Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f962418c-9cd6-4d29-bc13-088cd1d70e66.roa
File:                     f962418c-9cd6-4d29-bc13-088cd1d70e66.roa (raw, json)
Hash identifier:          1v/kmiJz+yfb71wHt4TNQSZ1pU0fpee2M7HKya1Qeeo=
Subject key identifier:   51:CA:02:29:76:B6:87:02:AC:93:22:9C:3B:53:5F:4F:EB:F0:AE:A0
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       780ADA960694F041CFFAC32AAAF1ABC9A969DD23
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f962418c-9cd6-4d29-bc13-088cd1d70e66.roa
Signing time:             Sun 26 Oct 2025 00:51:22 +0000
ROA not before:           Sun 26 Oct 2025 00:51:22 +0000
ROA not after:            Sun 30 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.93.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:0a:da:96:06:94:f0:41:cf:fa:c3:2a:aa:f1:ab:c9:a9:69:dd:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 26 00:51:22 2025 GMT
            Not After : Nov 30 23:59:59 2025 GMT
        Subject: serialNumber=3a8b1ccf845d8c657fecc0190a976888553c21ac96e3b1f8d36c0b48627f8e59, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:48:3b:c3:af:10:ce:16:1c:69:cb:51:c5:c8:
                    6f:93:75:1f:28:8c:b5:16:45:4b:11:0d:85:e5:83:
                    87:89:5a:6b:6b:7f:a9:67:75:5c:96:8f:cd:37:2b:
                    61:f7:a5:91:a6:6c:98:be:f9:7a:a3:18:9f:6d:c2:
                    1e:75:a2:36:2e:28:d3:a1:5d:5e:28:03:72:53:2f:
                    e8:1d:72:e3:e6:a8:02:69:e3:35:ad:08:90:e1:98:
                    70:10:07:b2:7d:1e:4d:a0:ca:11:e4:e9:cd:fb:c3:
                    31:97:e7:96:d0:83:04:93:8f:19:14:76:f5:38:b1:
                    08:58:66:b2:70:fc:4c:d2:6a:5d:7a:f9:d6:09:a3:
                    a9:69:3c:e5:ef:30:58:b6:c3:ec:e4:dc:f3:a7:66:
                    c3:e2:42:93:ae:17:c2:a3:c6:79:9c:ad:bd:4a:69:
                    f7:ea:27:38:18:03:54:44:69:04:b0:2c:8a:c6:8d:
                    1b:0a:54:53:8d:a4:f4:ff:c3:c2:b1:6b:51:7b:60:
                    d6:82:9d:cb:f9:57:2c:23:b6:aa:3b:79:04:e4:b5:
                    c9:75:89:25:c6:17:92:02:f2:b0:7c:0a:32:3f:c7:
                    31:13:6a:59:7c:f7:73:1b:b8:17:6d:34:95:50:f7:
                    f2:6e:f6:a5:9c:ca:d6:f0:1f:9c:4e:cf:d1:9f:3c:
                    83:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:CA:02:29:76:B6:87:02:AC:93:22:9C:3B:53:5F:4F:EB:F0:AE:A0
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f962418c-9cd6-4d29-bc13-088cd1d70e66.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.93.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         3e:fa:fd:e2:7d:f2:34:52:76:60:e4:94:c1:51:f5:d9:48:55:
         15:31:9a:2a:1e:c5:5c:49:5b:4f:af:53:de:b6:a2:77:06:ae:
         cf:ff:4f:f5:cd:07:5a:28:dd:6e:ed:61:92:c1:02:08:9d:d3:
         41:0a:f4:ae:cb:e5:80:e1:70:7d:36:16:99:e2:ab:4c:4f:8a:
         c2:de:3c:34:16:68:7a:b6:60:9d:99:9b:e9:31:5d:b8:2d:32:
         40:2d:2b:85:e8:92:75:b0:43:c3:56:2e:ab:8b:e2:c6:b7:52:
         71:46:8f:be:12:32:6e:b1:aa:e3:2a:7f:0b:ba:45:64:ab:e3:
         aa:0f:fe:5b:e5:40:0b:61:d4:c8:1f:39:fc:6b:c6:59:f0:a2:
         cf:4f:00:41:7c:f3:1a:56:90:70:00:5b:44:8c:e8:30:6a:55:
         8b:82:e3:dc:54:4e:c6:77:b8:fd:d8:d3:78:88:d5:82:e4:0a:
         d4:8e:95:9f:ae:48:dd:ce:62:40:de:e7:47:9d:be:0b:7f:64:
         de:af:bb:d3:9c:61:cd:54:55:45:59:f9:9c:79:34:01:d3:27:
         36:56:ed:e7:68:bd:a2:8a:26:cf:fa:73:eb:f7:33:15:a6:04:
         ba:91:74:0e:fa:ca:64:49:7e:cc:c3:7e:70:4e:a5:23:0b:b8:
         88:a1:bf:66
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUeAralgaU8EHP+sMqqvGryalp3SMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI2MDA1MTIyWhcNMjUxMTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0AzYThiMWNjZjg0NWQ4YzY1N2ZlY2MwMTkwYTk3Njg4ODU1
M2MyMWFjOTZlM2IxZjhkMzZjMGI0ODYyN2Y4ZTU5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCjSDvDrxDOFhxpy1HFyG+TdR8ojLUWRUsRDYXlg4eJWmtr
f6lndVyWj803K2H3pZGmbJi++XqjGJ9twh51ojYuKNOhXV4oA3JTL+gdcuPmqAJp
4zWtCJDhmHAQB7J9Hk2gyhHk6c37wzGX55bQgwSTjxkUdvU4sQhYZrJw/EzSal16
+dYJo6lpPOXvMFi2w+zk3POnZsPiQpOuF8Kjxnmcrb1KaffqJzgYA1REaQSwLIrG
jRsKVFONpPT/w8Kxa1F7YNaCncv5Vywjtqo7eQTktcl1iSXGF5IC8rB8CjI/xzET
all893MbuBdtNJVQ9/Ju9qWcytbwH5xOz9GfPIMvAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUUcoCKXa2hwKskyKcO1NfT+vwrqAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Y5NjI0MThjLTljZDYtNGQyOS1iYzEzLTA4OGNkMWQ3MGU2Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQXTANBgkqhkiG9w0BAQsFAAOCAQEAPvr94n3yNFJ2YOSUwVH12UhVFTGa
Kh7FXElbT69T3raidwauz/9P9c0HWijdbu1hksECCJ3TQQr0rsvlgOFwfTYWmeKr
TE+Kwt48NBZoerZgnZmb6TFduC0yQC0rheiSdbBDw1Yuq4vixrdScUaPvhIybrGq
4yp/C7pFZKvjqg/+W+VAC2HUyB85/GvGWfCiz08AQXzzGlaQcABbRIzoMGpVi4Lj
3FROxne4/djTeIjVguQK1I6Vn65I3c5iQN7nR52+C39k3q+705xhzVRVRVn5nHk0
AdMnNlbt52i9ooomz/pz6/czFaYEupF0DvrKZEl+zMN+cE6lIwu4iKG/Zg==
-----END CERTIFICATE-----