Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c00ee110-9782-449a-a4e0-6b2a6ceffa21.roa
File:                     c00ee110-9782-449a-a4e0-6b2a6ceffa21.roa (raw, json)
Hash identifier:          1cikQCUVHFpydCmD6t6BpvsOTvNfu3sDZ57/AwATus4=
Subject key identifier:   9D:03:93:34:51:3F:40:13:AF:8F:FA:4C:79:48:99:1B:33:B6:5B:EE
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4C191D24DB6C9E04BACA1528E4C4DE4A407C8A19
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c00ee110-9782-449a-a4e0-6b2a6ceffa21.roa
Signing time:             Sat 15 Nov 2025 00:20:13 +0000
ROA not before:           Sat 15 Nov 2025 00:20:13 +0000
ROA not after:            Sat 20 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        182.28.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:19:1d:24:db:6c:9e:04:ba:ca:15:28:e4:c4:de:4a:40:7c:8a:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 15 00:20:13 2025 GMT
            Not After : Dec 20 23:59:59 2025 GMT
        Subject: serialNumber=8657e9b2f4251df672e7b3675b1007614022f9b289d0a1809184d3da3efcca85, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:20:bb:d0:c5:46:87:d9:56:38:52:9d:33:96:
                    3e:41:df:57:83:57:4c:93:50:77:ae:83:1d:cc:7a:
                    d6:b6:c6:e0:24:a4:52:54:b4:b9:3b:61:7f:14:bd:
                    c5:ae:9e:9c:bb:15:27:89:9a:c9:76:a9:f1:c5:7e:
                    58:15:52:48:17:86:d0:eb:6b:bd:27:fc:d4:59:2e:
                    08:a9:dd:95:0a:56:65:8c:a1:e3:d6:5b:82:75:01:
                    d0:80:04:36:18:c1:38:98:6a:49:d9:7a:56:cf:53:
                    b0:02:ac:58:13:8c:13:24:40:10:2e:a9:f4:4a:fa:
                    4e:b0:55:fd:41:ed:fb:19:91:49:b7:cd:e9:79:21:
                    d3:42:5f:f8:93:c0:4a:fe:0a:e6:e1:f1:00:01:86:
                    78:e6:42:63:f9:fc:bc:a3:35:32:06:3e:8e:5f:1c:
                    7b:e8:5b:64:30:4b:60:bb:2f:3e:5d:10:b6:9b:ae:
                    2c:bd:71:fe:e5:29:15:9f:ab:7d:53:ce:44:bd:ee:
                    32:92:6f:77:cf:c9:cc:d6:4b:ff:e9:65:04:81:79:
                    db:34:bc:f7:52:cf:65:6b:7b:ae:30:48:42:9e:43:
                    70:42:4c:73:0b:82:54:f0:0d:e1:1b:19:29:cd:3c:
                    5d:53:f0:09:87:72:0e:40:75:79:16:e9:93:e1:23:
                    6b:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:03:93:34:51:3F:40:13:AF:8F:FA:4C:79:48:99:1B:33:B6:5B:EE
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c00ee110-9782-449a-a4e0-6b2a6ceffa21.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.28.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         38:a6:1a:42:0d:6c:3b:cd:01:6d:7b:5e:ea:19:46:15:da:9a:
         27:2d:3c:72:3a:7e:46:e2:c7:a8:95:16:45:c6:9d:44:81:38:
         aa:ac:80:d8:66:f8:cf:e6:bc:bc:7d:9d:e0:45:9d:27:59:77:
         c9:98:3a:37:57:7c:10:24:d1:9a:22:1c:64:74:b1:5c:8f:40:
         76:a6:ef:81:63:72:2f:8b:dc:f6:06:23:e5:1b:b3:5e:8c:d0:
         f1:42:d4:9b:61:79:8f:88:47:22:a2:07:34:d5:83:42:32:e5:
         57:48:df:e0:cc:e7:a5:9b:57:2d:22:c7:61:cf:37:69:f2:94:
         e9:04:73:1f:d0:69:e5:80:0b:d8:3c:62:d4:b6:66:be:25:b6:
         fd:c7:af:5c:81:27:05:4b:b4:69:80:e2:f8:45:ea:14:2b:93:
         7e:4c:77:38:c7:d7:a9:bf:3e:bb:6a:f9:ce:ab:cb:07:a9:a2:
         bb:8f:d8:1b:9b:fd:7c:c5:c8:f8:db:56:68:79:03:32:88:0e:
         60:2f:cd:88:10:fc:4f:08:ef:84:07:36:18:15:03:1c:b3:ca:
         07:b5:c5:1e:c4:0f:16:f6:e5:e1:1f:1b:0d:02:77:be:7d:e1:
         27:08:2b:7a:73:60:37:cb:9b:b1:06:5a:e8:12:b5:c5:27:f7:
         b8:c2:ec:d3
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUTBkdJNtsngS6yhUo5MTeSkB8ihkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTE1MDAyMDEzWhcNMjUxMjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A4NjU3ZTliMmY0MjUxZGY2NzJlN2IzNjc1YjEwMDc2MTQw
MjJmOWIyODlkMGExODA5MTg0ZDNkYTNlZmNjYTg1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCuILvQxUaH2VY4Up0zlj5B31eDV0yTUHeugx3Meta2xuAk
pFJUtLk7YX8UvcWunpy7FSeJmsl2qfHFflgVUkgXhtDra70n/NRZLgip3ZUKVmWM
oePWW4J1AdCABDYYwTiYaknZelbPU7ACrFgTjBMkQBAuqfRK+k6wVf1B7fsZkUm3
zel5IdNCX/iTwEr+Cubh8QABhnjmQmP5/LyjNTIGPo5fHHvoW2QwS2C7Lz5dELab
riy9cf7lKRWfq31TzkS97jKSb3fPyczWS//pZQSBeds0vPdSz2Vre64wSEKeQ3BC
THMLglTwDeEbGSnNPF1T8AmHcg5AdXkW6ZPhI2v5AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUnQOTNFE/QBOvj/pMeUiZGzO2W+4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2MwMGVlMTEwLTk3ODItNDQ5YS1hNGUwLTZiMmE2Y2VmZmEyMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwC2HDANBgkqhkiG9w0BAQsFAAOCAQEAOKYaQg1sO80BbXte6hlGFdqaJy08
cjp+RuLHqJUWRcadRIE4qqyA2Gb4z+a8vH2d4EWdJ1l3yZg6N1d8ECTRmiIcZHSx
XI9AdqbvgWNyL4vc9gYj5RuzXozQ8ULUm2F5j4hHIqIHNNWDQjLlV0jf4MznpZtX
LSLHYc83afKU6QRzH9Bp5YAL2Dxi1LZmviW2/cevXIEnBUu0aYDi+EXqFCuTfkx3
OMfXqb8+u2r5zqvLB6miu4/YG5v9fMXI+NtWaHkDMogOYC/NiBD8TwjvhAc2GBUD
HLPKB7XFHsQPFvbl4R8bDQJ3vn3hJwgrenNgN8ubsQZa6BK1xSf3uMLs0w==
-----END CERTIFICATE-----