Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3c71aef8-db0a-4cd2-b3f0-9a3768eb9691.roa
File:                     3c71aef8-db0a-4cd2-b3f0-9a3768eb9691.roa (raw, json)
Hash identifier:          UEP16pwAUM48ItBSPH9Nvr0rzt/4izSnvi5tKM4EH64=
Subject key identifier:   BE:F4:22:25:D1:82:F0:99:5C:35:02:AC:A2:49:7F:1B:8C:B8:94:56
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       75D5A8D103D55518706519ABCA12AB78B5256D4C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3c71aef8-db0a-4cd2-b3f0-9a3768eb9691.roa
Signing time:             Tue 11 Nov 2025 01:20:47 +0000
ROA not before:           Tue 11 Nov 2025 01:20:47 +0000
ROA not after:            Tue 16 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        1.179.80.0/21 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:d5:a8:d1:03:d5:55:18:70:65:19:ab:ca:12:ab:78:b5:25:6d:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 11 01:20:47 2025 GMT
            Not After : Dec 16 23:59:59 2025 GMT
        Subject: serialNumber=057d29ffdbc58b56976465f53a4f90ab3bf2fddd93a89eef219b1bda657eeb8b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:c6:4b:d9:1b:9e:4a:9c:be:16:41:f4:65:78:
                    64:81:dd:1a:1a:9e:6c:02:49:66:00:c1:2f:b5:63:
                    ba:3b:b0:2d:bc:f4:ad:fa:04:73:3f:e6:e5:69:91:
                    34:86:12:d7:f5:99:26:18:ed:53:24:66:5c:b8:2f:
                    5d:51:f4:53:bf:9e:f9:f4:59:fe:5a:06:54:e0:49:
                    8c:f6:5c:b1:a9:f5:cc:d1:8f:93:4f:49:e8:99:e2:
                    e1:77:62:5b:68:80:b5:3a:0c:8c:b3:4c:15:17:cc:
                    8f:63:c7:7f:fc:3a:39:ff:58:3d:73:54:31:b7:d2:
                    85:bf:46:5f:c1:bc:dc:d1:d0:64:3b:4e:69:d9:bc:
                    74:56:3b:d7:d9:97:f2:de:78:f2:01:f4:c6:ab:cf:
                    9a:06:4c:5a:e0:04:95:69:54:1c:9f:57:18:8d:9c:
                    77:63:62:a9:ec:b7:d4:2a:39:79:d0:17:e4:d9:f0:
                    ce:06:a2:16:56:ce:01:c7:51:b2:d8:4a:51:fb:8b:
                    ee:4a:0e:f7:b3:a2:75:b7:e7:f3:e0:7f:c0:90:1e:
                    18:10:9d:df:d9:ec:99:12:88:9c:a7:69:b6:58:46:
                    bd:08:2e:18:c8:d8:60:62:87:bf:3a:b1:f5:d2:6c:
                    44:b3:61:eb:48:25:be:2e:9e:f5:34:33:72:84:03:
                    aa:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:F4:22:25:D1:82:F0:99:5C:35:02:AC:A2:49:7F:1B:8C:B8:94:56
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3c71aef8-db0a-4cd2-b3f0-9a3768eb9691.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.179.80.0/21

    Signature Algorithm: sha256WithRSAEncryption
         82:7c:13:80:84:e9:7c:fd:43:e5:35:17:3b:4f:49:1d:db:aa:
         16:f4:d5:e6:2d:e7:f8:44:d8:51:c0:6f:45:bd:86:a9:6d:e6:
         8e:8f:b6:18:b9:2f:37:bc:8b:68:07:77:32:4d:f7:27:89:ff:
         3c:5e:bd:fc:97:e6:5f:81:c6:65:51:9a:78:92:0d:1f:cb:c3:
         d3:79:dd:a1:05:7b:4f:d4:f0:6f:23:03:9f:69:d3:94:87:69:
         a6:47:93:cb:f8:dc:72:af:f5:53:9b:e7:bb:4a:c2:1b:18:28:
         2a:08:86:e5:3a:94:30:37:f3:01:d3:e3:42:ba:e7:b9:b4:0c:
         b6:e8:1a:c6:c7:a7:ff:7b:4e:48:16:a2:5e:c5:d9:93:01:83:
         41:2f:70:2a:ca:1b:21:54:bc:1e:75:34:3e:da:ff:29:3d:d1:
         04:b9:23:15:32:0d:40:81:c5:e8:22:b3:74:ca:75:00:50:fe:
         46:fe:f8:52:01:85:6f:5f:18:8e:13:7d:78:2e:7a:83:10:d7:
         32:8b:ba:b4:5d:40:fc:4e:f5:0d:03:f5:7b:61:b3:03:15:5d:
         c5:2b:0d:20:24:e0:20:1b:36:18:53:6b:fd:7d:da:2a:63:a9:
         9f:04:16:23:98:1b:5b:14:d0:92:4f:1f:a8:eb:76:fd:32:86:
         38:47:f9:26
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUddWo0QPVVRhwZRmryhKreLUlbUwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDEyMDQ3WhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0AwNTdkMjlmZmRiYzU4YjU2OTc2NDY1ZjUzYTRmOTBhYjNi
ZjJmZGRkOTNhODllZWYyMTliMWJkYTY1N2VlYjhiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCRxkvZG55KnL4WQfRleGSB3RoanmwCSWYAwS+1Y7o7sC28
9K36BHM/5uVpkTSGEtf1mSYY7VMkZly4L11R9FO/nvn0Wf5aBlTgSYz2XLGp9czR
j5NPSeiZ4uF3YltogLU6DIyzTBUXzI9jx3/8Ojn/WD1zVDG30oW/Rl/BvNzR0GQ7
TmnZvHRWO9fZl/LeePIB9Marz5oGTFrgBJVpVByfVxiNnHdjYqnst9QqOXnQF+TZ
8M4GohZWzgHHUbLYSlH7i+5KDvezonW35/Pgf8CQHhgQnd/Z7JkSiJynabZYRr0I
LhjI2GBih786sfXSbESzYetIJb4unvU0M3KEA6p1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUvvQiJdGC8JlcNQKsokl/G4y4lFYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNjNzFhZWY4LWRiMGEtNGNkMi1iM2YwLTlhMzc2OGViOTY5MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMBs1AwDQYJKoZIhvcNAQELBQADggEBAIJ8E4CE6Xz9Q+U1FztPSR3bqhb0
1eYt5/hE2FHAb0W9hqlt5o6Pthi5Lze8i2gHdzJN9yeJ/zxevfyX5l+BxmVRmniS
DR/Lw9N53aEFe0/U8G8jA59p05SHaaZHk8v43HKv9VOb57tKwhsYKCoIhuU6lDA3
8wHT40K657m0DLboGsbHp/97TkgWol7F2ZMBg0EvcCrKGyFUvB51ND7a/yk90QS5
IxUyDUCBxegis3TKdQBQ/kb++FIBhW9fGI4TfXgueoMQ1zKLurRdQPxO9Q0D9Xth
swMVXcUrDSAk4CAbNhhTa/192ipjqZ8EFiOYG1sU0JJPH6jrdv0yhjhH+SY=
-----END CERTIFICATE-----