Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b329dcd2-1949-46fc-8852-9e7592d53c17.roa
File:                     b329dcd2-1949-46fc-8852-9e7592d53c17.roa (raw, json)
Hash identifier:          HdIv0j5/wn8Ss5InPN8tfVA9ns6h48u0FwCM4kUmMrg=
Subject key identifier:   F7:5B:45:23:EB:27:67:3D:AD:2A:A1:A1:F4:9B:F9:B0:FE:19:E1:D9
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       74B43F0CA08355EB53583CA8067F248368D9752D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b329dcd2-1949-46fc-8852-9e7592d53c17.roa
Signing time:             Sat 15 Nov 2025 00:31:02 +0000
ROA not before:           Sat 15 Nov 2025 00:31:02 +0000
ROA not after:            Sat 20 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        98.82.154.0/23 maxlen: 23
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:b4:3f:0c:a0:83:55:eb:53:58:3c:a8:06:7f:24:83:68:d9:75:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 15 00:31:02 2025 GMT
            Not After : Dec 20 23:59:59 2025 GMT
        Subject: serialNumber=896198454749f10ccf8eef45c1b5054db865a3084a5da0316c9415d25ff8e7b6, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:6d:5f:6c:91:db:fe:f2:2b:3b:37:7b:aa:66:
                    44:ae:bb:8e:be:a5:4f:2c:dc:12:10:56:cf:d4:88:
                    7a:38:8f:b8:08:d1:05:85:7e:f4:7b:04:91:11:ce:
                    da:f8:2c:31:5d:4c:4c:e6:e3:8f:ee:07:0b:c6:b0:
                    3b:1d:09:60:ed:e9:b1:4f:48:db:a9:8b:76:ea:5d:
                    51:5f:fd:ca:21:10:b2:84:de:17:ee:32:86:f2:dd:
                    ef:47:5b:62:5c:16:b8:92:ea:68:80:46:23:d1:c2:
                    57:8f:24:73:d4:f0:47:11:e6:96:46:ae:0e:2e:c9:
                    34:fb:d3:31:3b:67:69:ae:c6:eb:f9:8b:4e:c6:95:
                    fb:1e:4c:00:4c:7c:4b:a6:a4:89:b9:bf:3e:b6:15:
                    de:e5:b4:9c:2f:af:cd:8e:32:75:ea:1a:6b:c3:1d:
                    42:ee:c0:bc:c6:a0:62:b3:6e:4a:0d:25:c2:7e:d6:
                    3a:c8:a3:88:18:ba:3d:04:7a:0c:85:8f:c9:3c:a0:
                    79:03:85:de:39:66:8b:ba:96:da:a4:89:d6:db:0a:
                    57:b9:b3:c0:b7:92:35:4f:49:73:ce:64:7c:91:40:
                    a0:98:b0:fb:81:cc:6b:ba:b3:66:ba:e9:4b:36:3a:
                    7e:96:d4:4b:26:60:60:d9:3d:1d:93:74:b7:d2:cf:
                    fe:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:5B:45:23:EB:27:67:3D:AD:2A:A1:A1:F4:9B:F9:B0:FE:19:E1:D9
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b329dcd2-1949-46fc-8852-9e7592d53c17.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  98.82.154.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3f:48:1d:f1:1a:bd:4b:c4:c7:a3:f2:d6:8b:08:9c:4d:bb:c6:
         ff:0d:53:08:43:ee:bc:d2:16:f6:3f:c2:b1:ec:21:8a:6a:1e:
         ac:fe:20:d5:2f:87:bd:ca:1f:9f:0f:ab:82:24:97:26:33:ac:
         f3:14:f3:1c:65:f8:52:6e:de:09:fb:53:37:9b:0f:f4:87:f4:
         09:60:0a:27:d8:dc:8e:c6:ed:ac:99:67:b0:5c:f6:7e:9f:11:
         5b:58:9c:81:99:f5:f6:aa:21:cf:39:33:d5:37:b6:1e:fb:59:
         4d:a0:53:32:6f:6d:90:72:59:2a:c0:64:35:93:db:c0:fe:9a:
         4e:57:ad:04:47:6d:03:e3:f6:0f:ec:64:a0:ac:fc:8c:b5:c2:
         70:78:1f:07:ef:90:1f:10:37:7c:7c:26:ee:73:f7:c8:84:14:
         89:ae:7b:82:95:ed:8c:57:3e:13:5a:0f:20:7f:42:99:cb:82:
         51:10:76:28:19:c6:ff:e6:20:9b:2a:09:82:60:2b:d4:1d:70:
         3e:d2:f5:d1:1a:fe:b8:06:7a:43:02:ae:bc:06:b5:28:da:7e:
         77:cb:e9:29:53:15:fc:fc:e2:70:d7:88:05:8c:d4:9e:dd:87:
         be:a5:e9:37:6b:e6:1e:a5:9c:c8:5c:8f:53:55:63:1b:d0:06:
         d5:2b:ef:49
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdLQ/DKCDVetTWDyoBn8kg2jZdS0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTE1MDAzMTAyWhcNMjUxMjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A4OTYxOTg0NTQ3NDlmMTBjY2Y4ZWVmNDVjMWI1MDU0ZGI4
NjVhMzA4NGE1ZGEwMzE2Yzk0MTVkMjVmZjhlN2I2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCObV9skdv+8is7N3uqZkSuu46+pU8s3BIQVs/UiHo4j7gI
0QWFfvR7BJERztr4LDFdTEzm44/uBwvGsDsdCWDt6bFPSNupi3bqXVFf/cohELKE
3hfuMoby3e9HW2JcFriS6miARiPRwlePJHPU8EcR5pZGrg4uyTT70zE7Z2muxuv5
i07GlfseTABMfEumpIm5vz62Fd7ltJwvr82OMnXqGmvDHULuwLzGoGKzbkoNJcJ+
1jrIo4gYuj0EegyFj8k8oHkDhd45Zou6ltqkidbbCle5s8C3kjVPSXPOZHyRQKCY
sPuBzGu6s2a66Us2On6W1EsmYGDZPR2TdLfSz/5pAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU91tFI+snZz2tKqGh9Jv5sP4Z4dkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2IzMjlkY2QyLTE5NDktNDZmYy04ODUyLTllNzU5MmQ1M2MxNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFiUpowDQYJKoZIhvcNAQELBQADggEBAD9IHfEavUvEx6Py1osInE27xv8N
UwhD7rzSFvY/wrHsIYpqHqz+INUvh73KH58Pq4IklyYzrPMU8xxl+FJu3gn7Uzeb
D/SH9AlgCifY3I7G7ayZZ7Bc9n6fEVtYnIGZ9faqIc85M9U3th77WU2gUzJvbZBy
WSrAZDWT28D+mk5XrQRHbQPj9g/sZKCs/Iy1wnB4HwfvkB8QN3x8Ju5z98iEFImu
e4KV7YxXPhNaDyB/QpnLglEQdigZxv/mIJsqCYJgK9QdcD7S9dEa/rgGekMCrrwG
tSjafnfL6SlTFfz84nDXiAWM1J7dh76l6Tdr5h6lnMhcj1NVYxvQBtUr70k=
-----END CERTIFICATE-----