Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bb25d187-d1dd-4edd-bab5-cacbe523b758.roa
File:                     bb25d187-d1dd-4edd-bab5-cacbe523b758.roa (raw, json)
Hash identifier:          q2bhXtvO4ZiWg+FGdRs+kuGiHHpeqOrS+9/ToM76Ka0=
Subject key identifier:   85:C4:D4:84:79:91:07:D1:26:2A:E9:BA:B6:E4:BC:30:B4:ED:74:74
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7BAFE2A85CC4CB062A015613DCEF1E0374E33E33
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bb25d187-d1dd-4edd-bab5-cacbe523b758.roa
Signing time:             Fri 07 Nov 2025 01:00:09 +0000
ROA not before:           Fri 07 Nov 2025 01:00:09 +0000
ROA not after:            Fri 12 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        23.91.19.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:af:e2:a8:5c:c4:cb:06:2a:01:56:13:dc:ef:1e:03:74:e3:3e:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  7 01:00:09 2025 GMT
            Not After : Dec 12 23:59:59 2025 GMT
        Subject: serialNumber=acf7bbc594836dfebd95be1ece23a1bec183b964a6698cfd5d9ab2826d442671, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:53:f4:84:63:b1:3b:53:c8:b9:53:14:0a:37:
                    84:1c:18:af:fd:2c:09:2b:49:00:0f:30:20:2f:c9:
                    f7:3b:3f:e1:90:f2:93:c3:64:3b:ab:34:67:d4:57:
                    06:64:2f:fd:78:ef:15:31:37:10:6e:b8:15:3a:f0:
                    00:d2:1a:6f:9c:b7:f4:cd:4a:86:00:1e:01:c5:70:
                    d5:96:bc:e8:c5:e5:0e:f2:05:5d:74:d9:b6:a3:23:
                    18:d0:43:24:f9:2a:03:76:3a:56:c0:80:e1:1e:98:
                    68:28:6a:e5:54:72:e6:51:7e:01:a8:de:c8:a1:75:
                    1c:41:69:49:75:aa:37:55:86:39:20:7b:c2:99:db:
                    47:9d:29:3e:80:ce:09:94:ae:9f:da:92:45:80:a6:
                    4a:13:dc:22:95:44:c2:13:55:f9:8f:3d:50:89:73:
                    4e:9c:7e:bd:cd:17:db:45:04:79:d0:c1:35:d0:b6:
                    ce:b6:43:96:82:12:61:45:12:73:14:26:4c:d6:a5:
                    57:5e:08:65:fd:0a:5b:6b:a6:d6:82:3e:a4:f9:23:
                    5d:56:8c:db:f1:46:b6:7e:d1:a5:32:a7:46:70:2a:
                    09:53:62:d2:b5:e6:bc:5a:81:7e:5f:b9:f3:7a:6b:
                    88:08:a4:34:58:6a:c4:0e:25:9f:25:a7:29:e1:08:
                    fd:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:C4:D4:84:79:91:07:D1:26:2A:E9:BA:B6:E4:BC:30:B4:ED:74:74
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bb25d187-d1dd-4edd-bab5-cacbe523b758.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.91.19.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:e2:18:aa:48:b7:c6:b9:0c:c8:d4:e4:f4:85:fc:83:84:69:
         07:d5:7c:fe:e0:0e:8c:0f:17:b9:05:32:4c:28:e7:3e:db:60:
         83:c7:3c:1e:49:ae:54:42:5c:7c:af:ed:6d:12:91:79:64:96:
         60:72:09:ed:59:7d:70:85:29:55:b6:2e:c9:33:f0:5f:be:b3:
         ac:97:9d:8c:ae:1a:a9:d2:91:7f:57:27:58:c9:d0:12:2e:d5:
         93:b6:17:f1:27:16:b4:e0:bb:19:1f:28:f2:1c:40:f7:f9:07:
         b5:b7:e4:8b:c3:76:bf:72:69:b8:3c:e2:a2:a2:2a:3b:b0:9e:
         a0:0b:d1:83:7f:6f:31:85:47:79:1f:b0:ba:53:c8:5d:4b:52:
         49:7c:03:76:9d:12:03:09:05:1a:5a:1e:54:19:6c:c4:66:1d:
         5a:5e:ef:11:1e:84:20:f2:0c:de:33:bf:c0:a9:b6:c0:f0:df:
         7c:77:ef:3b:59:a6:d1:7a:a6:87:7b:16:85:7b:17:3e:d0:b6:
         ff:ce:7a:a3:55:44:00:92:92:d8:0f:14:fb:27:b3:97:2c:20:
         b2:c9:71:50:97:5a:46:2d:71:93:b9:45:59:ef:07:57:c0:30:
         a1:4e:7b:d6:4d:c8:f2:2b:31:45:dd:5f:96:f5:b0:a3:5c:83:
         db:f3:ac:6b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUe6/iqFzEywYqAVYT3O8eA3TjPjMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTA3MDEwMDA5WhcNMjUxMjEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BhY2Y3YmJjNTk0ODM2ZGZlYmQ5NWJlMWVjZTIzYTFiZWMx
ODNiOTY0YTY2OThjZmQ1ZDlhYjI4MjZkNDQyNjcxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCuU/SEY7E7U8i5UxQKN4QcGK/9LAkrSQAPMCAvyfc7P+GQ
8pPDZDurNGfUVwZkL/147xUxNxBuuBU68ADSGm+ct/TNSoYAHgHFcNWWvOjF5Q7y
BV102bajIxjQQyT5KgN2OlbAgOEemGgoauVUcuZRfgGo3sihdRxBaUl1qjdVhjkg
e8KZ20edKT6AzgmUrp/akkWApkoT3CKVRMITVfmPPVCJc06cfr3NF9tFBHnQwTXQ
ts62Q5aCEmFFEnMUJkzWpVdeCGX9CltrptaCPqT5I11WjNvxRrZ+0aUyp0ZwKglT
YtK15rxagX5fufN6a4gIpDRYasQOJZ8lpynhCP0VAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUhcTUhHmRB9EmKum6tuS8MLTtdHQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JiMjVkMTg3LWQxZGQtNGVkZC1iYWI1LWNhY2JlNTIzYjc1OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAXWxMwDQYJKoZIhvcNAQELBQADggEBAI/iGKpIt8a5DMjU5PSF/IOEaQfV
fP7gDowPF7kFMkwo5z7bYIPHPB5JrlRCXHyv7W0SkXlklmByCe1ZfXCFKVW2Lskz
8F++s6yXnYyuGqnSkX9XJ1jJ0BIu1ZO2F/EnFrTguxkfKPIcQPf5B7W35IvDdr9y
abg84qKiKjuwnqAL0YN/bzGFR3kfsLpTyF1LUkl8A3adEgMJBRpaHlQZbMRmHVpe
7xEehCDyDN4zv8CptsDw33x37ztZptF6pod7FoV7Fz7Qtv/OeqNVRACSktgPFPsn
s5csILLJcVCXWkYtcZO5RVnvB1fAMKFOe9ZNyPIrMUXdX5b1sKNcg9vzrGs=
-----END CERTIFICATE-----