Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/94760639-2712-4f50-9362-9ff9626e6a44.roa
File:                     94760639-2712-4f50-9362-9ff9626e6a44.roa (raw, json)
Hash identifier:          /7DNZxrIW2sgSgYeBl3e8W/J5BP0sKfj/wRT6XG4ums=
Subject key identifier:   41:1A:69:E9:2F:58:A6:EA:BD:E2:52:D3:6F:7B:74:B1:66:0E:44:0B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       21F49C2DFBF6D1BE1846E19E0C75AC8AB17CF48E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/94760639-2712-4f50-9362-9ff9626e6a44.roa
Signing time:             Tue 28 Oct 2025 00:10:46 +0000
ROA not before:           Tue 28 Oct 2025 00:10:46 +0000
ROA not after:            Tue 02 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        107.152.128.0/17 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:f4:9c:2d:fb:f6:d1:be:18:46:e1:9e:0c:75:ac:8a:b1:7c:f4:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 28 00:10:46 2025 GMT
            Not After : Dec  2 23:59:59 2025 GMT
        Subject: serialNumber=d46b9eeb3d389b8b4a00048ef658fc01ad650fd55a149940e3d2226cbbe51d6b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:bf:1a:c3:7b:0e:92:1f:ec:97:fe:11:f4:0b:
                    7b:2e:6e:0e:5a:d9:f2:3c:91:44:24:ef:11:8e:8d:
                    89:b1:24:05:ab:34:52:a9:2e:52:f4:dd:7e:94:1e:
                    a0:38:9e:33:28:c2:61:71:92:76:2c:38:6d:b3:3e:
                    12:84:6e:c4:45:28:46:a0:f3:99:a1:35:04:9a:e7:
                    bf:32:ff:21:39:06:b9:6a:a5:a3:19:f0:b5:5a:dc:
                    07:ef:8c:2f:eb:b6:86:21:5b:ca:16:71:00:1c:be:
                    1c:02:4c:35:cc:7a:cb:f5:35:de:49:5b:9b:bc:61:
                    a0:0e:10:69:ad:e0:27:68:54:a4:8c:18:8f:f9:bc:
                    c7:10:5d:f7:d0:1e:35:3b:6d:f3:7e:41:77:d9:ef:
                    b6:ca:4a:d2:00:f0:6f:80:a9:20:57:a4:e4:11:aa:
                    cb:34:00:a6:8e:b1:c2:1b:7b:32:66:a6:bd:46:52:
                    3c:32:f6:66:af:09:7d:89:54:c5:58:80:bd:a2:95:
                    55:e4:43:b7:6d:6f:f6:a0:ee:09:2d:a2:c9:dc:e4:
                    83:e1:3a:ac:74:70:78:1c:3e:dd:9c:fe:d4:1c:a4:
                    74:dc:86:73:23:10:b5:25:39:0a:4c:1c:e0:7f:ed:
                    2e:d9:72:61:df:3e:45:21:df:2a:5a:1b:33:4f:50:
                    1e:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:1A:69:E9:2F:58:A6:EA:BD:E2:52:D3:6F:7B:74:B1:66:0E:44:0B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/94760639-2712-4f50-9362-9ff9626e6a44.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  107.152.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         cb:95:6f:2e:a6:74:b4:af:29:0c:c6:ad:00:01:9d:68:5f:b9:
         2b:b0:39:72:57:78:f4:65:a8:5a:ed:dc:1b:44:a8:f5:81:d8:
         19:6e:9c:c8:f9:23:52:55:34:d4:cb:47:00:f8:88:f6:bc:eb:
         ea:80:89:85:6d:e1:bf:dd:65:42:71:bf:70:d6:61:95:96:c7:
         3d:b2:8e:2e:81:38:08:2a:91:25:a2:33:48:32:e7:72:54:e1:
         82:d3:a8:c6:98:86:ba:3f:a3:70:cc:ba:44:11:41:d4:23:d9:
         18:6c:e3:3c:0b:44:70:70:3c:0a:3c:56:da:e4:5c:b1:1d:58:
         a2:26:5a:39:ce:5b:ab:c2:34:e2:70:f7:16:0c:1e:f3:81:30:
         49:65:14:2f:ef:10:bb:61:c4:81:df:22:11:7e:19:2f:a4:38:
         52:a9:32:1e:53:83:39:f6:78:9c:33:cf:c9:62:e2:96:5c:cd:
         4b:65:de:2d:22:99:29:23:d4:74:bc:7b:5e:2d:42:4a:2e:45:
         46:7b:29:da:9c:b6:19:8e:52:6b:3d:c5:33:16:a7:2e:66:81:
         45:eb:73:68:0c:0c:d0:7d:e4:9a:74:a4:9d:2b:9f:88:a4:ff:
         0f:c1:45:9c:f7:66:bd:06:0f:ea:43:37:de:cf:a2:c1:df:58:
         05:a5:ca:02
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIfScLfv20b4YRuGeDHWsirF89I4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI4MDAxMDQ2WhcNMjUxMjAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BkNDZiOWVlYjNkMzg5YjhiNGEwMDA0OGVmNjU4ZmMwMWFk
NjUwZmQ1NWExNDk5NDBlM2QyMjI2Y2JiZTUxZDZiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4vxrDew6SH+yX/hH0C3subg5a2fI8kUQk7xGOjYmxJAWr
NFKpLlL03X6UHqA4njMowmFxknYsOG2zPhKEbsRFKEag85mhNQSa578y/yE5Brlq
paMZ8LVa3AfvjC/rtoYhW8oWcQAcvhwCTDXMesv1Nd5JW5u8YaAOEGmt4CdoVKSM
GI/5vMcQXffQHjU7bfN+QXfZ77bKStIA8G+AqSBXpOQRqss0AKaOscIbezJmpr1G
Ujwy9mavCX2JVMVYgL2ilVXkQ7dtb/ag7gktosnc5IPhOqx0cHgcPt2c/tQcpHTc
hnMjELUlOQpMHOB/7S7ZcmHfPkUh3ypaGzNPUB57AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUQRpp6S9Ypuq94lLTb3t0sWYORAswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk0NzYwNjM5LTI3MTItNGY1MC05MzYyLTlmZjk2MjZlNmE0NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAdrmIAwDQYJKoZIhvcNAQELBQADggEBAMuVby6mdLSvKQzGrQABnWhfuSuw
OXJXePRlqFrt3BtEqPWB2BlunMj5I1JVNNTLRwD4iPa86+qAiYVt4b/dZUJxv3DW
YZWWxz2yji6BOAgqkSWiM0gy53JU4YLTqMaYhro/o3DMukQRQdQj2Rhs4zwLRHBw
PAo8VtrkXLEdWKImWjnOW6vCNOJw9xYMHvOBMEllFC/vELthxIHfIhF+GS+kOFKp
Mh5Tgzn2eJwzz8li4pZczUtl3i0imSkj1HS8e14tQkouRUZ7KdqcthmOUms9xTMW
py5mgUXrc2gMDNB95Jp0pJ0rn4ik/w/BRZz3Zr0GD+pDN97PosHfWAWlygI=
-----END CERTIFICATE-----