4:85:60:04:5c:a7:e4:4e:
                    ef:7f:40:cd:eb:bf:81:a9:13:b6:1a:8a:c9:76:6d:
                    a0:52:03:b0:b1:3d:ab:ae:b8:97:9c:49:36:96:ee:
                    c7:37:f1:b6:b8:af:04:c9:06:68:fa:68:12:8a:78:
                    0e:68:53:f9:17:a5:9e:91:c2:b7:30:1d:40:7f:b4:
                    6e:fe:20:a8:13:48:a5:09:57:8a:0b:21:b4:7c:2f:
                    c0:7b:bc:2c:ac:25:d9:bc:84:fd:9b:c3:c6:ae:ca:
                    d3:66:70:60:4c:a3:b7:8c:0b:4f:61:62:45:06:87:
                    a3:23:68:60:f1:d9:4f:ec:67:42:47:b1:07:50:06:
                    7d:20:af:05:c1:71:3e:b7:f9:4e:b3:29:fc:54:2a:
                    9e:ba:84:2d:e8:7d:df:25:da:da:99:db:d7:db:40:
                    54:21:ca:b8:1e:01:a7:bc:13:b9:c0:96:8d:8d:05:
                    77:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:51:27:26:B1:77:25:E3:C8:2E:43:90:76:B0:AD:B0:5C:26:11:94
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c1e2410b-4363-4c0b-ab46-b6cc35c50be4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  50.16.128.0/19

    Signature Algorithm: sha256WithRSAEncryption
         6b:d8:be:1b:c2:99:40:96:23:12:5f:65:59:37:f7:d9:d6:a4:
         ed:bf:f7:26:c1:6c:99:03:a1:76:96:7a:e6:68:e7:c3:92:aa:
         11:4f:17:c7:94:1d:37:1d:57:78:8f:6f:6d:ac:90:b9:b8:e9:
         67:bf:69:df:40:e6:2e:04:84:f0:85:ee:02:52:e3:53:48:05:
         3e:6f:b0:49:96:82:75:26:16:4a:8b:68:4c:5a:e8:5e:47:bf:
         fd:31:72:3c:b5:1c:1d:09:6a:ad:ca:61:bd:64:9e:f9:f0:4a:
         7f:fa:e8:60:ba:24:67:a1:95:ea:fe:cb:20:d4:23:ad:61:94:
         19:bb:7c:56:9b:17:11:a8:1e:f9:38:1e:0c:d2:85:cc:f7:1c:
         4d:f8:89:33:ae:11:21:ef:3d:d5:18:12:e8:d3:e9:eb:bc:0c:
         35:86:55:c7:b2:65:fc:dd:3b:ea:92:e9:6e:cb:7e:d1:e7:4f:
         98:fa:8d:8d:9d:a7:b8:ea:27:d8:e5:76:24:39:7f:14:59:56:
         14:6a:37:3f:8d:9f:9a:51:92:73:10:17:95:39:fc:d3:86:1c:
         46:09:2b:4b:9e:5f:ca:c6:5e:96:59:57:23:7c:02:89:b5:48:
         1f:4b:a5:c8:35:2e:a7:c0:72:f1:9e:56:25:7c:20:e3:8a:b1:
         96:94:b0:17
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUHanbW+J9BlfoF1/7KHbY+t+Ai4gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDMxMDAzMDE0WhcNMjUxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BmNjA5Yzc2ZDdmMGRhMGViMzA0YTAxZmE1YzFmODFkM2I0
YjdkMWVmNzc0MTcwYWEyYzNmODgzY2MzODJlMzYwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCeJtddUQ9vO2K51MrHPBQ4GoCgeBiJVfZuc0LNUW3zAQ4G
a0JToG7E8qgOmCf/zkaLY6S4jdqKqrpHS3roB1M2TenwGu5CRHOye+xVIrawrHXE
hWAEXKfkTu9/QM3rv4GpE7Yaisl2baBSA7CxPauuuJecSTaW7sc38ba4rwTJBmj6
aBKKeA5oU/kXpZ6RwrcwHUB/tG7+IKgTSKUJV4oLIbR8L8B7vCysJdm8hP2bw8au
ytNmcGBMo7eMC09hYkUGh6MjaGDx2U/sZ0JHsQdQBn0grwXBcT63+U6zKfxUKp66
hC3ofd8l2tqZ29fbQFQhyrgeAae8E7nAlo2NBXd3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU11EnJrF3JePILkOQdrCtsFwmEZQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2MxZTI0MTBiLTQzNjMtNGMwYi1hYjQ2LWI2Y2MzNWM1MGJlNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAUyEIAwDQYJKoZIhvcNAQELBQADggEBAGvYvhvCmUCWIxJfZVk399nWpO2/
9ybBbJkDoXaWeuZo58OSqhFPF8eUHTcdV3iPb22skLm46We/ad9A5i4EhPCF7gJS
41NIBT5vsEmWgnUmFkqLaExa6F5Hv/0xcjy1HB0Jaq3KYb1knvnwSn/66GC6JGeh
ler+yyDUI61hlBm7fFabFxGoHvk4HgzShcz3HE34iTOuESHvPdUYEujT6eu8DDWG
VceyZfzdO+qS6W7LftHnT5j6jY2dp7jqJ9jldiQ5fxRZVhRqNz+Nn5pRknMQF5U5
/NOGHEYJK0ueX8rGXpZZVyN8Aom1SB9Lpcg1LqfAcvGeViV8IOOKsZaUsBc=
-----END CERTIFICATE-----