Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fa95ea74-f12d-43a6-8217-4b1803ba7e69.roa
File:                     fa95ea74-f12d-43a6-8217-4b1803ba7e69.roa (raw, json)
Hash identifier:          d7wNtdtUc1vpB1olT9cDmrL+4wQ66CyRxZOeUUiehlo=
Subject key identifier:   67:D3:90:FC:9F:D2:34:C7:46:10:74:7A:6A:04:09:7E:14:45:D0:5A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3B0234F7B527DD31E3B4912D82701E0ADE1E1590
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fa95ea74-f12d-43a6-8217-4b1803ba7e69.roa
Signing time:             Fri 31 Oct 2025 00:30:09 +0000
ROA not before:           Fri 31 Oct 2025 00:30:09 +0000
ROA not after:            Fri 05 Dec 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        16.177.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:02:34:f7:b5:27:dd:31:e3:b4:91:2d:82:70:1e:0a:de:1e:15:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 31 00:30:09 2025 GMT
            Not After : Dec  5 23:59:59 2025 GMT
        Subject: serialNumber=d78fd0d2689fedf026d25ec365babe8e4e6453c15c1d844a9e3dd53911202210, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:71:40:69:4b:fc:18:86:bb:bc:4e:ca:b5:da:
                    08:83:17:e7:49:fb:45:d4:4b:5c:3b:18:ee:7a:e0:
                    40:4f:62:01:e5:b6:2e:58:78:78:e5:ae:b3:f9:5c:
                    43:77:62:bb:e1:97:6c:a8:d6:b6:66:83:b8:32:9b:
                    80:55:71:0a:ce:a5:3d:24:83:98:e6:dc:1f:48:38:
                    e6:e6:80:55:04:e9:11:df:a4:5b:4e:e4:0f:e4:bc:
                    d7:c0:39:3e:94:7c:fd:6f:25:3b:73:21:80:bf:e9:
                    26:9a:12:9f:ae:88:3e:8a:cc:da:78:59:67:4b:a5:
                    f1:3b:93:a1:cf:a7:9a:85:ce:0e:85:58:f7:3d:df:
                    39:d2:3b:89:5f:79:e2:b5:86:3a:ac:e3:52:10:d9:
                    13:79:4f:9e:36:85:26:82:9c:b9:2a:4b:50:93:de:
                    d0:c1:f8:7e:be:d7:17:5f:b6:c2:70:c3:1e:b7:5c:
                    e1:20:10:4f:29:c8:91:36:a0:cf:e4:08:fc:2a:5b:
                    db:d5:bd:33:96:22:17:5f:34:66:c8:82:d5:dc:10:
                    17:2d:9f:70:a4:4e:80:f5:30:28:af:7e:f4:1b:18:
                    0e:91:06:b5:e5:06:21:84:79:1e:4f:55:aa:a2:91:
                    2c:ac:a5:98:d2:eb:92:4d:fa:67:65:33:e1:8c:1f:
                    fb:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:D3:90:FC:9F:D2:34:C7:46:10:74:7A:6A:04:09:7E:14:45:D0:5A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fa95ea74-f12d-43a6-8217-4b1803ba7e69.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.177.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         42:8d:6a:e1:4f:4a:4c:0b:50:f8:fd:32:60:51:eb:0f:90:2d:
         fb:bb:dc:b0:f0:ec:33:b0:f8:5e:30:bb:88:84:88:8e:a6:20:
         72:27:72:d3:b5:00:78:dc:2e:1b:e1:72:5c:0c:d3:f0:b4:e4:
         fd:7d:f5:15:c9:f3:73:7b:1a:95:6f:42:dd:be:80:49:0d:6a:
         27:3c:dd:46:5b:2c:d3:a0:1a:f8:83:4e:33:11:49:ad:c4:41:
         fe:36:df:f3:1f:f6:5b:1e:4c:a9:ab:e6:86:dc:44:70:6d:a7:
         e1:4d:9f:71:15:2c:b0:8f:2b:b2:9c:fd:4e:60:40:d4:71:40:
         15:94:79:65:26:71:db:83:41:95:9d:c5:ef:7e:69:e2:a0:da:
         27:e5:3d:84:4b:c9:19:a8:07:25:b5:a3:70:c5:06:2f:d5:10:
         e8:2a:e0:fd:63:c5:2d:1e:13:09:b4:09:ea:84:23:2b:13:cc:
         47:c4:6b:8c:b2:11:08:10:4a:53:f6:c5:ab:9b:5c:42:3c:7f:
         5b:ee:d5:77:e3:b0:b0:cc:12:bd:98:3a:47:0f:4d:dc:bc:78:
         c5:a5:f7:f8:db:a0:a7:6e:ee:ce:e4:ac:a3:ab:4a:04:7f:fc:
         1d:77:5f:be:98:17:cd:53:64:33:90:8e:d7:57:4c:54:8a:b1:
         17:96:2e:ea
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUOwI097Un3THjtJEtgnAeCt4eFZAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDMxMDAzMDA5WhcNMjUxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BkNzhmZDBkMjY4OWZlZGYwMjZkMjVlYzM2NWJhYmU4ZTRl
NjQ1M2MxNWMxZDg0NGE5ZTNkZDUzOTExMjAyMjEwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC8cUBpS/wYhru8Tsq12giDF+dJ+0XUS1w7GO564EBPYgHl
ti5YeHjlrrP5XEN3Yrvhl2yo1rZmg7gym4BVcQrOpT0kg5jm3B9IOObmgFUE6RHf
pFtO5A/kvNfAOT6UfP1vJTtzIYC/6SaaEp+uiD6KzNp4WWdLpfE7k6HPp5qFzg6F
WPc93znSO4lfeeK1hjqs41IQ2RN5T542hSaCnLkqS1CT3tDB+H6+1xdftsJwwx63
XOEgEE8pyJE2oM/kCPwqW9vVvTOWIhdfNGbIgtXcEBctn3CkToD1MCivfvQbGA6R
BrXlBiGEeR5PVaqikSyspZjS65JN+mdlM+GMH/tnAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUZ9OQ/J/SNMdGEHR6agQJfhRF0FowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ZhOTVlYTc0LWYxMmQtNDNhNi04MjE3LTRiMTgwM2JhN2U2OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQsTANBgkqhkiG9w0BAQsFAAOCAQEAQo1q4U9KTAtQ+P0yYFHrD5At+7vc
sPDsM7D4XjC7iISIjqYgcidy07UAeNwuG+FyXAzT8LTk/X31Fcnzc3salW9C3b6A
SQ1qJzzdRlss06Aa+INOMxFJrcRB/jbf8x/2Wx5MqavmhtxEcG2n4U2fcRUssI8r
spz9TmBA1HFAFZR5ZSZx24NBlZ3F735p4qDaJ+U9hEvJGagHJbWjcMUGL9UQ6Crg
/WPFLR4TCbQJ6oQjKxPMR8RrjLIRCBBKU/bFq5tcQjx/W+7Vd+OwsMwSvZg6Rw9N
3Lx4xaX3+Nugp27uzuSso6tKBH/8HXdfvpgXzVNkM5CO11dMVIqxF5Yu6g==
-----END CERTIFICATE-----