Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f59c4022-6f7f-4f90-9478-97502a12f586.roa
File:                     f59c4022-6f7f-4f90-9478-97502a12f586.roa (raw, json)
Hash identifier:          qlU/EGP4JGHZMsryhZabKxDSZiuv6kRorzWW2x/8mOU=
Subject key identifier:   93:DB:F7:0D:C9:06:04:05:40:BF:90:A1:80:3E:E4:53:40:59:FD:4F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1B420E1DCBA9B77A64EFCBDB5CF3E81025E76F50
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f59c4022-6f7f-4f90-9478-97502a12f586.roa
Signing time:             Fri 31 Oct 2025 01:00:05 +0000
ROA not before:           Fri 31 Oct 2025 01:00:05 +0000
ROA not after:            Fri 05 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        15.103.0.0/16 maxlen: 16
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:42:0e:1d:cb:a9:b7:7a:64:ef:cb:db:5c:f3:e8:10:25:e7:6f:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 31 01:00:05 2025 GMT
            Not After : Dec  5 23:59:59 2025 GMT
        Subject: serialNumber=d10babf5783214b219aa50539f66f99641f872a0f2eaeabd990dd6cfd785d354, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:8d:bf:0c:5e:8d:12:ae:8f:58:2a:db:0c:86:
                    8c:03:9b:29:9d:c9:a5:2e:7e:07:23:07:dc:c0:41:
                    94:da:57:7e:48:f1:8d:96:46:79:c7:ed:4d:ae:4e:
                    57:ed:a5:bc:6e:e9:ce:da:a1:c5:b3:9e:11:91:da:
                    fe:7a:ee:7a:9b:af:58:50:14:4e:e6:14:08:26:13:
                    b6:8b:ce:7a:7f:25:a7:73:34:d3:b2:15:3f:24:59:
                    d4:f4:60:59:ef:ec:a3:e2:b6:72:a4:70:b7:9a:24:
                    2c:e3:14:e4:72:3a:72:4e:f3:53:dd:f4:e8:57:63:
                    60:57:87:c4:0d:16:d4:16:37:29:3e:7a:a8:e9:06:
                    46:d4:22:ee:25:a5:09:bc:c0:9d:17:ba:f8:fe:ed:
                    55:c7:cc:f2:a7:da:13:ae:88:48:f1:af:54:30:0d:
                    e2:30:23:be:bf:47:e6:7a:74:d1:8d:cf:92:d8:a1:
                    ac:37:cd:18:3a:7e:4b:7e:7d:8e:1e:a2:c8:b6:98:
                    51:30:21:f6:73:66:56:3a:ec:66:b2:66:37:8b:4b:
                    0e:c5:c7:dc:ae:37:a0:8a:44:b6:61:51:17:58:d9:
                    24:a5:d6:24:50:ea:97:d1:8b:34:a9:22:d7:1d:ae:
                    7b:29:3c:75:d1:7d:21:a4:81:7f:e7:cc:a6:b9:9d:
                    60:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:DB:F7:0D:C9:06:04:05:40:BF:90:A1:80:3E:E4:53:40:59:FD:4F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f59c4022-6f7f-4f90-9478-97502a12f586.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.103.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         54:07:16:36:c0:e9:8f:ac:39:7d:ec:d6:e2:3e:2a:50:dc:82:
         da:aa:1a:79:c8:46:7e:fc:f2:dc:6a:a4:e3:8f:7d:b7:fb:92:
         93:c8:ed:d4:e0:91:79:32:da:4a:ac:0d:d1:1c:8f:2f:98:0e:
         f1:43:35:43:4f:e3:c1:d7:73:00:40:57:bb:40:c8:2f:4c:55:
         2b:bc:8c:2a:4b:c9:e3:22:9d:28:d4:09:27:97:9c:09:cb:86:
         21:3d:6e:11:fc:4e:42:b6:c5:19:e9:6a:91:78:0f:52:f8:22:
         81:9d:ef:5d:1c:7e:db:7a:65:9e:f7:bb:d1:5d:c6:21:54:f8:
         61:45:af:f7:b1:02:83:d1:04:4d:41:34:c0:21:8e:fb:25:0e:
         de:b0:05:0b:13:0a:3f:83:ce:25:a0:d1:5e:fd:f9:a7:e8:98:
         bd:0e:d0:e4:99:12:1f:b6:17:84:96:a1:87:e3:c9:76:31:ea:
         e8:91:8d:e2:b1:81:9d:c1:12:81:e1:8c:dd:70:ff:bc:1d:91:
         cd:a3:93:dd:11:bb:cd:4e:21:9d:72:6d:f6:94:91:bb:06:05:
         6c:e8:01:1e:d6:d3:3b:24:fd:92:f2:24:39:9d:4e:08:9b:54:
         ea:26:70:ce:92:f7:43:22:ca:29:f7:a8:5b:32:88:01:75:8f:
         20:1b:9b:76
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUG0IOHcupt3pk78vbXPPoECXnb1AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDMxMDEwMDA1WhcNMjUxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BkMTBiYWJmNTc4MzIxNGIyMTlhYTUwNTM5ZjY2Zjk5NjQx
Zjg3MmEwZjJlYWVhYmQ5OTBkZDZjZmQ3ODVkMzU0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/jb8MXo0Sro9YKtsMhowDmymdyaUufgcjB9zAQZTaV35I
8Y2WRnnH7U2uTlftpbxu6c7aocWznhGR2v567nqbr1hQFE7mFAgmE7aLznp/Jadz
NNOyFT8kWdT0YFnv7KPitnKkcLeaJCzjFORyOnJO81Pd9OhXY2BXh8QNFtQWNyk+
eqjpBkbUIu4lpQm8wJ0Xuvj+7VXHzPKn2hOuiEjxr1QwDeIwI76/R+Z6dNGNz5LY
oaw3zRg6fkt+fY4eosi2mFEwIfZzZlY67GayZjeLSw7Fx9yuN6CKRLZhURdY2SSl
1iRQ6pfRizSpItcdrnspPHXRfSGkgX/nzKa5nWAdAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUk9v3DckGBAVAv5ChgD7kU0BZ/U8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Y1OWM0MDIyLTZmN2YtNGY5MC05NDc4LTk3NTAyYTEyZjU4Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAPZzANBgkqhkiG9w0BAQsFAAOCAQEAVAcWNsDpj6w5fezW4j4qUNyC2qoa
echGfvzy3Gqk4499t/uSk8jt1OCReTLaSqwN0RyPL5gO8UM1Q0/jwddzAEBXu0DI
L0xVK7yMKkvJ4yKdKNQJJ5ecCcuGIT1uEfxOQrbFGelqkXgPUvgigZ3vXRx+23pl
nve70V3GIVT4YUWv97ECg9EETUE0wCGO+yUO3rAFCxMKP4POJaDRXv35p+iYvQ7Q
5JkSH7YXhJahh+PJdjHq6JGN4rGBncESgeGM3XD/vB2RzaOT3RG7zU4hnXJt9pSR
uwYFbOgBHtbTOyT9kvIkOZ1OCJtU6iZwzpL3QyLKKfeoWzKIAXWPIBubdg==
-----END CERTIFICATE-----