Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ece2a46d-8c8e-4e67-b701-167bd597b197.roa
File:                     ece2a46d-8c8e-4e67-b701-167bd597b197.roa (raw, json)
Hash identifier:          w2rQamycsixkkFpaTVPGX5zc6ADLAi/E5oiz20B94cw=
Subject key identifier:   B0:22:90:25:DB:4A:23:C1:C9:63:B5:33:C8:0B:41:A4:0D:81:B9:AC
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       23B002FC5627FCC3265B30E42E372916FF92FB48
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ece2a46d-8c8e-4e67-b701-167bd597b197.roa
Signing time:             Sun 26 Oct 2025 00:10:39 +0000
ROA not before:           Sun 26 Oct 2025 00:10:39 +0000
ROA not after:            Sun 30 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        56.241.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:b0:02:fc:56:27:fc:c3:26:5b:30:e4:2e:37:29:16:ff:92:fb:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 26 00:10:39 2025 GMT
            Not After : Nov 30 23:59:59 2025 GMT
        Subject: serialNumber=368a6dfa835c6e9fadd5cad8dc8a9555e7943e9b656b0273f102ad43c9f71a25, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:c0:0e:ee:19:41:67:0c:f4:1b:77:21:d7:13:
                    4f:0a:f8:1d:2e:90:7f:a4:67:07:bd:63:c0:b3:00:
                    f9:45:55:2c:80:41:69:3d:06:c5:b7:8b:8b:56:1e:
                    ff:f3:bf:e2:04:03:e2:0c:da:8b:59:48:7c:13:41:
                    d9:91:fb:09:80:0d:15:c0:fc:f4:4b:ea:5c:90:c5:
                    f7:83:fe:7d:ee:6e:ee:76:f7:79:24:c2:19:27:e2:
                    7c:1c:7c:36:86:ab:24:99:83:40:7d:eb:07:6e:b3:
                    ca:9d:fc:57:7e:7e:29:c9:83:15:84:50:c9:db:f2:
                    60:c7:df:98:ab:22:f6:68:df:4c:eb:c5:3f:af:81:
                    8d:3d:e2:ac:49:a8:74:33:28:03:0f:00:dc:95:f3:
                    04:f1:7b:df:14:39:ff:11:dd:f8:0f:e8:e6:04:76:
                    b5:2e:a6:c0:85:1a:ad:2b:a2:09:33:58:3a:92:17:
                    93:56:94:13:b8:b3:bb:9b:7e:7c:d9:6d:ec:7f:b8:
                    4b:71:b0:43:49:0c:38:88:a9:16:75:51:7a:0e:97:
                    35:45:93:b5:5c:39:3f:4d:7f:0b:e7:81:c6:9c:50:
                    e8:7f:e2:4b:c4:c9:97:3f:5c:a2:98:ec:23:95:84:
                    4a:e8:51:c5:db:59:61:fa:29:c5:f2:51:e0:65:54:
                    d8:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:22:90:25:DB:4A:23:C1:C9:63:B5:33:C8:0B:41:A4:0D:81:B9:AC
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ece2a46d-8c8e-4e67-b701-167bd597b197.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.241.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         d4:93:41:d6:7f:c9:10:4e:43:0f:30:2c:48:0d:0b:9c:4e:ec:
         58:e2:9c:c6:18:50:73:ea:14:ea:3c:ae:85:a8:4c:b3:15:a4:
         a1:e1:b2:e2:b4:f0:64:c5:61:69:eb:b9:7d:9f:15:4f:2a:5c:
         43:af:e0:7a:19:04:ef:54:f1:80:8a:15:9d:a2:09:35:c0:cb:
         59:d8:c2:64:eb:2c:1c:7c:ba:65:53:9f:f8:c0:ce:c4:42:9a:
         14:2c:69:74:53:9b:20:bd:3e:0b:b9:21:67:9c:aa:f3:c9:72:
         54:59:57:fd:a8:ff:04:35:ae:48:c2:e9:76:38:b9:7c:f2:41:
         5e:ef:06:fd:15:af:a5:0b:55:e3:e4:0b:75:7c:a2:a6:92:e6:
         4f:f8:ef:c9:59:ac:3c:b8:c8:84:af:75:ef:4b:52:67:b9:09:
         83:09:82:0e:0e:70:51:5f:1c:92:eb:dc:7b:12:9b:db:6e:13:
         89:2e:2d:a7:4f:af:9f:54:bc:62:01:27:a3:4f:46:8a:54:17:
         8f:45:c6:59:e2:13:08:15:9b:c8:32:95:40:ff:96:f0:ae:e7:
         cc:90:80:d3:63:a9:ae:dc:1f:81:07:46:51:79:7e:e2:d0:5e:
         25:b3:23:90:6b:f0:b1:db:5d:98:f2:29:2f:5d:48:f3:d5:4d:
         98:16:fd:ed
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUI7AC/FYn/MMmWzDkLjcpFv+S+0gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI2MDAxMDM5WhcNMjUxMTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0AzNjhhNmRmYTgzNWM2ZTlmYWRkNWNhZDhkYzhhOTU1NWU3
OTQzZTliNjU2YjAyNzNmMTAyYWQ0M2M5ZjcxYTI1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD0wA7uGUFnDPQbdyHXE08K+B0ukH+kZwe9Y8CzAPlFVSyA
QWk9BsW3i4tWHv/zv+IEA+IM2otZSHwTQdmR+wmADRXA/PRL6lyQxfeD/n3ubu52
93kkwhkn4nwcfDaGqySZg0B96wdus8qd/Fd+finJgxWEUMnb8mDH35irIvZo30zr
xT+vgY094qxJqHQzKAMPANyV8wTxe98UOf8R3fgP6OYEdrUupsCFGq0rogkzWDqS
F5NWlBO4s7ubfnzZbex/uEtxsENJDDiIqRZ1UXoOlzVFk7VcOT9NfwvngcacUOh/
4kvEyZc/XKKY7COVhEroUcXbWWH6KcXyUeBlVNh3AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUsCKQJdtKI8HJY7UzyAtBpA2BuawwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2VjZTJhNDZkLThjOGUtNGU2Ny1iNzAxLTE2N2JkNTk3YjE5Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA48TANBgkqhkiG9w0BAQsFAAOCAQEA1JNB1n/JEE5DDzAsSA0LnE7sWOKc
xhhQc+oU6jyuhahMsxWkoeGy4rTwZMVhaeu5fZ8VTypcQ6/gehkE71TxgIoVnaIJ
NcDLWdjCZOssHHy6ZVOf+MDOxEKaFCxpdFObIL0+C7khZ5yq88lyVFlX/aj/BDWu
SMLpdji5fPJBXu8G/RWvpQtV4+QLdXyippLmT/jvyVmsPLjIhK9170tSZ7kJgwmC
Dg5wUV8ckuvcexKb224TiS4tp0+vn1S8YgEno09GilQXj0XGWeITCBWbyDKVQP+W
8K7nzJCA02OprtwfgQdGUXl+4tBeJbMjkGvwsdtdmPIpL11I89VNmBb97Q==
-----END CERTIFICATE-----