Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/58e4dc97-a40d-44ef-a2a3-05f990aa85ae.roa
File:                     58e4dc97-a40d-44ef-a2a3-05f990aa85ae.roa (raw, json)
Hash identifier:          FjJw8D8BJSTgAuwxC7iqFhm710rSZLCV0F2QexsZ7sc=
Subject key identifier:   13:E6:44:DE:90:AC:CB:18:FB:55:40:37:4A:85:C7:26:5B:86:B9:9B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2D20DFCDAE65F81DD5D4C63B904AD24FCE323210
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/58e4dc97-a40d-44ef-a2a3-05f990aa85ae.roa
Signing time:             Thu 13 Nov 2025 00:41:38 +0000
ROA not before:           Thu 13 Nov 2025 00:41:38 +0000
ROA not after:            Thu 18 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        75.101.160.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:20:df:cd:ae:65:f8:1d:d5:d4:c6:3b:90:4a:d2:4f:ce:32:32:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 13 00:41:38 2025 GMT
            Not After : Dec 18 23:59:59 2025 GMT
        Subject: serialNumber=7bdac33550c9544a3ea3898c822eb00713c0f5556f5a66979e0f933089b554f8, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:5f:65:7e:60:2b:79:f3:c1:6c:3c:b4:65:09:
                    d7:78:a6:1d:14:10:a4:96:08:57:eb:12:d7:7c:0e:
                    8c:dc:54:6f:6e:c0:78:02:ee:5e:d7:26:dc:a9:f1:
                    d4:64:e0:c9:4c:4a:56:7d:a7:d4:f4:f7:e3:56:7d:
                    8b:b0:cf:33:7d:92:9e:be:0a:1d:21:d8:60:bf:0e:
                    90:99:7c:24:d7:24:cc:e6:5c:ba:83:88:c6:9b:99:
                    ce:e9:a1:17:51:5a:1c:28:68:36:18:e3:67:5c:e3:
                    f6:b9:3a:7e:e2:ca:95:85:2d:1c:bd:1d:e6:b8:ef:
                    24:49:f9:98:3c:10:7e:ff:ca:20:2e:0d:c8:15:c2:
                    25:92:30:51:62:d1:f1:7b:ae:d4:ab:a9:28:49:0f:
                    a6:00:96:f9:25:7f:1b:2f:8e:de:95:0f:14:18:b8:
                    9d:80:19:de:ea:99:bd:e6:1b:b7:17:43:56:bc:9c:
                    58:97:95:ea:d3:89:ef:83:58:df:21:00:4a:65:a2:
                    7c:be:c5:ae:e9:b3:88:6b:81:1c:74:2e:c0:cb:fe:
                    9e:eb:67:27:1b:78:25:ec:52:19:19:4a:0a:e7:e1:
                    1b:3b:e3:09:e1:d9:dc:ed:5f:e3:d5:93:a0:18:0a:
                    10:31:a1:b3:7f:6e:29:b0:97:9a:22:15:40:65:52:
                    50:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:E6:44:DE:90:AC:CB:18:FB:55:40:37:4A:85:C7:26:5B:86:B9:9B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/58e4dc97-a40d-44ef-a2a3-05f990aa85ae.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  75.101.160.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:76:49:f7:47:0a:80:f6:eb:42:59:ee:42:1d:95:d9:85:62:
         0b:19:bc:a6:8f:19:03:d1:40:80:98:ba:64:e1:32:a7:6e:2b:
         1d:c8:4f:90:c6:f9:8c:37:c2:b3:83:ca:26:2e:89:85:30:09:
         e7:e3:a1:56:4c:2b:ee:e9:f5:8a:94:f2:bb:e7:bc:c6:e5:f3:
         be:50:ea:5b:73:f8:35:ba:22:d9:65:8f:c7:54:71:26:7c:68:
         f1:d4:c4:87:d9:b7:5d:eb:40:17:f0:13:d7:b4:1a:7b:6a:4b:
         33:23:05:73:75:5e:e8:ac:86:02:88:7b:f8:94:4f:3d:32:25:
         b8:26:e8:dd:a4:5b:d2:55:05:4f:96:04:cf:33:0d:1a:c8:33:
         54:fe:87:14:46:1b:f0:d2:44:fb:38:45:fa:ae:42:b8:04:1c:
         d4:d6:0e:4d:68:d8:a8:a1:15:22:10:50:42:e5:2f:50:e1:9b:
         b4:30:8a:d4:93:ed:30:61:7e:9d:e5:2b:af:7d:3f:be:a6:0c:
         7e:2b:b6:2c:72:bd:96:b9:2d:fc:97:8d:a4:1a:7f:e9:30:94:
         65:1d:64:16:af:ce:4b:12:5f:e7:d0:88:bb:1a:fa:4c:ed:fd:
         74:55:d7:47:3b:2e:d3:97:9e:a1:36:be:50:38:92:3a:08:13:
         fe:ef:1a:21
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULSDfza5l+B3V1MY7kErST84yMhAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEzMDA0MTM4WhcNMjUxMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A3YmRhYzMzNTUwYzk1NDRhM2VhMzg5OGM4MjJlYjAwNzEz
YzBmNTU1NmY1YTY2OTc5ZTBmOTMzMDg5YjU1NGY4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1X2V+YCt588FsPLRlCdd4ph0UEKSWCFfrEtd8DozcVG9u
wHgC7l7XJtyp8dRk4MlMSlZ9p9T09+NWfYuwzzN9kp6+Ch0h2GC/DpCZfCTXJMzm
XLqDiMabmc7poRdRWhwoaDYY42dc4/a5On7iypWFLRy9Hea47yRJ+Zg8EH7/yiAu
DcgVwiWSMFFi0fF7rtSrqShJD6YAlvklfxsvjt6VDxQYuJ2AGd7qmb3mG7cXQ1a8
nFiXlerTie+DWN8hAEplony+xa7ps4hrgRx0LsDL/p7rZycbeCXsUhkZSgrn4Rs7
4wnh2dztX+PVk6AYChAxobN/bimwl5oiFUBlUlBPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUE+ZE3pCsyxj7VUA3SoXHJluGuZswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzU4ZTRkYzk3LWE0MGQtNDRlZi1hMmEzLTA1Zjk5MGFhODVhZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABLZaAwDQYJKoZIhvcNAQELBQADggEBACd2SfdHCoD260JZ7kIdldmFYgsZ
vKaPGQPRQICYumThMqduKx3IT5DG+Yw3wrODyiYuiYUwCefjoVZMK+7p9YqU8rvn
vMbl875Q6ltz+DW6Itllj8dUcSZ8aPHUxIfZt13rQBfwE9e0GntqSzMjBXN1Xuis
hgKIe/iUTz0yJbgm6N2kW9JVBU+WBM8zDRrIM1T+hxRGG/DSRPs4RfquQrgEHNTW
Dk1o2KihFSIQUELlL1Dhm7QwitST7TBhfp3lK699P76mDH4rtixyvZa5LfyXjaQa
f+kwlGUdZBavzksSX+fQiLsa+kzt/XRV10c7LtOXnqE2vlA4kjoIE/7vGiE=
-----END CERTIFICATE-----