Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2bf6a79d-e7fb-4b23-b878-c49ed99191e3.roa
File:                     2bf6a79d-e7fb-4b23-b878-c49ed99191e3.roa (raw, json)
Hash identifier:          myiIzrSOLI3kqUVUaIr74i0c9S+SRXEnuE5joc65qX8=
Subject key identifier:   C7:E8:CA:22:02:11:A9:AF:4B:A8:7F:94:DF:31:E9:52:F5:23:E9:72
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2FF6982E155A61E2BDF6FCA19064D575A307E7A5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2bf6a79d-e7fb-4b23-b878-c49ed99191e3.roa
Signing time:             Sun 26 Oct 2025 00:21:52 +0000
ROA not before:           Sun 26 Oct 2025 00:21:52 +0000
ROA not after:            Sun 30 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        76.223.162.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:f6:98:2e:15:5a:61:e2:bd:f6:fc:a1:90:64:d5:75:a3:07:e7:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 26 00:21:52 2025 GMT
            Not After : Nov 30 23:59:59 2025 GMT
        Subject: serialNumber=749474fa21ccf8934640a4e9498c01c92b07168766aa4a4d2f77e796a72a82c7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:1a:f9:91:6f:b6:39:88:c5:9c:15:f1:b8:e2:
                    31:40:b3:db:10:d5:f3:80:0b:c1:71:1c:16:bf:34:
                    c7:86:91:e5:cf:44:fc:63:88:52:8c:4a:ce:16:2d:
                    27:73:90:16:2f:40:40:62:48:08:ec:93:8f:35:31:
                    5a:e1:ab:2d:c6:76:57:58:f1:8f:c0:90:d1:9e:83:
                    f6:20:2d:b7:db:75:79:68:bc:b1:d0:98:35:3c:d1:
                    b9:48:c7:d8:33:20:36:b5:bd:6d:17:ff:67:42:62:
                    d1:84:94:e8:74:2b:9c:87:9e:b0:8c:d3:53:cb:c2:
                    f9:3f:26:df:f0:4c:aa:61:68:e6:d8:7e:eb:56:70:
                    80:0c:f3:d8:d7:12:0e:99:99:a5:a3:1a:99:0c:df:
                    d2:a4:1e:27:03:b3:fc:04:1c:8a:25:6c:92:92:6a:
                    e5:ef:72:e0:95:37:53:53:87:94:56:d4:26:f9:b8:
                    1a:fa:4f:e1:a3:f0:c0:fd:1b:b7:6d:4f:22:d0:fe:
                    35:7e:93:1d:34:75:be:8a:4c:2f:23:c8:3d:1e:76:
                    7c:d5:b5:7f:c2:de:3d:3e:e4:67:1c:67:9a:eb:fb:
                    24:56:71:53:ee:a5:9f:61:85:f4:52:38:70:ef:2f:
                    d3:9c:f6:05:c7:ca:4b:a7:65:00:b4:4b:34:8b:a7:
                    87:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:E8:CA:22:02:11:A9:AF:4B:A8:7F:94:DF:31:E9:52:F5:23:E9:72
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2bf6a79d-e7fb-4b23-b878-c49ed99191e3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  76.223.162.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:ac:10:78:4f:ee:f9:ab:aa:34:f8:3e:a5:34:f4:dd:ad:18:
         c8:e1:a6:5d:99:56:46:ae:9c:db:70:22:37:2d:6a:e3:2d:6e:
         7e:27:21:24:51:e3:5d:4e:26:58:47:90:e6:4e:83:01:b6:3c:
         7a:95:ba:79:fe:b6:0d:0a:85:e3:6e:c3:46:8e:eb:cb:44:ab:
         8c:5b:7e:2e:7a:9b:bb:c1:bf:ad:f0:7d:f6:ec:97:0b:99:20:
         3d:dc:3d:6a:82:82:3d:58:40:0f:29:5d:54:13:8a:87:49:73:
         c4:08:c3:62:38:7b:3c:7c:00:55:dc:e6:3b:a9:30:bb:76:62:
         37:03:27:e2:2c:28:f9:41:b7:cd:92:34:e7:ef:2c:76:8d:15:
         e9:e5:9a:3b:82:c9:e2:be:9d:ea:f5:d6:1f:6f:6a:01:54:01:
         08:97:54:82:d7:77:0d:94:e7:aa:54:f5:09:d2:e9:f3:da:9b:
         28:9f:f2:d3:e0:06:1c:2a:fc:25:69:5e:82:e4:e8:d4:17:60:
         8e:e9:d9:18:56:ae:9d:d5:c2:8d:19:87:90:f7:2b:4a:d4:b0:
         4b:4d:58:29:ea:a6:f5:62:b9:06:2d:cd:b6:3b:73:fe:1f:03:
         f5:29:bc:cb:cf:cd:2a:be:f4:7d:de:49:bd:e4:a8:f3:70:96:
         65:d0:ae:77
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUL/aYLhVaYeK99vyhkGTVdaMH56UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI2MDAyMTUyWhcNMjUxMTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0A3NDk0NzRmYTIxY2NmODkzNDY0MGE0ZTk0OThjMDFjOTJi
MDcxNjg3NjZhYTRhNGQyZjc3ZTc5NmE3MmE4MmM3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCwGvmRb7Y5iMWcFfG44jFAs9sQ1fOAC8FxHBa/NMeGkeXP
RPxjiFKMSs4WLSdzkBYvQEBiSAjsk481MVrhqy3GdldY8Y/AkNGeg/YgLbfbdXlo
vLHQmDU80blIx9gzIDa1vW0X/2dCYtGElOh0K5yHnrCM01PLwvk/Jt/wTKphaObY
futWcIAM89jXEg6ZmaWjGpkM39KkHicDs/wEHIolbJKSauXvcuCVN1NTh5RW1Cb5
uBr6T+Gj8MD9G7dtTyLQ/jV+kx00db6KTC8jyD0ednzVtX/C3j0+5GccZ5rr+yRW
cVPupZ9hhfRSOHDvL9Oc9gXHykunZQC0SzSLp4f3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUx+jKIgIRqa9LqH+U3zHpUvUj6XIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJiZjZhNzlkLWU3ZmItNGIyMy1iODc4LWM0OWVkOTkxOTFlMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABM36IwDQYJKoZIhvcNAQELBQADggEBAFasEHhP7vmrqjT4PqU09N2tGMjh
pl2ZVkaunNtwIjctauMtbn4nISRR411OJlhHkOZOgwG2PHqVunn+tg0KheNuw0aO
68tEq4xbfi56m7vBv63wffbslwuZID3cPWqCgj1YQA8pXVQTiodJc8QIw2I4ezx8
AFXc5jupMLt2YjcDJ+IsKPlBt82SNOfvLHaNFenlmjuCyeK+ner11h9vagFUAQiX
VILXdw2U56pU9QnS6fPamyif8tPgBhwq/CVpXoLk6NQXYI7p2RhWrp3Vwo0Zh5D3
K0rUsEtNWCnqpvViuQYtzbY7c/4fA/UpvMvPzSq+9H3eSb3kqPNwlmXQrnc=
-----END CERTIFICATE-----