Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2306c6cb-725b-41c8-b687-97caee05d794.roa
File:                     2306c6cb-725b-41c8-b687-97caee05d794.roa (raw, json)
Hash identifier:          zj+Iig8H+w3kANTGJYZ5AW7uM6mVgWaN3CDrYSaTOKw=
Subject key identifier:   9A:0A:88:86:48:EA:9A:40:4A:F1:2A:CB:54:6F:9C:87:2F:3B:FC:AE
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7CE6A6AFF957CDF52AD6FB93AB57FEBEC80E0B70
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2306c6cb-725b-41c8-b687-97caee05d794.roa
Signing time:             Tue 28 Oct 2025 00:01:10 +0000
ROA not before:           Tue 28 Oct 2025 00:01:10 +0000
ROA not after:            Tue 02 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.82.167.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:e6:a6:af:f9:57:cd:f5:2a:d6:fb:93:ab:57:fe:be:c8:0e:0b:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 28 00:01:10 2025 GMT
            Not After : Dec  2 23:59:59 2025 GMT
        Subject: serialNumber=7f8b5075cad2c00daa1429db2ed9899636534e60ea0fc3a52f123e666c1dc41e, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:ba:cb:05:1e:a4:a7:8d:92:21:9e:fb:09:0b:
                    b4:9a:4f:8c:68:b8:5c:04:62:5c:16:65:54:aa:02:
                    b6:52:4e:7a:51:76:c7:1f:18:da:ee:de:4f:88:94:
                    32:6b:c4:30:dc:72:a4:b0:0c:cc:11:42:8f:25:96:
                    a0:12:1d:e8:48:c6:b2:95:a9:b8:df:f1:51:b0:57:
                    62:b7:06:0e:8b:1f:74:da:92:a0:3b:aa:c0:53:b3:
                    dd:b4:9c:4e:a3:c8:3a:d7:7f:2c:ee:da:b6:e5:e0:
                    5f:5c:07:d5:b8:ac:03:a5:38:04:ce:7d:cd:e3:e1:
                    2a:8e:96:c5:9b:4d:bf:29:1c:83:c9:da:51:cd:b2:
                    ef:cc:9e:48:4f:bf:bd:a1:47:20:57:4a:23:dd:2b:
                    21:cd:4c:e6:7f:f1:62:28:ab:a6:38:ed:88:cc:02:
                    b2:ce:29:89:4b:79:0c:43:42:ca:37:25:29:53:f2:
                    4f:fb:aa:f2:93:9a:85:a4:ca:a5:46:99:81:1e:81:
                    97:2d:f4:c0:2f:6d:fc:ec:a2:21:3d:b2:a6:cf:43:
                    ea:9c:c9:fe:f9:a8:38:50:f5:76:12:ed:e7:62:91:
                    77:5f:56:41:26:c8:25:8f:24:a3:27:f5:73:52:90:
                    8f:09:55:a1:6e:63:e2:6c:82:26:90:ce:7f:24:04:
                    71:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:0A:88:86:48:EA:9A:40:4A:F1:2A:CB:54:6F:9C:87:2F:3B:FC:AE
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2306c6cb-725b-41c8-b687-97caee05d794.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.82.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:21:62:08:d9:78:49:ce:da:35:93:9c:d9:25:8b:2e:be:81:
         8b:df:48:3e:2d:41:ee:ba:80:68:f2:63:20:3a:52:2e:60:5a:
         f3:19:3e:fa:c7:9b:9a:2d:19:e3:a4:34:be:78:aa:5a:80:95:
         16:ff:b4:bf:ea:6c:a6:8d:15:40:f1:88:fd:c8:27:76:d7:85:
         2a:31:c5:66:1d:b4:f9:78:d3:b2:34:84:d3:26:3b:9b:33:78:
         32:e2:7c:4a:c5:b2:23:c5:11:c0:82:8b:58:6f:42:28:e2:fa:
         20:7c:7a:a3:dc:8b:91:72:b6:e6:55:50:bf:21:58:51:97:d4:
         57:cd:fd:2d:87:1a:80:5a:3e:ee:60:7f:db:fa:a8:74:c8:4c:
         43:3b:ca:79:07:69:58:c0:96:ee:4f:7f:d3:7f:ce:0d:ae:f2:
         e7:de:7d:43:39:c9:8b:c9:92:cb:78:cf:d4:a3:8b:cd:87:b6:
         94:1d:0e:4f:66:e1:d5:7c:97:5f:12:7b:6a:7c:57:d9:84:87:
         9e:8b:95:07:4a:ab:f7:61:4c:20:23:f6:8a:ec:46:fa:0e:a2:
         42:f3:9d:47:9c:7d:54:66:c3:12:9e:2f:0c:69:82:98:03:3d:
         f4:23:d4:d4:84:09:9a:44:eb:e7:31:40:ea:d5:5e:84:04:a1:
         36:b3:cc:7f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfOamr/lXzfUq1vuTq1f+vsgOC3AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI4MDAwMTEwWhcNMjUxMjAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A3ZjhiNTA3NWNhZDJjMDBkYWExNDI5ZGIyZWQ5ODk5NjM2
NTM0ZTYwZWEwZmMzYTUyZjEyM2U2NjZjMWRjNDFlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCuussFHqSnjZIhnvsJC7SaT4xouFwEYlwWZVSqArZSTnpR
dscfGNru3k+IlDJrxDDccqSwDMwRQo8llqASHehIxrKVqbjf8VGwV2K3Bg6LH3Ta
kqA7qsBTs920nE6jyDrXfyzu2rbl4F9cB9W4rAOlOATOfc3j4SqOlsWbTb8pHIPJ
2lHNsu/MnkhPv72hRyBXSiPdKyHNTOZ/8WIoq6Y47YjMArLOKYlLeQxDQso3JSlT
8k/7qvKTmoWkyqVGmYEegZct9MAvbfzsoiE9sqbPQ+qcyf75qDhQ9XYS7edikXdf
VkEmyCWPJKMn9XNSkI8JVaFuY+JsgiaQzn8kBHHtAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUmgqIhkjqmkBK8SrLVG+chy87/K4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzIzMDZjNmNiLTcyNWItNDFjOC1iNjg3LTk3Y2FlZTA1ZDc5NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjUqcwDQYJKoZIhvcNAQELBQADggEBAHshYgjZeEnO2jWTnNkliy6+gYvf
SD4tQe66gGjyYyA6Ui5gWvMZPvrHm5otGeOkNL54qlqAlRb/tL/qbKaNFUDxiP3I
J3bXhSoxxWYdtPl407I0hNMmO5szeDLifErFsiPFEcCCi1hvQiji+iB8eqPci5Fy
tuZVUL8hWFGX1FfN/S2HGoBaPu5gf9v6qHTITEM7ynkHaVjAlu5Pf9N/zg2u8ufe
fUM5yYvJkst4z9Sji82HtpQdDk9m4dV8l18Se2p8V9mEh56LlQdKq/dhTCAj9ors
RvoOokLznUecfVRmwxKeLwxpgpgDPfQj1NSECZpE6+cxQOrVXoQEoTazzH8=
-----END CERTIFICATE-----