Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e7024f23-e277-47d3-8cfa-36397ac62c94.roa
File:                     e7024f23-e277-47d3-8cfa-36397ac62c94.roa (raw, json)
Hash identifier:          RGyf6bEFuWkJea57blc7y3IuH5t51ExGdMcFtsWVIOc=
Subject key identifier:   A7:58:E9:42:A0:29:FD:87:E8:ED:EA:63:A1:45:81:AE:56:E5:33:EA
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7FE8005E66F3C09C5543B12A650BDA176930F692
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e7024f23-e277-47d3-8cfa-36397ac62c94.roa
Signing time:             Fri 31 Oct 2025 00:50:44 +0000
ROA not before:           Fri 31 Oct 2025 00:50:44 +0000
ROA not after:            Fri 05 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        50.18.152.0/21 maxlen: 21
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:e8:00:5e:66:f3:c0:9c:55:43:b1:2a:65:0b:da:17:69:30:f6:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 31 00:50:44 2025 GMT
            Not After : Dec  5 23:59:59 2025 GMT
        Subject: serialNumber=4a7a3787a27b4c807beb076549a74b2075d7e64dcdae4d5835bf9e567b1451e8, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:f2:48:fe:9a:16:2c:5b:08:b6:36:88:e0:86:
                    52:b1:cc:8d:21:db:d9:c5:ed:50:81:98:4b:a8:3c:
                    8e:ef:ff:3b:a4:d1:cc:3f:da:93:2d:01:0a:2e:ff:
                    ba:55:c5:03:82:b8:de:28:83:bc:83:3e:b7:08:ce:
                    72:f3:d0:11:5e:da:78:93:47:8f:46:fd:07:ba:6f:
                    5e:0c:06:7e:cb:63:af:ce:18:9e:e9:db:50:e3:b6:
                    b4:60:91:f8:3a:bf:31:a0:1d:a6:7f:3a:06:0f:37:
                    63:50:26:7e:a5:8b:80:45:38:fb:41:b4:04:d5:7e:
                    48:0a:a7:51:54:7b:e8:4d:e4:8b:cb:f7:5e:a7:06:
                    52:3c:9b:1d:e7:c0:b2:3f:6c:0a:58:2f:bb:84:33:
                    d8:cc:29:33:72:15:0b:51:06:b8:47:3c:82:ce:15:
                    0b:ac:e7:07:b8:15:ea:7a:e4:d7:ce:2f:d2:cd:02:
                    6d:41:c2:4b:a5:d2:b1:cc:1b:d6:3c:5d:97:a3:83:
                    f3:c6:80:bd:e5:07:be:6d:09:c2:f3:b1:52:a9:8c:
                    11:74:05:3f:7c:27:fe:a1:c4:94:9a:e6:4f:95:7a:
                    d0:83:2f:c9:25:23:30:cd:53:5d:aa:31:22:df:5f:
                    63:63:8c:01:43:33:31:61:f3:2e:71:a6:86:53:1b:
                    a3:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:58:E9:42:A0:29:FD:87:E8:ED:EA:63:A1:45:81:AE:56:E5:33:EA
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e7024f23-e277-47d3-8cfa-36397ac62c94.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  50.18.152.0/21

    Signature Algorithm: sha256WithRSAEncryption
         5f:28:66:61:cb:3b:42:9b:4c:89:0b:ae:6d:15:6a:3b:82:6f:
         5a:fa:fc:20:2a:2f:1a:c7:ff:2d:c3:d6:7f:ee:f0:dd:85:54:
         9e:7c:42:53:d8:cf:38:54:79:4c:01:3b:86:7e:71:6c:9c:4a:
         75:33:85:1f:25:19:c1:58:2d:f0:16:1b:d2:ca:02:7f:8c:29:
         9e:b1:06:f2:ef:b8:17:1c:94:cf:9b:23:54:2d:f7:c7:17:a9:
         7f:71:b3:d8:53:7e:ae:c6:c4:40:4d:97:13:c7:71:e4:11:c7:
         fe:27:d4:f9:25:f8:9a:f2:d8:d7:8a:77:44:40:3b:1e:aa:ae:
         7f:50:b5:d4:c7:66:6b:c7:9c:99:1c:96:39:b9:c4:67:50:f7:
         2b:2c:03:f2:9f:c1:ac:8e:f8:78:1c:61:78:a0:e2:06:ea:94:
         72:c3:a2:2b:19:21:b0:05:2a:8e:41:92:01:72:fe:1b:ed:5e:
         d7:11:51:e0:2d:ee:bf:8e:29:48:a0:bc:8d:3a:86:36:65:f1:
         5e:13:1b:61:d1:5b:5a:33:fa:d3:de:e6:0e:35:e9:cb:0f:f9:
         38:75:fd:b6:46:57:10:66:16:8c:be:89:a0:02:6f:31:46:1e:
         b0:e6:9d:24:a8:70:00:ca:1b:76:81:b3:31:10:16:10:74:50:
         c1:c5:c0:42
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUf+gAXmbzwJxVQ7EqZQvaF2kw9pIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDMxMDA1MDQ0WhcNMjUxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A0YTdhMzc4N2EyN2I0YzgwN2JlYjA3NjU0OWE3NGIyMDc1
ZDdlNjRkY2RhZTRkNTgzNWJmOWU1NjdiMTQ1MWU4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC28kj+mhYsWwi2NojghlKxzI0h29nF7VCBmEuoPI7v/zuk
0cw/2pMtAQou/7pVxQOCuN4og7yDPrcIznLz0BFe2niTR49G/Qe6b14MBn7LY6/O
GJ7p21DjtrRgkfg6vzGgHaZ/OgYPN2NQJn6li4BFOPtBtATVfkgKp1FUe+hN5IvL
916nBlI8mx3nwLI/bApYL7uEM9jMKTNyFQtRBrhHPILOFQus5we4Fep65NfOL9LN
Am1Bwkul0rHMG9Y8XZejg/PGgL3lB75tCcLzsVKpjBF0BT98J/6hxJSa5k+VetCD
L8klIzDNU12qMSLfX2NjjAFDMzFh8y5xpoZTG6N5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUp1jpQqAp/Yfo7epjoUWBrlblM+owHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U3MDI0ZjIzLWUyNzctNDdkMy04Y2ZhLTM2Mzk3YWM2MmM5NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMyEpgwDQYJKoZIhvcNAQELBQADggEBAF8oZmHLO0KbTIkLrm0VajuCb1r6
/CAqLxrH/y3D1n/u8N2FVJ58QlPYzzhUeUwBO4Z+cWycSnUzhR8lGcFYLfAWG9LK
An+MKZ6xBvLvuBcclM+bI1Qt98cXqX9xs9hTfq7GxEBNlxPHceQRx/4n1Pkl+Jry
2NeKd0RAOx6qrn9QtdTHZmvHnJkcljm5xGdQ9yssA/KfwayO+HgcYXig4gbqlHLD
oisZIbAFKo5BkgFy/hvtXtcRUeAt7r+OKUigvI06hjZl8V4TG2HRW1oz+tPe5g41
6csP+Th1/bZGVxBmFoy+iaACbzFGHrDmnSSocADKG3aBszEQFhB0UMHFwEI=
-----END CERTIFICATE-----