Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5159f153-639c-4e8b-af0f-42e70fe1b2e9.roa
File:                     5159f153-639c-4e8b-af0f-42e70fe1b2e9.roa (raw, json)
Hash identifier:          i642kQoZtYELVIjNRVuBqxw/Az6D9C2hyNRWB9XNfEk=
Subject key identifier:   A4:78:DD:9B:5D:AC:C9:44:90:26:32:DA:E9:84:29:5C:0F:30:2B:63
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       262066A6941D8F34BB890C6394F273447CB3624A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5159f153-639c-4e8b-af0f-42e70fe1b2e9.roa
Signing time:             Tue 11 Nov 2025 00:31:19 +0000
ROA not before:           Tue 11 Nov 2025 00:31:19 +0000
ROA not after:            Tue 16 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        205.210.108.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:20:66:a6:94:1d:8f:34:bb:89:0c:63:94:f2:73:44:7c:b3:62:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 11 00:31:19 2025 GMT
            Not After : Dec 16 23:59:59 2025 GMT
        Subject: serialNumber=6810ceca353b0b332626c1ee1bd08ab3553812e4e1bb8c60d8cd9d4876c4b77f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:d6:dc:c0:aa:3c:52:6a:87:bb:e5:ad:1d:14:
                    d6:7f:93:4e:03:12:67:2f:28:14:64:b0:c3:df:ec:
                    68:4f:2e:da:57:d0:6e:38:29:9b:64:bd:8e:78:1d:
                    55:84:87:c8:9f:13:90:d8:37:d3:98:b8:35:eb:fe:
                    d8:0a:1a:45:93:2f:fb:91:df:c3:8d:0a:7b:e5:9b:
                    9a:6f:4e:32:b8:29:43:f2:4f:6a:46:3a:1a:89:39:
                    d1:b2:0a:f6:54:c9:0d:fe:b3:41:74:0b:5c:d1:3f:
                    0b:37:27:a4:da:51:d1:b3:24:59:bc:33:e5:d6:52:
                    83:eb:83:c8:e8:0d:88:fa:0e:47:42:ab:99:d1:77:
                    a5:71:9b:52:26:26:1d:14:52:51:3e:09:41:e4:ca:
                    8f:ef:3a:11:5c:c6:88:ec:e8:d6:9c:3a:4e:c7:e1:
                    d9:f0:5f:d4:74:39:86:20:6b:13:a4:0b:15:da:c3:
                    9e:86:ef:0e:e8:56:4a:6b:10:3c:58:65:81:de:05:
                    1b:0d:60:06:01:49:90:9b:24:38:d2:12:1f:74:b5:
                    6d:90:94:55:34:a1:ec:23:14:21:59:96:59:19:09:
                    47:a6:2c:62:54:28:3e:a1:ed:7a:6c:d0:45:4f:20:
                    b7:1a:7c:ab:83:a8:13:00:2b:ed:d1:6a:0a:19:d3:
                    c3:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:78:DD:9B:5D:AC:C9:44:90:26:32:DA:E9:84:29:5C:0F:30:2B:63
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5159f153-639c-4e8b-af0f-42e70fe1b2e9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  205.210.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2c:5f:8f:e5:c5:e4:e3:b1:36:71:08:48:6d:45:ee:1d:1d:32:
         25:e2:bf:88:01:35:47:8b:c7:56:20:c9:3e:d3:3f:6d:0e:f2:
         ba:24:3e:58:ee:3c:d8:c1:52:60:23:9d:d2:d1:cc:7c:1f:8b:
         26:10:92:df:3e:41:9f:9d:ac:e9:cf:e6:fa:a5:dd:dc:b7:76:
         15:b1:f0:0e:10:2c:e6:20:df:81:02:25:06:72:54:71:44:13:
         1f:60:57:02:1a:53:28:94:2e:ab:4a:88:3a:e1:58:1f:e8:9c:
         f2:c5:82:ba:4f:83:b1:cc:6b:9b:60:58:ea:0d:97:ef:ca:ef:
         3c:eb:41:75:d3:d8:36:18:2d:5a:64:c7:bd:6a:39:0d:89:9e:
         6c:6f:06:5e:03:fc:a6:d6:49:16:02:a2:47:e1:63:bf:3c:af:
         77:5a:a8:58:4a:51:8e:a1:85:01:8f:ce:12:f2:a2:5a:9c:de:
         91:92:0d:5e:36:de:a1:16:1d:23:d1:80:09:eb:7b:7b:45:6f:
         a4:2d:4c:90:45:48:75:0c:58:65:b9:61:db:9e:40:94:57:1e:
         5b:39:37:47:75:07:7a:2f:35:5c:48:27:58:93:11:95:f6:ed:
         0e:4e:ac:7a:d4:2f:cb:86:1d:5c:6b:47:17:e2:e5:7a:9b:44:
         45:ec:63:8f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJiBmppQdjzS7iQxjlPJzRHyzYkowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDAzMTE5WhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A2ODEwY2VjYTM1M2IwYjMzMjYyNmMxZWUxYmQwOGFiMzU1
MzgxMmU0ZTFiYjhjNjBkOGNkOWQ0ODc2YzRiNzdmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC51tzAqjxSaoe75a0dFNZ/k04DEmcvKBRksMPf7GhPLtpX
0G44KZtkvY54HVWEh8ifE5DYN9OYuDXr/tgKGkWTL/uR38ONCnvlm5pvTjK4KUPy
T2pGOhqJOdGyCvZUyQ3+s0F0C1zRPws3J6TaUdGzJFm8M+XWUoPrg8joDYj6DkdC
q5nRd6Vxm1ImJh0UUlE+CUHkyo/vOhFcxojs6NacOk7H4dnwX9R0OYYgaxOkCxXa
w56G7w7oVkprEDxYZYHeBRsNYAYBSZCbJDjSEh90tW2QlFU0oewjFCFZllkZCUem
LGJUKD6h7Xps0EVPILcafKuDqBMAK+3RagoZ08OnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUpHjdm12syUSQJjLa6YQpXA8wK2MwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzUxNTlmMTUzLTYzOWMtNGU4Yi1hZjBmLTQyZTcwZmUxYjJlOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALN0mwwDQYJKoZIhvcNAQELBQADggEBACxfj+XF5OOxNnEISG1F7h0dMiXi
v4gBNUeLx1YgyT7TP20O8rokPljuPNjBUmAjndLRzHwfiyYQkt8+QZ+drOnP5vql
3dy3dhWx8A4QLOYg34ECJQZyVHFEEx9gVwIaUyiULqtKiDrhWB/onPLFgrpPg7HM
a5tgWOoNl+/K7zzrQXXT2DYYLVpkx71qOQ2JnmxvBl4D/KbWSRYCokfhY788r3da
qFhKUY6hhQGPzhLyolqc3pGSDV423qEWHSPRgAnre3tFb6QtTJBFSHUMWGW5Ydue
QJRXHls5N0d1B3ovNVxIJ1iTEZX27Q5OrHrUL8uGHVxrRxfi5XqbREXsY48=
-----END CERTIFICATE-----