Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c7360de1-e186-40c6-bd23-3c7bd4024b9f.roa
File:                     c7360de1-e186-40c6-bd23-3c7bd4024b9f.roa (raw, json)
Hash identifier:          rXkYXVPOxH2vfT0//TETWU2NUggrR1V9a2ZycO6pUXc=
Subject key identifier:   0C:71:EB:4D:3F:72:A9:75:CE:94:DD:3E:4D:F7:75:18:0C:44:D0:97
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5ECEEB4F5D3BE32ACE911E28FAD5F6DB06FEC226
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c7360de1-e186-40c6-bd23-3c7bd4024b9f.roa
Signing time:             Tue 18 Nov 2025 00:10:36 +0000
ROA not before:           Tue 18 Nov 2025 00:10:36 +0000
ROA not after:            Mon 16 Feb 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        74.173.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:ce:eb:4f:5d:3b:e3:2a:ce:91:1e:28:fa:d5:f6:db:06:fe:c2:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 18 00:10:36 2025 GMT
            Not After : Feb 16 23:59:59 2026 GMT
        Subject: serialNumber=3807f9cf2894e54f65c2586064f2562261a6dab26273597f4572b9699fbe6858, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:fe:fa:ac:49:9a:43:5b:d2:cd:84:46:78:29:
                    a3:d1:79:af:fb:6d:6a:bd:95:40:f5:c9:cb:48:61:
                    bf:30:60:c4:2c:45:e4:50:da:83:0d:32:78:d5:56:
                    38:29:54:1e:59:86:35:77:28:e1:88:af:38:6f:32:
                    04:7a:c7:1f:4a:b1:dd:21:e0:f3:ca:9f:b9:bc:a0:
                    dd:20:c5:f7:0f:49:a4:3f:f8:74:46:49:ad:20:f4:
                    d7:2b:fa:43:1c:b5:e9:14:e1:a8:c4:aa:7f:89:df:
                    8e:48:15:63:0c:b2:70:c0:8d:e5:01:9a:d7:bd:d0:
                    60:81:f9:1b:90:fe:39:2d:49:a6:3a:ab:62:3e:b0:
                    7a:83:c4:82:56:1c:e2:4a:20:50:4d:8b:b8:b7:67:
                    bd:64:98:6e:b6:5b:00:d9:dc:67:cf:49:45:b2:3d:
                    a9:d5:6d:64:f2:59:d6:63:10:ab:82:e9:0a:a0:fe:
                    a9:5a:8e:b3:ef:86:4d:a8:17:bd:45:6e:fc:6f:7b:
                    37:a4:c0:e5:1c:64:2b:e8:34:ee:39:5d:62:70:07:
                    56:a3:2d:ce:25:3e:39:9a:64:1d:9c:6a:c2:bb:41:
                    29:69:ae:32:18:02:13:67:f3:0c:13:e6:81:bc:dd:
                    3d:13:02:ac:b9:a3:7f:5b:96:90:29:93:4e:e2:ec:
                    51:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:71:EB:4D:3F:72:A9:75:CE:94:DD:3E:4D:F7:75:18:0C:44:D0:97
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c7360de1-e186-40c6-bd23-3c7bd4024b9f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  74.173.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         be:a8:b5:6e:fa:fb:c2:c5:b1:c6:38:ad:80:0a:86:63:6d:04:
         f8:44:21:74:5a:72:b5:9e:b0:42:e1:39:2b:e8:65:04:31:7a:
         d2:9a:27:ce:a3:a6:fb:4b:7d:7f:a9:29:9d:de:66:86:9f:55:
         f6:99:86:e8:9c:b8:1f:c2:57:3d:f5:21:ad:c4:c2:39:dd:20:
         9f:ba:17:8d:9e:89:1c:62:d6:d8:8e:66:ae:b8:c2:53:14:a0:
         d6:63:95:3f:bf:48:17:c4:e0:c4:9c:7f:fb:1c:30:a9:b5:65:
         db:66:95:69:f2:50:93:06:dd:34:3d:a5:f4:68:10:94:6e:3b:
         d7:d7:c0:30:65:e0:0a:db:41:d7:3c:1c:40:d1:af:a6:4b:d7:
         f9:a3:a3:79:19:36:a2:e6:70:ae:f6:39:dc:91:66:3d:e7:f1:
         44:84:22:f7:a5:1d:b9:1d:58:5e:f9:67:f9:27:43:f0:a8:44:
         ba:d5:85:a6:de:12:77:88:03:25:fe:3b:12:f2:b5:7d:04:c1:
         2b:5a:fa:45:a3:8d:95:12:ce:1d:ba:b4:74:29:be:f7:71:70:
         f3:e0:f6:65:88:c4:b9:6e:b3:07:8c:59:0b:34:cf:f9:e6:20:
         fa:c6:c4:3f:40:0d:7b:f1:6e:4d:42:a6:6e:8f:a9:01:26:f2:
         3d:3f:92:30
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUXs7rT1074yrOkR4o+tX22wb+wiYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTE4MDAxMDM2WhcNMjYwMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0AzODA3ZjljZjI4OTRlNTRmNjVjMjU4NjA2NGYyNTYyMjYx
YTZkYWIyNjI3MzU5N2Y0NTcyYjk2OTlmYmU2ODU4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDO/vqsSZpDW9LNhEZ4KaPRea/7bWq9lUD1yctIYb8wYMQs
ReRQ2oMNMnjVVjgpVB5ZhjV3KOGIrzhvMgR6xx9Ksd0h4PPKn7m8oN0gxfcPSaQ/
+HRGSa0g9Ncr+kMctekU4ajEqn+J345IFWMMsnDAjeUBmte90GCB+RuQ/jktSaY6
q2I+sHqDxIJWHOJKIFBNi7i3Z71kmG62WwDZ3GfPSUWyPanVbWTyWdZjEKuC6Qqg
/qlajrPvhk2oF71FbvxvezekwOUcZCvoNO45XWJwB1ajLc4lPjmaZB2casK7QSlp
rjIYAhNn8wwT5oG83T0TAqy5o39blpApk07i7FG3AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUDHHrTT9yqXXOlN0+Tfd1GAxE0JcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M3MzYwZGUxLWUxODYtNDBjNi1iZDIzLTNjN2JkNDAyNGI5Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBKrTANBgkqhkiG9w0BAQsFAAOCAQEAvqi1bvr7wsWxxjitgAqGY20E+EQh
dFpytZ6wQuE5K+hlBDF60ponzqOm+0t9f6kpnd5mhp9V9pmG6Jy4H8JXPfUhrcTC
Od0gn7oXjZ6JHGLW2I5mrrjCUxSg1mOVP79IF8TgxJx/+xwwqbVl22aVafJQkwbd
ND2l9GgQlG4719fAMGXgCttB1zwcQNGvpkvX+aOjeRk2ouZwrvY53JFmPefxRIQi
96UduR1YXvln+SdD8KhEutWFpt4Sd4gDJf47EvK1fQTBK1r6RaONlRLOHbq0dCm+
93Fw8+D2ZYjEuW6zB4xZCzTP+eYg+sbEP0ANe/FuTUKmbo+pASbyPT+SMA==
-----END CERTIFICATE-----