Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/278d2240-f217-4b3f-b722-7a98e41494d7.roa
File:                     278d2240-f217-4b3f-b722-7a98e41494d7.roa (raw, json)
Hash identifier:          bNSSZkjOLPDljMOyCS9QIAM7w6X+lJcKJMD0rnVZuqQ=
Subject key identifier:   EF:2E:49:DC:A5:68:20:53:FF:F3:CB:52:8E:FA:02:14:1C:E0:1C:4F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6839BDDA6FD3E476C853977719885C59B79E01A4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/278d2240-f217-4b3f-b722-7a98e41494d7.roa
Signing time:             Sun 19 Oct 2025 00:31:07 +0000
ROA not before:           Sun 19 Oct 2025 00:31:07 +0000
ROA not after:            Sun 23 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        108.138.205.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:39:bd:da:6f:d3:e4:76:c8:53:97:77:19:88:5c:59:b7:9e:01:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 19 00:31:07 2025 GMT
            Not After : Nov 23 23:59:59 2025 GMT
        Subject: serialNumber=8dbbe1f75a50e7259254908601d75d5177a42e05e446396ed92aaf39708d998a, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:7d:d8:89:16:ee:d1:9d:e4:75:53:3f:1e:d5:
                    71:8e:a4:f5:06:5c:27:7a:ec:a8:7f:59:86:5b:a3:
                    45:2f:8d:ae:78:7b:73:1f:60:39:9c:8e:2e:48:c0:
                    fe:6e:57:bc:48:f3:ac:19:d4:7f:84:19:88:28:e2:
                    a6:e9:62:e2:88:37:1c:76:97:16:c7:8e:8c:89:96:
                    57:f6:98:b4:5f:7e:8d:86:1e:13:83:d9:b5:02:77:
                    24:89:89:c6:78:d1:99:c6:7b:1c:76:a8:fc:93:3b:
                    57:af:87:63:97:7f:0f:dc:6e:6d:58:4f:88:db:0c:
                    84:71:f0:cf:9a:20:f5:85:28:73:41:75:90:92:0a:
                    1b:4a:b5:7e:67:88:1e:8f:6e:b3:69:f9:7c:22:64:
                    6c:d3:87:98:6d:b2:a4:43:6c:bd:0f:cb:b0:6e:11:
                    90:94:a5:35:8f:cc:4a:04:c3:1f:cb:cc:72:aa:3e:
                    5e:c6:7c:80:dc:7b:4b:fe:76:45:a7:e9:c9:f3:49:
                    1b:1f:cb:c2:54:5b:2a:a0:99:5b:44:de:1d:7b:09:
                    f2:2c:81:63:19:1d:8f:33:08:a9:0e:0a:f1:9e:f6:
                    e6:3a:82:95:a9:4b:cb:02:61:c1:81:34:7c:e0:d0:
                    99:0f:9d:f3:ce:b0:7b:b7:16:6c:53:f6:a6:e5:a7:
                    57:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:2E:49:DC:A5:68:20:53:FF:F3:CB:52:8E:FA:02:14:1C:E0:1C:4F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/278d2240-f217-4b3f-b722-7a98e41494d7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  108.138.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ce:7e:c2:ed:fc:6b:db:7f:9c:0e:2b:17:c3:b9:20:c7:f3:13:
         12:60:0b:ee:b0:c9:1e:23:fa:1b:36:c1:bf:14:98:51:d0:3b:
         7e:2f:2e:56:67:6a:6a:19:5e:55:cf:0b:a9:73:dc:6c:88:14:
         4b:91:ba:65:c6:ab:6c:45:9a:9e:00:74:1e:ec:f4:85:68:d6:
         4b:c5:e7:5a:81:b5:13:84:7f:74:1c:99:43:82:7f:cd:90:b9:
         f4:7a:cb:db:0d:e6:12:be:ca:16:9f:15:e2:05:8b:1e:22:35:
         06:db:3d:51:74:16:02:81:ba:6b:fa:af:95:bb:69:69:e9:51:
         81:91:f5:09:f8:d8:f2:77:54:5c:a6:05:70:9e:7b:37:41:df:
         bd:e9:6e:b6:b2:4a:d7:99:71:1a:25:01:18:e6:4a:a6:57:5d:
         0a:c9:73:72:fc:87:a9:ff:ff:fa:af:2d:3b:36:22:86:39:cb:
         c3:b4:1d:cf:ae:6c:93:59:26:ff:0e:b7:eb:d9:94:ec:d2:1b:
         ff:e1:8f:51:77:98:8d:44:e8:72:55:11:92:e0:ae:96:95:20:
         d4:78:ce:7f:17:89:23:ac:66:c2:88:04:49:fe:09:8a:0b:c6:
         f2:0d:c7:74:35:1f:73:09:b7:57:6d:83:91:fa:5f:75:6e:09:
         93:26:77:9c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUaDm92m/T5HbIU5d3GYhcWbeeAaQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE5MDAzMTA3WhcNMjUxMTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A4ZGJiZTFmNzVhNTBlNzI1OTI1NDkwODYwMWQ3NWQ1MTc3
YTQyZTA1ZTQ0NjM5NmVkOTJhYWYzOTcwOGQ5OThhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC8fdiJFu7RneR1Uz8e1XGOpPUGXCd67Kh/WYZbo0Uvja54
e3MfYDmcji5IwP5uV7xI86wZ1H+EGYgo4qbpYuKINxx2lxbHjoyJllf2mLRffo2G
HhOD2bUCdySJicZ40ZnGexx2qPyTO1evh2OXfw/cbm1YT4jbDIRx8M+aIPWFKHNB
dZCSChtKtX5niB6PbrNp+XwiZGzTh5htsqRDbL0Py7BuEZCUpTWPzEoEwx/LzHKq
Pl7GfIDce0v+dkWn6cnzSRsfy8JUWyqgmVtE3h17CfIsgWMZHY8zCKkOCvGe9uY6
gpWpS8sCYcGBNHzg0JkPnfPOsHu3FmxT9qblp1fBAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU7y5J3KVoIFP/88tSjvoCFBzgHE8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI3OGQyMjQwLWYyMTctNGIzZi1iNzIyLTdhOThlNDE0OTRkNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABsis0wDQYJKoZIhvcNAQELBQADggEBAM5+wu38a9t/nA4rF8O5IMfzExJg
C+6wyR4j+hs2wb8UmFHQO34vLlZnamoZXlXPC6lz3GyIFEuRumXGq2xFmp4AdB7s
9IVo1kvF51qBtROEf3QcmUOCf82QufR6y9sN5hK+yhafFeIFix4iNQbbPVF0FgKB
umv6r5W7aWnpUYGR9Qn42PJ3VFymBXCeezdB373pbraySteZcRolARjmSqZXXQrJ
c3L8h6n///qvLTs2IoY5y8O0Hc+ubJNZJv8Ot+vZlOzSG//hj1F3mI1E6HJVEZLg
rpaVINR4zn8XiSOsZsKIBEn+CYoLxvINx3Q1H3MJt1dtg5H6X3VuCZMmd5w=
-----END CERTIFICATE-----