Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bc653e96-0d95-4eef-a3c8-8e462bde99e4.roa
File:                     bc653e96-0d95-4eef-a3c8-8e462bde99e4.roa (raw, json)
Hash identifier:          BEJOmHpPWPwjOHHvnNXY2nWMnUrHAEKxapgmJ6yHkJM=
Subject key identifier:   C6:3A:11:95:C9:C4:E3:CC:EE:C3:92:C6:E3:DF:E3:B4:BA:E1:5F:6C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       70F2F62FCF36C47048E8870F7E422FF9AC245A77
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bc653e96-0d95-4eef-a3c8-8e462bde99e4.roa
Signing time:             Thu 13 Nov 2025 00:41:41 +0000
ROA not before:           Thu 13 Nov 2025 00:41:41 +0000
ROA not after:            Thu 18 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        70.224.224.0/19 maxlen: 19
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:f2:f6:2f:cf:36:c4:70:48:e8:87:0f:7e:42:2f:f9:ac:24:5a:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 13 00:41:41 2025 GMT
            Not After : Dec 18 23:59:59 2025 GMT
        Subject: serialNumber=72e8b742adc39727989a229d4b3ceffe4359c74beef0496cc0216dd84f47291f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:af:e2:d7:44:91:83:60:87:be:0c:f0:88:c4:
                    e4:e0:1e:65:03:7b:ce:9a:da:aa:18:bf:a2:fe:7b:
                    37:99:20:65:db:3d:1e:32:39:4e:1f:99:dd:d4:0f:
                    a1:b9:5c:fc:fb:99:10:53:c0:f9:ac:9d:c1:46:76:
                    92:b6:a6:d9:27:3c:5e:af:85:6c:36:14:3a:d5:d0:
                    f4:62:3d:e6:d8:90:e2:19:be:cf:0b:6e:4b:41:a6:
                    4b:24:f1:28:c0:87:62:66:13:40:b7:5e:13:bb:20:
                    9e:aa:a2:42:1e:e4:86:1f:bd:6f:d6:07:d9:e5:57:
                    9e:06:3a:c2:4c:08:43:bb:50:84:74:ce:35:e5:2c:
                    2d:1c:c8:53:f9:d2:28:ff:2d:12:2a:06:6d:5d:f8:
                    95:c8:ba:6d:85:25:7c:80:d9:21:db:08:a8:a5:1c:
                    f8:c9:da:d3:72:00:a0:bc:9e:00:3e:c1:fe:91:eb:
                    d2:0a:50:58:38:54:17:8b:cc:f9:36:b5:56:75:39:
                    0a:d6:be:d1:2b:59:d1:c0:7f:05:74:8e:f4:12:3d:
                    0a:f0:7b:65:21:ef:ac:09:ef:cb:de:d7:61:9a:44:
                    3f:d1:2f:09:55:f2:e7:ba:dc:94:be:4c:ac:36:6a:
                    ad:05:d6:a1:f2:99:f5:20:9c:38:52:c8:b0:51:5f:
                    5a:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:3A:11:95:C9:C4:E3:CC:EE:C3:92:C6:E3:DF:E3:B4:BA:E1:5F:6C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bc653e96-0d95-4eef-a3c8-8e462bde99e4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  70.224.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         ad:62:aa:6b:92:10:e8:df:14:14:cb:81:41:35:99:5f:d5:97:
         08:d2:01:86:a7:74:54:b3:26:d2:e0:e6:61:9f:c3:a7:69:67:
         f5:e8:fc:76:86:6e:5a:dc:e1:21:26:b5:a4:d7:10:4b:0b:38:
         5e:30:e5:f6:d7:1f:d6:b3:d5:c7:53:7b:ba:19:a4:ef:24:44:
         34:58:e2:be:86:f9:e0:ad:5d:a0:e0:9a:f0:e8:6f:bd:9b:a0:
         55:d6:df:32:9e:d7:79:f0:d1:4a:a5:b3:c1:44:bc:24:cd:df:
         eb:d2:09:28:33:d2:10:c0:d2:87:97:e0:14:31:ce:b9:9a:76:
         46:78:74:37:55:38:dc:48:ba:3e:f3:67:39:53:36:2c:ea:f0:
         75:ad:ec:e1:4b:e6:d7:2d:c2:2e:0c:ed:70:5f:4a:5f:20:52:
         2f:c1:57:1b:6b:93:e9:56:4d:df:14:33:c3:92:c0:92:8c:37:
         cb:c4:1d:b8:fd:de:3b:af:47:c5:c1:1e:b4:e6:9e:11:6f:dd:
         e5:48:1b:c7:ca:fe:1f:d6:14:04:06:3a:f1:55:1a:e7:aa:89:
         22:06:ea:01:54:b8:4a:91:8c:a3:34:68:da:82:fa:b1:93:af:
         4a:ee:f7:af:07:8d:9d:72:17:9c:5c:15:be:d2:9a:b0:dc:d9:
         09:62:00:bc
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcPL2L882xHBI6IcPfkIv+awkWncwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEzMDA0MTQxWhcNMjUxMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A3MmU4Yjc0MmFkYzM5NzI3OTg5YTIyOWQ0YjNjZWZmZTQz
NTljNzRiZWVmMDQ5NmNjMDIxNmRkODRmNDcyOTFmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0r+LXRJGDYIe+DPCIxOTgHmUDe86a2qoYv6L+ezeZIGXb
PR4yOU4fmd3UD6G5XPz7mRBTwPmsncFGdpK2ptknPF6vhWw2FDrV0PRiPebYkOIZ
vs8LbktBpksk8SjAh2JmE0C3XhO7IJ6qokIe5IYfvW/WB9nlV54GOsJMCEO7UIR0
zjXlLC0cyFP50ij/LRIqBm1d+JXIum2FJXyA2SHbCKilHPjJ2tNyAKC8ngA+wf6R
69IKUFg4VBeLzPk2tVZ1OQrWvtErWdHAfwV0jvQSPQrwe2Uh76wJ78ve12GaRD/R
LwlV8ue63JS+TKw2aq0F1qHymfUgnDhSyLBRX1oRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUxjoRlcnE48zuw5LG49/jtLrhX2wwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JjNjUzZTk2LTBkOTUtNGVlZi1hM2M4LThlNDYyYmRlOTllNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAVG4OAwDQYJKoZIhvcNAQELBQADggEBAK1iqmuSEOjfFBTLgUE1mV/VlwjS
AYandFSzJtLg5mGfw6dpZ/Xo/HaGblrc4SEmtaTXEEsLOF4w5fbXH9az1cdTe7oZ
pO8kRDRY4r6G+eCtXaDgmvDob72boFXW3zKe13nw0Uqls8FEvCTN3+vSCSgz0hDA
0oeX4BQxzrmadkZ4dDdVONxIuj7zZzlTNizq8HWt7OFL5tctwi4M7XBfSl8gUi/B
Vxtrk+lWTd8UM8OSwJKMN8vEHbj93juvR8XBHrTmnhFv3eVIG8fK/h/WFAQGOvFV
GueqiSIG6gFUuEqRjKM0aNqC+rGTr0ru968HjZ1yF5xcFb7SmrDc2QliALw=
-----END CERTIFICATE-----