Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e6e9b9fb-e99e-4c6a-8361-c0cdb753a055.roa
File:                     e6e9b9fb-e99e-4c6a-8361-c0cdb753a055.roa (raw, json)
Hash identifier:          9u3IGEqMwoe7AJwis95NXx0J1IhSyOYLa/r90h2Kijc=
Subject key identifier:   BD:5A:32:30:0A:83:30:98:5A:4F:14:8C:D3:39:3E:F3:7A:86:CC:38
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       63B5CED20E096E8D6ECE7AE4111AF14D35E35C1C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e6e9b9fb-e99e-4c6a-8361-c0cdb753a055.roa
Signing time:             Tue 21 Oct 2025 00:20:58 +0000
ROA not before:           Tue 21 Oct 2025 00:20:58 +0000
ROA not after:            Tue 25 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        56.71.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:b5:ce:d2:0e:09:6e:8d:6e:ce:7a:e4:11:1a:f1:4d:35:e3:5c:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 21 00:20:58 2025 GMT
            Not After : Nov 25 23:59:59 2025 GMT
        Subject: serialNumber=6e27fdafff12f3783cd6a6233c18b8deabd6439aaf481fe023f05e4340cd7fe8, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:fd:c1:f8:55:cf:fa:fa:d6:1a:7d:71:9a:32:
                    7c:3e:c2:34:00:15:f2:0e:e0:93:f8:50:40:80:65:
                    69:68:0c:97:69:13:21:a7:29:d9:1c:93:72:58:49:
                    65:94:eb:5c:7c:4f:40:6c:b9:4d:51:48:13:12:1d:
                    b1:8f:f7:dd:6b:62:08:5e:93:09:04:66:e4:30:f4:
                    fe:d2:9e:2b:da:d5:03:b6:25:bb:29:47:83:72:b3:
                    12:44:b6:7e:0e:aa:5b:de:ba:c5:bf:59:33:c1:90:
                    35:40:c5:a4:f1:d9:9e:dc:5f:3b:db:53:c6:cf:d4:
                    9b:b0:2a:31:08:c7:ae:e4:83:3c:f8:81:45:d0:4a:
                    4e:7a:e8:77:f1:ca:c9:51:ef:87:27:29:01:8e:b4:
                    0f:b9:ad:4c:3c:04:94:00:90:ee:29:71:6f:c1:04:
                    8b:72:70:44:b5:73:ab:fd:3d:e6:57:4d:ce:dc:97:
                    10:f8:26:60:13:82:67:d5:0e:ed:75:50:68:3a:ae:
                    86:0b:94:a4:84:15:a8:30:3b:03:27:9d:45:9a:30:
                    8f:1c:44:d7:27:eb:8d:23:4d:bc:4c:81:66:81:4c:
                    27:6b:d8:86:0d:ac:48:41:29:70:bc:2d:05:e1:c9:
                    c4:29:ce:04:b8:c2:21:fd:d9:21:d9:9e:3b:eb:e5:
                    41:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:5A:32:30:0A:83:30:98:5A:4F:14:8C:D3:39:3E:F3:7A:86:CC:38
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e6e9b9fb-e99e-4c6a-8361-c0cdb753a055.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.71.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         d1:cd:ca:68:91:7f:6c:4a:10:51:92:14:6b:49:60:39:bf:d5:
         b0:2c:09:e5:37:b2:17:3b:40:ca:c0:92:47:71:b7:2a:e1:4b:
         59:f8:13:2f:28:a6:ad:56:83:ba:0f:db:b8:04:9a:cd:49:89:
         44:02:96:96:ae:d6:d5:9e:79:f4:55:4a:2c:58:eb:9b:47:5d:
         b7:f9:e7:ec:75:47:6c:1d:8a:62:81:be:96:63:e2:88:f9:2f:
         5b:e3:87:ab:1e:23:10:52:34:a9:61:49:30:18:ed:93:0e:11:
         16:35:04:4d:b9:de:9b:56:f3:c8:91:bc:99:f9:0e:47:c0:32:
         d9:cf:d5:ed:64:38:e5:8e:cf:69:b8:ad:f9:5a:a4:a3:b8:87:
         55:18:36:f5:31:f4:a3:a0:f5:67:6a:63:31:fd:7f:1c:27:ca:
         0d:b2:d4:16:6e:3c:68:0d:45:e7:67:9a:0e:b7:3d:b1:00:8f:
         76:88:9c:ed:17:aa:01:e9:69:e3:1a:6d:a0:c8:29:06:fa:7a:
         eb:e3:c6:8f:82:01:cf:14:71:58:31:1a:05:ec:15:09:18:df:
         2d:c5:fd:b9:01:bc:c7:22:93:df:36:12:7b:79:c1:7c:f6:9b:
         ed:a7:41:ce:91:86:93:3c:0f:46:2c:32:bf:00:49:5f:96:9e:
         f7:c8:86:03
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUY7XO0g4Jbo1uznrkERrxTTXjXBwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIxMDAyMDU4WhcNMjUxMTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A2ZTI3ZmRhZmZmMTJmMzc4M2NkNmE2MjMzYzE4YjhkZWFi
ZDY0MzlhYWY0ODFmZTAyM2YwNWU0MzQwY2Q3ZmU4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCP/cH4Vc/6+tYafXGaMnw+wjQAFfIO4JP4UECAZWloDJdp
EyGnKdkck3JYSWWU61x8T0BsuU1RSBMSHbGP991rYghekwkEZuQw9P7Sniva1QO2
JbspR4NysxJEtn4OqlveusW/WTPBkDVAxaTx2Z7cXzvbU8bP1JuwKjEIx67kgzz4
gUXQSk566HfxyslR74cnKQGOtA+5rUw8BJQAkO4pcW/BBItycES1c6v9PeZXTc7c
lxD4JmATgmfVDu11UGg6roYLlKSEFagwOwMnnUWaMI8cRNcn640jTbxMgWaBTCdr
2IYNrEhBKXC8LQXhycQpzgS4wiH92SHZnjvr5UGfAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUvVoyMAqDMJhaTxSM0zk+83qGzDgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U2ZTliOWZiLWU5OWUtNGM2YS04MzYxLWMwY2RiNzUzYTA1NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4RzANBgkqhkiG9w0BAQsFAAOCAQEA0c3KaJF/bEoQUZIUa0lgOb/VsCwJ
5TeyFztAysCSR3G3KuFLWfgTLyimrVaDug/buASazUmJRAKWlq7W1Z559FVKLFjr
m0ddt/nn7HVHbB2KYoG+lmPiiPkvW+OHqx4jEFI0qWFJMBjtkw4RFjUETbnem1bz
yJG8mfkOR8Ay2c/V7WQ45Y7Pabit+Vqko7iHVRg29TH0o6D1Z2pjMf1/HCfKDbLU
Fm48aA1F52eaDrc9sQCPdoic7ReqAelp4xptoMgpBvp66+PGj4IBzxRxWDEaBewV
CRjfLcX9uQG8xyKT3zYSe3nBfPab7adBzpGGkzwPRiwyvwBJX5ae98iGAw==
-----END CERTIFICATE-----