Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ed432fea-e545-4d6d-beae-21ab78adea7b.roa
File:                     ed432fea-e545-4d6d-beae-21ab78adea7b.roa (raw, json)
Hash identifier:          sgW2TxhxDuz971QQOwG4cUoGi5DRSiyl87ywy90OSU0=
Subject key identifier:   81:61:81:C6:FC:6D:21:AC:81:06:CF:14:C9:CF:33:DA:EA:81:6D:14
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3FFE9C95FB8D16088864411F255028BA65064811
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ed432fea-e545-4d6d-beae-21ab78adea7b.roa
Signing time:             Tue 28 Oct 2025 01:01:16 +0000
ROA not before:           Tue 28 Oct 2025 01:01:16 +0000
ROA not after:            Tue 02 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        173.246.160.0/19 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:fe:9c:95:fb:8d:16:08:88:64:41:1f:25:50:28:ba:65:06:48:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 28 01:01:16 2025 GMT
            Not After : Dec  2 23:59:59 2025 GMT
        Subject: serialNumber=ce6402596350f9bbde04008873a0855f993b531b51e6b05f0d903b55b031a8e7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:be:e3:a9:cb:bd:83:f5:56:24:5b:a3:35:15:
                    84:46:8f:8b:dd:ce:b8:22:cf:b5:42:d3:5d:75:da:
                    b9:e9:4f:4c:de:03:64:13:c1:2a:a0:53:78:b6:19:
                    24:67:15:99:9a:85:d4:e6:bc:bc:4c:b5:40:55:4c:
                    a1:f1:19:e7:d7:aa:52:41:0e:5b:d4:1b:5f:bf:f2:
                    cd:7d:e3:07:59:73:70:48:5a:1a:cf:ae:dc:0a:28:
                    90:ab:af:a0:57:8f:ad:41:f6:ff:c1:52:00:ed:d6:
                    fa:8f:66:f4:a8:0f:65:92:6f:5b:bb:9a:70:a0:fc:
                    53:a6:57:2a:f6:ab:f3:ad:15:c5:4d:2e:45:e4:8e:
                    09:3e:fa:96:9e:3e:14:6b:3f:69:bc:c0:fc:11:19:
                    1b:c1:b0:30:5b:4d:ff:95:26:07:8d:b0:f0:a9:8c:
                    00:1e:c0:15:78:4a:01:78:f9:74:8b:c4:5d:d0:7a:
                    9f:f7:48:2e:d2:95:4d:d9:aa:8f:19:29:a1:07:3c:
                    7b:dd:84:60:32:e4:9f:06:5f:b3:c5:62:88:9f:08:
                    17:ee:a6:a7:c4:5b:33:07:77:06:e4:9e:d2:2b:f5:
                    16:d2:16:d6:df:a6:b2:b0:18:2c:02:78:b3:dc:83:
                    29:47:eb:c7:13:c8:a4:21:e8:94:a8:49:2c:60:ef:
                    97:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:61:81:C6:FC:6D:21:AC:81:06:CF:14:C9:CF:33:DA:EA:81:6D:14
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ed432fea-e545-4d6d-beae-21ab78adea7b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  173.246.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         83:e1:7b:45:68:a6:b8:70:35:a8:e3:17:d8:3d:76:54:8f:bc:
         e9:b0:ce:62:62:5c:53:9e:7d:f2:63:45:a1:5a:aa:7d:cc:2c:
         86:df:39:2f:9f:96:19:4a:9a:86:3e:3f:ce:05:be:af:cb:ed:
         99:4f:66:08:29:87:02:88:be:9c:45:2e:52:8e:45:08:94:0a:
         00:97:a2:52:04:88:71:31:15:58:24:a6:1d:69:83:ac:2c:ce:
         05:9a:1b:e7:06:ae:8f:66:43:ca:9a:0b:e7:97:55:f0:8e:f3:
         b6:0e:b6:21:c8:78:c3:03:be:1e:c9:6d:c9:e1:14:19:06:df:
         47:6f:70:c4:ab:59:b9:34:c5:1a:c2:81:b5:b7:67:38:42:db:
         a0:a5:9e:0f:8b:c6:07:d0:e8:a3:ba:29:1c:6f:2c:6b:47:de:
         3c:9c:67:65:63:b0:20:f2:b4:7e:23:70:82:d5:bb:60:62:79:
         26:99:f8:69:7d:c0:b5:71:81:08:0c:df:d7:a5:9a:9b:82:65:
         a4:12:9e:c4:9c:c3:b0:c2:f0:79:d1:d7:9c:b1:31:42:cb:cf:
         bb:80:b9:02:ce:3f:b1:40:2a:ef:23:66:b3:51:a7:81:2f:e1:
         e0:ca:b4:07:ee:16:6e:1a:37:b8:ac:be:0b:c1:86:8d:7d:d1:
         55:a5:02:b7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUP/6clfuNFgiIZEEfJVAoumUGSBEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI4MDEwMTE2WhcNMjUxMjAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BjZTY0MDI1OTYzNTBmOWJiZGUwNDAwODg3M2EwODU1Zjk5
M2I1MzFiNTFlNmIwNWYwZDkwM2I1NWIwMzFhOGU3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1vuOpy72D9VYkW6M1FYRGj4vdzrgiz7VC01112rnpT0ze
A2QTwSqgU3i2GSRnFZmahdTmvLxMtUBVTKHxGefXqlJBDlvUG1+/8s194wdZc3BI
WhrPrtwKKJCrr6BXj61B9v/BUgDt1vqPZvSoD2WSb1u7mnCg/FOmVyr2q/OtFcVN
LkXkjgk++paePhRrP2m8wPwRGRvBsDBbTf+VJgeNsPCpjAAewBV4SgF4+XSLxF3Q
ep/3SC7SlU3Zqo8ZKaEHPHvdhGAy5J8GX7PFYoifCBfupqfEWzMHdwbkntIr9RbS
FtbfprKwGCwCeLPcgylH68cTyKQh6JSoSSxg75cFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUgWGBxvxtIayBBs8Uyc8z2uqBbRQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2VkNDMyZmVhLWU1NDUtNGQ2ZC1iZWFlLTIxYWI3OGFkZWE3Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAWt9qAwDQYJKoZIhvcNAQELBQADggEBAIPhe0VoprhwNajjF9g9dlSPvOmw
zmJiXFOeffJjRaFaqn3MLIbfOS+flhlKmoY+P84Fvq/L7ZlPZggphwKIvpxFLlKO
RQiUCgCXolIEiHExFVgkph1pg6wszgWaG+cGro9mQ8qaC+eXVfCO87YOtiHIeMMD
vh7JbcnhFBkG30dvcMSrWbk0xRrCgbW3ZzhC26Clng+LxgfQ6KO6KRxvLGtH3jyc
Z2VjsCDytH4jcILVu2BieSaZ+Gl9wLVxgQgM39elmpuCZaQSnsScw7DC8HnR15yx
MULLz7uAuQLOP7FAKu8jZrNRp4Ev4eDKtAfuFm4aN7isvgvBho190VWlArc=
-----END CERTIFICATE-----