Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/347b6e0d-52c1-412b-a446-15e7a3c40780.roa
File:                     347b6e0d-52c1-412b-a446-15e7a3c40780.roa (raw, json)
Hash identifier:          qNrFAhzlAGlW67CsqGAGdhiuEakJ2JSEk0L37eyS/CE=
Subject key identifier:   5A:F8:B4:08:42:29:39:DE:1E:DC:13:6E:60:1C:9D:EB:FF:67:F5:58
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       510A30A97C7CA2C9D698795356BF715B76D1E175
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/347b6e0d-52c1-412b-a446-15e7a3c40780.roa
Signing time:             Tue 11 Nov 2025 02:10:07 +0000
ROA not before:           Tue 11 Nov 2025 02:10:07 +0000
ROA not after:            Tue 16 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        1.178.8.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:0a:30:a9:7c:7c:a2:c9:d6:98:79:53:56:bf:71:5b:76:d1:e1:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 11 02:10:07 2025 GMT
            Not After : Dec 16 23:59:59 2025 GMT
        Subject: serialNumber=fb9d8f2a414dfe3ded1988a3b0d541fbcdb3a279e11503b131e7e48739c66ce7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:47:9a:b9:a7:3c:46:fc:4c:59:ee:56:96:7c:
                    47:89:c9:ed:9a:8f:d4:76:5c:02:4c:7c:23:fd:e0:
                    de:33:c3:90:fd:a8:90:ef:69:06:fa:cb:26:a4:8b:
                    8c:a5:39:9b:09:99:4d:60:1a:5b:1f:13:da:65:2a:
                    d6:23:4c:f0:32:e0:d4:e5:18:b4:5c:9f:91:0c:7b:
                    f5:29:82:33:57:6e:88:54:9f:a7:20:a7:13:52:26:
                    87:70:4d:03:ef:8e:dc:8a:30:1f:0f:3c:43:7b:ca:
                    8e:81:67:d2:cf:5b:d3:01:d6:de:82:1f:79:49:1b:
                    6d:7a:a7:32:b8:51:cd:a5:22:96:6c:06:d5:17:13:
                    55:86:33:8c:37:8b:0f:f5:76:fc:8e:55:a8:f3:61:
                    2b:3d:0c:67:3e:b4:88:89:1c:8d:dc:a8:e1:eb:07:
                    b4:da:1e:fa:4d:65:1a:b7:c2:8a:5e:0a:1c:71:a2:
                    dd:44:c3:5f:db:1e:cf:53:ba:65:e8:9e:2d:30:4c:
                    3f:ec:ab:90:c9:d9:b2:30:86:71:86:16:24:c7:d8:
                    dd:e2:cd:a4:37:a1:ce:01:2f:70:6c:7f:3b:1f:f4:
                    1a:7d:eb:8e:17:aa:e0:88:02:63:4f:a7:9c:df:4b:
                    2d:18:9b:e5:de:4c:2d:2c:16:44:d3:8b:66:82:00:
                    df:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:F8:B4:08:42:29:39:DE:1E:DC:13:6E:60:1C:9D:EB:FF:67:F5:58
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/347b6e0d-52c1-412b-a446-15e7a3c40780.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.178.8.0/22

    Signature Algorithm: sha256WithRSAEncryption
         10:71:de:a0:69:82:6a:8e:de:26:b6:99:7a:62:3e:b7:aa:5d:
         72:f0:fe:5d:7d:cf:04:89:d5:95:24:a1:b1:8f:98:86:81:0d:
         4e:ea:d4:41:8f:26:04:83:94:76:69:61:4d:0f:af:3e:8c:b9:
         73:fb:69:af:c7:ce:41:fe:00:7e:5a:1b:2a:32:20:22:c2:fb:
         56:13:9b:0b:f5:b8:94:46:a7:b1:88:d2:34:92:6a:78:8b:b0:
         b8:32:f6:89:f1:73:7d:6a:e0:12:3a:ca:23:3c:4a:ca:93:27:
         42:fe:80:5e:d6:56:63:18:be:a9:aa:7f:bf:f4:dc:11:08:e1:
         fe:29:0a:9a:3f:f7:52:cd:bf:ff:1f:28:c8:d8:7d:93:6a:bd:
         ea:4a:9c:01:6a:7d:ef:5a:61:9d:15:91:f7:82:bf:4c:8c:d8:
         54:38:15:e2:63:fe:0c:53:09:77:a4:c0:9c:6f:08:95:d5:9e:
         27:28:20:3d:66:3d:8d:62:2c:86:c7:e8:f4:96:40:c0:08:fe:
         06:a9:3a:b1:51:78:e4:2d:f2:a2:b4:8f:ae:21:cf:af:93:90:
         8d:38:d1:05:ef:93:f9:48:ca:aa:bf:7e:4e:e0:77:c1:6d:ce:
         ba:2a:12:eb:6d:5b:e8:ac:df:bc:ec:1d:e7:e6:f9:2e:44:2c:
         23:c3:9a:ea
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUQowqXx8osnWmHlTVr9xW3bR4XUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDIxMDA3WhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BmYjlkOGYyYTQxNGRmZTNkZWQxOTg4YTNiMGQ1NDFmYmNk
YjNhMjc5ZTExNTAzYjEzMWU3ZTQ4NzM5YzY2Y2U3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC5R5q5pzxG/ExZ7laWfEeJye2aj9R2XAJMfCP94N4zw5D9
qJDvaQb6yyaki4ylOZsJmU1gGlsfE9plKtYjTPAy4NTlGLRcn5EMe/UpgjNXbohU
n6cgpxNSJodwTQPvjtyKMB8PPEN7yo6BZ9LPW9MB1t6CH3lJG216pzK4Uc2lIpZs
BtUXE1WGM4w3iw/1dvyOVajzYSs9DGc+tIiJHI3cqOHrB7TaHvpNZRq3wopeChxx
ot1Ew1/bHs9TumXoni0wTD/sq5DJ2bIwhnGGFiTH2N3izaQ3oc4BL3Bsfzsf9Bp9
644XquCIAmNPp5zfSy0Ym+XeTC0sFkTTi2aCAN+JAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUWvi0CEIpOd4e3BNuYByd6/9n9VgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM0N2I2ZTBkLTUyYzEtNDEyYi1hNDQ2LTE1ZTdhM2M0MDc4MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIBsggwDQYJKoZIhvcNAQELBQADggEBABBx3qBpgmqO3ia2mXpiPreqXXLw
/l19zwSJ1ZUkobGPmIaBDU7q1EGPJgSDlHZpYU0Prz6MuXP7aa/HzkH+AH5aGyoy
ICLC+1YTmwv1uJRGp7GI0jSSaniLsLgy9onxc31q4BI6yiM8SsqTJ0L+gF7WVmMY
vqmqf7/03BEI4f4pCpo/91LNv/8fKMjYfZNqvepKnAFqfe9aYZ0VkfeCv0yM2FQ4
FeJj/gxTCXekwJxvCJXVnicoID1mPY1iLIbH6PSWQMAI/gapOrFReOQt8qK0j64h
z6+TkI040QXvk/lIyqq/fk7gd8FtzroqEuttW+is37zsHefm+S5ELCPDmuo=
-----END CERTIFICATE-----