Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fbfb9b3d-d8ac-4bd4-8c1f-37dc2f3c0ced.roa
File:                     fbfb9b3d-d8ac-4bd4-8c1f-37dc2f3c0ced.roa (raw, json)
Hash identifier:          Z9TOF7/hOyA4c+NzSL17mErFQUn1GXFarE5OsZl5Ay8=
Subject key identifier:   40:C0:5A:AE:08:CD:6B:AD:AB:BB:DC:26:2C:F4:57:31:32:DF:6C:D4
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       44ACDC68DF1A8A1B6FC0D685844C848BAE1935FE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fbfb9b3d-d8ac-4bd4-8c1f-37dc2f3c0ced.roa
Signing time:             Tue 04 Nov 2025 00:20:08 +0000
ROA not before:           Tue 04 Nov 2025 00:20:08 +0000
ROA not after:            Tue 09 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        69.86.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:ac:dc:68:df:1a:8a:1b:6f:c0:d6:85:84:4c:84:8b:ae:19:35:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  4 00:20:08 2025 GMT
            Not After : Dec  9 23:59:59 2025 GMT
        Subject: serialNumber=1629292849453cc653248aeccf1a3229c6283a00940e0568769b61c129bdcb60, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:b2:15:7e:7a:b9:6d:79:de:23:e0:75:a6:90:
                    fa:2f:5c:4b:15:cd:4a:51:06:1e:85:f9:e7:b6:3b:
                    58:12:1d:a4:0a:a2:8d:7b:5a:46:cf:d6:d4:31:82:
                    7e:6e:10:7c:1a:61:c5:09:4f:79:eb:ef:36:63:f7:
                    31:26:bb:bd:f6:cb:6c:f0:9b:49:0a:04:3f:10:88:
                    7e:3d:1a:6c:5b:14:85:d3:eb:73:1e:05:05:53:c3:
                    d9:68:a0:dd:fb:58:58:8a:c1:bb:cd:1d:53:39:05:
                    f5:3b:f9:6e:e4:71:d2:cc:a3:13:02:5b:27:23:5d:
                    1a:da:3c:c8:3a:01:81:3b:ae:c6:87:f5:96:c3:77:
                    7a:02:4c:19:69:6f:2a:18:ae:da:0e:0b:b5:85:53:
                    b2:17:d0:1c:ad:bc:df:7e:f3:f2:ab:94:e2:fa:7c:
                    89:9a:20:79:47:7a:48:4c:e2:73:ab:a3:d4:03:f4:
                    f5:79:a7:ca:20:fa:f7:ff:3c:4a:77:4a:82:36:5d:
                    00:ab:b6:5e:b9:13:e7:97:c1:cd:7f:fa:be:67:ef:
                    eb:a3:1e:e2:d2:fa:0a:ac:15:fa:42:a9:8a:33:ba:
                    d2:cf:34:f4:a5:47:c2:20:6d:61:aa:f7:d8:6d:c2:
                    ab:bc:ea:72:c9:94:7a:47:0c:17:48:f6:f1:83:c6:
                    66:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:C0:5A:AE:08:CD:6B:AD:AB:BB:DC:26:2C:F4:57:31:32:DF:6C:D4
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fbfb9b3d-d8ac-4bd4-8c1f-37dc2f3c0ced.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  69.86.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         94:05:45:5d:16:f9:21:e4:88:cd:2e:1e:79:c7:f9:9d:f3:77:
         2d:5a:d4:68:9e:8e:cb:7b:63:7e:4c:72:c9:3b:11:79:19:d0:
         08:90:09:9e:6e:1b:5d:c7:98:95:75:68:80:8b:e4:ec:9e:c4:
         21:01:ab:7e:bf:85:98:b6:1c:bd:e5:9b:19:05:3f:28:c2:8f:
         c4:be:ee:37:dd:47:a3:db:1e:f4:49:5b:e7:52:4a:68:25:38:
         8e:4c:14:cc:52:ae:c9:88:3d:1a:5b:f8:7b:5b:9f:17:68:30:
         ed:78:0b:e7:e5:f5:d5:d9:2c:3a:36:bd:ce:71:df:78:f2:c1:
         cc:94:f9:00:7c:28:0e:4c:26:26:51:34:1b:92:87:0f:70:1e:
         cb:f5:9a:89:55:f6:02:46:61:36:d9:8f:30:42:d2:19:12:a9:
         cd:e3:d9:65:c8:16:90:36:06:8b:0d:48:83:13:29:19:13:25:
         5e:4a:96:2e:a3:5b:40:f1:4d:c2:7a:b7:e7:0e:b9:b8:aa:c3:
         1b:19:58:29:ad:7f:b2:41:88:41:a7:bb:41:93:29:86:81:9c:
         f3:1e:d3:4f:b4:0e:d9:46:c0:85:e1:13:c0:75:7d:2f:31:0d:
         f5:90:fd:ea:91:8a:aa:4f:ca:d9:27:e8:5a:3b:98:f2:86:83:
         6f:b5:09:df
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIURKzcaN8aihtvwNaFhEyEi64ZNf4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTA0MDAyMDA4WhcNMjUxMjA5MjM1OTU5
WjB6MUkwRwYDVQQFE0AxNjI5MjkyODQ5NDUzY2M2NTMyNDhhZWNjZjFhMzIyOWM2
MjgzYTAwOTQwZTA1Njg3NjliNjFjMTI5YmRjYjYwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0shV+erlted4j4HWmkPovXEsVzUpRBh6F+ee2O1gSHaQK
oo17WkbP1tQxgn5uEHwaYcUJT3nr7zZj9zEmu732y2zwm0kKBD8QiH49GmxbFIXT
63MeBQVTw9looN37WFiKwbvNHVM5BfU7+W7kcdLMoxMCWycjXRraPMg6AYE7rsaH
9ZbDd3oCTBlpbyoYrtoOC7WFU7IX0BytvN9+8/KrlOL6fImaIHlHekhM4nOro9QD
9PV5p8og+vf/PEp3SoI2XQCrtl65E+eXwc1/+r5n7+ujHuLS+gqsFfpCqYozutLP
NPSlR8IgbWGq99htwqu86nLJlHpHDBdI9vGDxmbxAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUQMBargjNa62ru9wmLPRXMTLfbNQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ZiZmI5YjNkLWQ4YWMtNGJkNC04YzFmLTM3ZGMyZjNjMGNlZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBFVjANBgkqhkiG9w0BAQsFAAOCAQEAlAVFXRb5IeSIzS4eecf5nfN3LVrU
aJ6Oy3tjfkxyyTsReRnQCJAJnm4bXceYlXVogIvk7J7EIQGrfr+FmLYcveWbGQU/
KMKPxL7uN91Ho9se9Elb51JKaCU4jkwUzFKuyYg9Glv4e1ufF2gw7XgL5+X11dks
Oja9znHfePLBzJT5AHwoDkwmJlE0G5KHD3Aey/WaiVX2AkZhNtmPMELSGRKpzePZ
ZcgWkDYGiw1IgxMpGRMlXkqWLqNbQPFNwnq35w65uKrDGxlYKa1/skGIQae7QZMp
hoGc8x7TT7QO2UbAheETwHV9LzEN9ZD96pGKqk/K2SfoWjuY8oaDb7UJ3w==
-----END CERTIFICATE-----