Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cffa990e-6fc2-4b61-89ad-172287c16758.roa
File:                     cffa990e-6fc2-4b61-89ad-172287c16758.roa (raw, json)
Hash identifier:          1FY6RrMh4kUob1dMDUpVud91vaWcBHqeF5BgDhOwoNU=
Subject key identifier:   CE:73:9F:67:25:0C:32:3D:92:8B:83:61:28:D2:6B:82:96:A3:9D:F6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2DC1EB2E5812D0857F79DEEC510DDDB0FFD4490B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cffa990e-6fc2-4b61-89ad-172287c16758.roa
Signing time:             Sat 15 Nov 2025 00:40:11 +0000
ROA not before:           Sat 15 Nov 2025 00:40:11 +0000
ROA not after:            Sat 20 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        77.122.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:c1:eb:2e:58:12:d0:85:7f:79:de:ec:51:0d:dd:b0:ff:d4:49:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 15 00:40:11 2025 GMT
            Not After : Dec 20 23:59:59 2025 GMT
        Subject: serialNumber=866acea1b3f8be051dbfd1619448f38f8b0e52f46fc6085549ebac5892ca172f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:e3:85:e1:ff:72:a9:dd:58:4d:bd:0a:11:63:
                    25:1a:95:d7:f2:6a:7b:18:48:d0:73:ff:c6:74:74:
                    03:a9:37:1a:70:38:b0:6c:27:00:6e:77:b4:90:89:
                    48:11:90:58:65:54:35:fb:77:23:f6:9c:6e:30:b8:
                    67:95:17:13:88:60:b4:d4:3b:71:f5:e8:0c:ae:31:
                    91:98:7b:36:55:a8:4c:cf:38:85:ff:d9:43:4d:c0:
                    cd:05:3f:72:c6:49:ef:ea:7a:61:7b:a5:ab:f5:cf:
                    d7:01:51:97:6a:e8:09:52:1c:c9:cc:3b:0a:d8:73:
                    f1:09:2c:eb:ac:ed:8c:9f:35:51:b3:9b:80:05:85:
                    6a:67:46:b5:c5:ca:0d:72:e9:5e:98:4b:a2:d8:8b:
                    d5:a3:d0:14:6e:df:0a:46:6e:61:10:f1:61:5c:4a:
                    62:b8:6b:e3:61:c7:a0:47:c4:5f:2b:c8:43:20:39:
                    a0:ad:75:38:04:91:b6:4f:57:9c:82:83:38:94:14:
                    25:1f:dc:0c:1e:d4:8c:ef:5d:39:99:0d:48:10:5e:
                    fd:2f:c9:2a:66:90:0f:28:e2:b1:67:b4:95:20:9f:
                    84:5b:24:42:06:e1:34:27:2a:0c:7f:59:31:da:11:
                    42:f4:af:b1:92:83:9d:8d:f8:50:cb:8e:39:bd:3c:
                    28:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:73:9F:67:25:0C:32:3D:92:8B:83:61:28:D2:6B:82:96:A3:9D:F6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cffa990e-6fc2-4b61-89ad-172287c16758.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.122.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         d5:bc:23:72:92:33:d4:fd:ac:f5:9d:ee:fe:1c:83:ee:44:33:
         8a:f9:e7:76:ba:3d:83:ee:4e:78:56:93:fa:77:5f:f8:b8:b3:
         6b:48:9e:74:25:7b:ac:48:e6:85:29:f4:39:92:66:83:5b:dd:
         b1:29:53:32:96:3a:30:e5:cf:56:f3:04:c1:61:48:3c:61:71:
         5c:fa:3a:d7:e1:fb:1b:08:5c:72:56:22:18:3d:cc:95:c7:f3:
         de:cb:cd:61:70:6f:1d:7b:4c:36:aa:ab:4e:79:b6:62:ea:f2:
         74:b9:14:73:9e:fb:38:80:fb:15:38:ec:37:f6:25:34:e4:fe:
         6f:ad:8f:bb:dd:be:dd:7b:5d:13:cc:fc:27:23:2b:5f:0a:3e:
         99:b0:c5:72:c5:9b:21:ab:91:cd:7a:18:e8:ac:7e:10:9a:27:
         0c:02:77:d2:c8:5b:86:a4:bb:66:57:44:a1:8c:49:62:55:74:
         0b:34:20:85:8d:99:d3:a6:fe:d1:30:f1:90:19:5e:d6:e6:ea:
         02:bb:48:14:31:e1:5d:23:d3:34:f3:f5:b2:ca:40:6a:c5:1f:
         c8:91:3f:b7:44:95:f7:00:45:8c:4c:f9:ef:d7:89:4a:c6:db:
         e7:df:67:b7:8e:59:05:0e:b0:eb:0d:40:d6:ac:c8:1e:ec:2e:
         b2:33:89:2c
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIULcHrLlgS0IV/ed7sUQ3dsP/USQswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTE1MDA0MDExWhcNMjUxMjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A4NjZhY2VhMWIzZjhiZTA1MWRiZmQxNjE5NDQ4ZjM4Zjhi
MGU1MmY0NmZjNjA4NTU0OWViYWM1ODkyY2ExNzJmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCN44Xh/3Kp3VhNvQoRYyUaldfyansYSNBz/8Z0dAOpNxpw
OLBsJwBud7SQiUgRkFhlVDX7dyP2nG4wuGeVFxOIYLTUO3H16AyuMZGYezZVqEzP
OIX/2UNNwM0FP3LGSe/qemF7pav1z9cBUZdq6AlSHMnMOwrYc/EJLOus7YyfNVGz
m4AFhWpnRrXFyg1y6V6YS6LYi9Wj0BRu3wpGbmEQ8WFcSmK4a+Nhx6BHxF8ryEMg
OaCtdTgEkbZPV5yCgziUFCUf3Awe1IzvXTmZDUgQXv0vySpmkA8o4rFntJUgn4Rb
JEIG4TQnKgx/WTHaEUL0r7GSg52N+FDLjjm9PChBAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUznOfZyUMMj2Si4NhKNJrgpajnfYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NmZmE5OTBlLTZmYzItNGI2MS04OWFkLTE3MjI4N2MxNjc1OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBNejANBgkqhkiG9w0BAQsFAAOCAQEA1bwjcpIz1P2s9Z3u/hyD7kQzivnn
dro9g+5OeFaT+ndf+Liza0iedCV7rEjmhSn0OZJmg1vdsSlTMpY6MOXPVvMEwWFI
PGFxXPo61+H7GwhcclYiGD3Mlcfz3svNYXBvHXtMNqqrTnm2YurydLkUc577OID7
FTjsN/YlNOT+b62Pu92+3XtdE8z8JyMrXwo+mbDFcsWbIauRzXoY6Kx+EJonDAJ3
0shbhqS7ZldEoYxJYlV0CzQghY2Z06b+0TDxkBle1ubqArtIFDHhXSPTNPP1sspA
asUfyJE/t0SV9wBFjEz579eJSsbb599nt45ZBQ6w6w1A1qzIHuwusjOJLA==
-----END CERTIFICATE-----