Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c96c7d16-98f4-430b-900c-b555bb1ceb1f.roa
File:                     c96c7d16-98f4-430b-900c-b555bb1ceb1f.roa (raw, json)
Hash identifier:          6eFzplfzmMfE1nZoCzu5JnsQQqDGyjffHFpXljLjrcQ=
Subject key identifier:   44:EF:29:83:CF:53:05:6B:E4:A0:AC:3E:24:D9:2B:F4:79:DA:59:7D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       566E49FB53E7D9CFEEA65F9E0E0E4B0478700884
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c96c7d16-98f4-430b-900c-b555bb1ceb1f.roa
Signing time:             Fri 31 Oct 2025 00:10:44 +0000
ROA not before:           Fri 31 Oct 2025 00:10:44 +0000
ROA not after:            Fri 05 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        50.18.160.0/19 maxlen: 19
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:6e:49:fb:53:e7:d9:cf:ee:a6:5f:9e:0e:0e:4b:04:78:70:08:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 31 00:10:44 2025 GMT
            Not After : Dec  5 23:59:59 2025 GMT
        Subject: serialNumber=a483e938ecc840cf81f103dc032c041e81fdb44a125e44b078578140a166022e, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:18:64:ae:6e:9f:a4:1a:78:0e:32:f9:2a:99:
                    e7:f7:ff:e0:7c:88:78:2a:96:21:74:02:31:87:98:
                    a6:e4:14:2c:8d:46:ef:c7:b3:58:a0:94:33:50:9e:
                    87:de:93:17:6b:2c:5e:f7:fd:89:00:0a:68:29:d2:
                    af:ab:68:aa:d1:31:6b:4c:1e:b0:32:a8:4f:73:05:
                    58:cf:b9:df:85:e0:4d:08:b7:89:c6:15:23:5b:e6:
                    77:a3:7c:8d:29:7c:9f:01:33:04:9b:16:80:0b:98:
                    c6:c5:23:74:29:d1:5b:0a:15:4d:68:cb:aa:21:69:
                    01:d8:8d:2a:02:15:62:49:80:2b:26:d6:22:4a:b5:
                    63:4e:a2:3d:b1:60:1a:ed:8b:ab:ca:65:20:d5:64:
                    48:4b:c0:66:34:9a:6a:32:99:ac:08:e4:7c:1d:20:
                    37:81:d9:1a:01:82:4b:45:6b:f1:9a:e3:3f:d8:60:
                    15:31:ad:f9:ee:28:6c:ac:e2:09:45:e3:1c:96:9d:
                    31:7f:0d:87:0b:b9:c8:52:a0:03:7c:9a:3d:cc:e5:
                    54:64:54:dd:1f:16:bc:1e:bc:16:bd:64:c9:62:bc:
                    c0:db:e0:35:5c:e3:e1:59:a4:c9:4f:b9:76:0c:d0:
                    cf:ac:5d:47:f9:48:fc:65:c2:9a:e5:6f:9b:01:83:
                    5a:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:EF:29:83:CF:53:05:6B:E4:A0:AC:3E:24:D9:2B:F4:79:DA:59:7D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c96c7d16-98f4-430b-900c-b555bb1ceb1f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  50.18.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         65:99:34:20:0d:ff:56:56:dd:d9:5d:90:81:d4:51:bc:bb:86:
         6c:4c:aa:59:cd:cf:7e:ee:9f:72:92:9a:f9:77:9c:b9:f1:db:
         9d:98:65:b3:75:ab:27:d5:96:50:e4:6a:28:05:39:bd:c1:db:
         12:49:ff:2e:ea:59:ab:78:cf:e5:3c:65:7e:9b:34:f8:e7:37:
         7f:af:c4:50:85:f0:5b:68:fd:04:7e:bb:be:97:fb:b5:63:2f:
         5c:92:74:ae:b3:d0:da:f0:09:8a:66:cd:2e:56:e0:27:b3:f8:
         49:51:7a:5c:6c:b9:90:d4:25:88:2d:f1:36:12:ec:dc:58:73:
         2f:32:ee:a6:b8:d0:66:7c:c0:da:29:c2:b3:02:12:d5:9d:b5:
         89:22:06:26:cb:e0:41:cd:2c:0e:65:4f:36:e1:56:80:c7:c1:
         60:65:b3:2d:78:86:1f:91:0b:23:88:a5:94:4d:23:ac:b0:e8:
         fa:4a:44:76:0d:1c:3c:b6:85:6c:ce:cb:58:5b:c4:ed:9e:53:
         ea:ae:3d:7f:0f:2d:fd:a1:b6:ce:b2:88:59:ef:e4:33:5c:9d:
         f3:e3:3b:f8:2d:9e:f1:1a:3e:ba:7f:e5:de:53:fe:15:f6:39:
         34:ea:3c:d9:c4:f6:9b:c5:77:03:95:34:6a:b5:90:85:f5:67:
         2f:ba:4b:75
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVm5J+1Pn2c/upl+eDg5LBHhwCIQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDMxMDAxMDQ0WhcNMjUxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BhNDgzZTkzOGVjYzg0MGNmODFmMTAzZGMwMzJjMDQxZTgx
ZmRiNDRhMTI1ZTQ0YjA3ODU3ODE0MGExNjYwMjJlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQClGGSubp+kGngOMvkqmef3/+B8iHgqliF0AjGHmKbkFCyN
Ru/Hs1iglDNQnofekxdrLF73/YkACmgp0q+raKrRMWtMHrAyqE9zBVjPud+F4E0I
t4nGFSNb5nejfI0pfJ8BMwSbFoALmMbFI3Qp0VsKFU1oy6ohaQHYjSoCFWJJgCsm
1iJKtWNOoj2xYBrti6vKZSDVZEhLwGY0mmoymawI5HwdIDeB2RoBgktFa/Ga4z/Y
YBUxrfnuKGys4glF4xyWnTF/DYcLuchSoAN8mj3M5VRkVN0fFrwevBa9ZMlivMDb
4DVc4+FZpMlPuXYM0M+sXUf5SPxlwprlb5sBg1oFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQURO8pg89TBWvkoKw+JNkr9HnaWX0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M5NmM3ZDE2LTk4ZjQtNDMwYi05MDBjLWI1NTViYjFjZWIxZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAUyEqAwDQYJKoZIhvcNAQELBQADggEBAGWZNCAN/1ZW3dldkIHUUby7hmxM
qlnNz37un3KSmvl3nLnx252YZbN1qyfVllDkaigFOb3B2xJJ/y7qWat4z+U8ZX6b
NPjnN3+vxFCF8Fto/QR+u76X+7VjL1ySdK6z0NrwCYpmzS5W4Cez+ElRelxsuZDU
JYgt8TYS7NxYcy8y7qa40GZ8wNopwrMCEtWdtYkiBibL4EHNLA5lTzbhVoDHwWBl
sy14hh+RCyOIpZRNI6yw6PpKRHYNHDy2hWzOy1hbxO2eU+quPX8PLf2hts6yiFnv
5DNcnfPjO/gtnvEaPrp/5d5T/hX2OTTqPNnE9pvFdwOVNGq1kIX1Zy+6S3U=
-----END CERTIFICATE-----