Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b4c433a1-52bd-4a34-af35-a61c38d2ae00.roa
File:                     b4c433a1-52bd-4a34-af35-a61c38d2ae00.roa (raw, json)
Hash identifier:          9ZDsZnSITw0nWUivhp8ia7llezSS3o87ulN8UQUHnrs=
Subject key identifier:   6B:05:C5:7A:E5:3B:2A:C7:33:7F:21:8D:7F:85:66:1C:1A:94:81:8C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       74E47F8EE882B64826F73CB1B677CA7FBE256262
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b4c433a1-52bd-4a34-af35-a61c38d2ae00.roa
Signing time:             Sun 16 Nov 2025 00:10:06 +0000
ROA not before:           Sun 16 Nov 2025 00:10:06 +0000
ROA not after:            Sun 21 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        76.223.168.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:e4:7f:8e:e8:82:b6:48:26:f7:3c:b1:b6:77:ca:7f:be:25:62:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 16 00:10:06 2025 GMT
            Not After : Dec 21 23:59:59 2025 GMT
        Subject: serialNumber=db051dde3e75a03e49ac4680649ce0600bb7bcdee8c291e401e523d56413e383, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:85:f8:ef:7e:d7:04:51:ec:dd:2a:a5:eb:90:
                    70:ed:8f:da:0e:36:d9:00:d8:e3:6f:00:59:ad:ef:
                    2c:b5:dc:a2:b0:4f:aa:0f:9b:0d:8b:09:53:51:c4:
                    ab:a6:20:a5:15:db:69:32:8a:23:19:06:ac:ba:08:
                    55:f7:f2:70:ee:48:f5:c7:55:07:88:cd:0a:48:b3:
                    fc:b1:2c:1c:53:65:3a:11:d2:e9:79:72:bb:b3:04:
                    8a:15:25:5a:62:cb:cf:be:f8:83:97:06:fd:94:32:
                    d2:27:54:3f:70:47:04:64:2c:fb:51:01:7f:83:26:
                    1f:59:85:62:7a:ae:f2:f8:d3:6b:60:0c:5b:74:3e:
                    d2:e9:1b:30:4c:69:3d:62:a0:f9:33:dd:a2:ef:d2:
                    23:4e:21:79:68:b0:d8:ef:eb:ae:1b:83:9a:40:e6:
                    ee:a7:f6:d8:5a:b9:e3:92:1b:f0:35:3c:05:f8:41:
                    25:42:47:ae:a5:b8:76:45:58:18:ee:41:99:c9:52:
                    af:2e:d1:cf:76:c1:4e:54:c4:71:bb:59:7d:6d:46:
                    17:fb:fb:e0:3e:1e:43:f0:48:74:52:40:40:5a:fa:
                    5b:a9:7a:56:33:20:63:78:f6:58:9e:f9:99:e1:03:
                    64:9a:51:b5:d8:8e:25:f8:f3:8b:05:18:ef:b6:85:
                    9c:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:05:C5:7A:E5:3B:2A:C7:33:7F:21:8D:7F:85:66:1C:1A:94:81:8C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b4c433a1-52bd-4a34-af35-a61c38d2ae00.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  76.223.168.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:c2:93:fb:73:f9:c9:02:df:1e:fc:ed:97:fa:60:d4:32:a7:
         3d:a9:ae:cc:2c:24:66:a4:0f:50:f0:0b:59:87:0c:8c:3d:47:
         c5:c8:55:a2:1a:ea:c4:74:84:c2:d7:04:e9:06:c4:b1:af:7b:
         5e:93:4c:60:0e:83:46:e6:cd:1c:5f:8c:5a:7a:2f:3c:22:a0:
         8d:ca:71:d7:c5:36:ad:74:df:68:24:10:f3:4e:56:6a:5d:47:
         b8:7e:a6:41:a6:fa:d0:b7:cb:06:7e:69:79:2b:31:18:0e:90:
         23:bb:fe:b2:a5:4d:57:08:25:39:e5:ad:01:41:24:bc:15:d5:
         57:66:c6:57:b6:d3:30:a2:e9:7c:81:ca:5f:3d:3b:91:f0:61:
         f4:af:6e:49:38:79:cc:94:31:dc:0e:d5:b4:a2:95:af:7c:7d:
         60:19:75:98:bb:d5:68:d7:00:a9:87:0f:cb:e6:4c:4e:f6:ef:
         d1:72:9b:39:04:3e:3f:ea:3a:7d:81:d4:d9:39:b1:e4:69:0d:
         18:5c:35:d9:d0:93:0f:b7:25:19:7d:58:42:78:83:3a:8f:ef:
         d0:5f:b5:72:8e:f1:ea:b8:bf:91:0d:bf:19:b1:90:e0:68:f8:
         08:36:a9:c3:0a:46:0d:a7:03:d6:10:00:2a:08:01:88:ce:a2:
         dc:70:c4:db
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdOR/juiCtkgm9zyxtnfKf74lYmIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTE2MDAxMDA2WhcNMjUxMjIxMjM1OTU5
WjB6MUkwRwYDVQQFE0BkYjA1MWRkZTNlNzVhMDNlNDlhYzQ2ODA2NDljZTA2MDBi
YjdiY2RlZThjMjkxZTQwMWU1MjNkNTY0MTNlMzgzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDQhfjvftcEUezdKqXrkHDtj9oONtkA2ONvAFmt7yy13KKw
T6oPmw2LCVNRxKumIKUV22kyiiMZBqy6CFX38nDuSPXHVQeIzQpIs/yxLBxTZToR
0ul5cruzBIoVJVpiy8+++IOXBv2UMtInVD9wRwRkLPtRAX+DJh9ZhWJ6rvL402tg
DFt0PtLpGzBMaT1ioPkz3aLv0iNOIXlosNjv664bg5pA5u6n9thaueOSG/A1PAX4
QSVCR66luHZFWBjuQZnJUq8u0c92wU5UxHG7WX1tRhf7++A+HkPwSHRSQEBa+lup
elYzIGN49lie+ZnhA2SaUbXYjiX484sFGO+2hZwZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUawXFeuU7KsczfyGNf4VmHBqUgYwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I0YzQzM2ExLTUyYmQtNGEzNC1hZjM1LWE2MWMzOGQyYWUwMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABM36gwDQYJKoZIhvcNAQELBQADggEBABLCk/tz+ckC3x787Zf6YNQypz2p
rswsJGakD1DwC1mHDIw9R8XIVaIa6sR0hMLXBOkGxLGve16TTGAOg0bmzRxfjFp6
LzwioI3KcdfFNq1032gkEPNOVmpdR7h+pkGm+tC3ywZ+aXkrMRgOkCO7/rKlTVcI
JTnlrQFBJLwV1Vdmxle20zCi6XyByl89O5HwYfSvbkk4ecyUMdwO1bSila98fWAZ
dZi71WjXAKmHD8vmTE7279FymzkEPj/qOn2B1Nk5seRpDRhcNdnQkw+3JRl9WEJ4
gzqP79BftXKO8eq4v5ENvxmxkOBo+Ag2qcMKRg2nA9YQACoIAYjOotxwxNs=
-----END CERTIFICATE-----