Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c892754a-62b6-4554-aef5-f62fabca2d48.roa
File:                     c892754a-62b6-4554-aef5-f62fabca2d48.roa (raw, json)
Hash identifier:          b6w5h2Y5vWX1goEVLR/V3VhHcHfbcZA7qi5BNskuJfk=
Subject key identifier:   87:67:24:47:DC:6F:C2:AB:0E:8E:5A:DA:AA:D7:5E:8D:23:CA:41:A3
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       149D71AA23F4B58FB43F81C2CAE16C8A1CE40D88
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c892754a-62b6-4554-aef5-f62fabca2d48.roa
Signing time:             Sun 19 Oct 2025 00:11:25 +0000
ROA not before:           Sun 19 Oct 2025 00:11:25 +0000
ROA not after:            Sun 23 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        192.251.142.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:9d:71:aa:23:f4:b5:8f:b4:3f:81:c2:ca:e1:6c:8a:1c:e4:0d:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 19 00:11:25 2025 GMT
            Not After : Nov 23 23:59:59 2025 GMT
        Subject: serialNumber=8c94c5cd50942bd1fcac9068c69090c17f69251ad3967e2513b445b013f9a25b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:e2:d6:92:19:a8:b8:bb:74:7d:d2:1d:65:35:
                    4d:38:3e:d1:70:6f:33:e8:99:8a:0a:17:96:ee:03:
                    98:e6:b6:25:b8:6a:7b:3f:89:bb:15:67:23:33:61:
                    c3:01:56:56:6e:1e:86:cf:6e:7a:31:6e:bc:a6:1c:
                    52:ce:95:d7:31:85:8d:88:0e:82:a8:f2:39:a3:e1:
                    ca:09:17:fc:c5:ce:79:e7:98:46:af:da:18:f9:7e:
                    32:cd:25:d8:eb:8a:a3:b0:b2:93:e5:00:a0:f3:59:
                    c0:2b:56:50:31:ca:b7:22:39:02:31:0d:5c:14:1b:
                    eb:9e:35:ce:35:e9:65:66:66:4d:48:25:85:bb:fc:
                    ee:cc:19:91:33:fa:61:41:81:9a:3a:ee:4b:12:e0:
                    e5:4b:a4:17:b2:38:30:89:16:ef:e7:14:79:5a:8c:
                    0c:be:9c:6e:33:c6:55:82:64:9b:3b:72:1d:92:f8:
                    73:16:78:16:12:fc:c4:bc:66:be:9c:70:c2:15:f9:
                    cd:e9:5f:d5:12:a0:72:ff:ab:98:3e:c1:50:99:a9:
                    d2:ec:da:d4:4f:88:41:3c:5b:05:eb:9f:4b:3c:de:
                    5c:f9:fa:c7:c7:ef:f4:5c:fa:11:a8:a3:85:df:ac:
                    2d:7a:3f:c5:31:fe:e9:d4:ec:d4:71:6b:8f:dc:35:
                    ea:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:67:24:47:DC:6F:C2:AB:0E:8E:5A:DA:AA:D7:5E:8D:23:CA:41:A3
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c892754a-62b6-4554-aef5-f62fabca2d48.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.251.142.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d7:bc:41:06:84:62:c6:8e:4c:5d:03:60:2c:0c:6b:36:3a:17:
         ac:97:1b:bf:f9:5e:86:b8:26:36:c6:1d:44:07:0a:ca:d2:ef:
         9c:b8:af:d3:67:7c:cf:8b:4f:8d:95:ed:5a:d6:be:9d:8c:46:
         97:61:77:0c:67:e7:88:63:03:94:f2:65:23:7b:6d:67:ea:8c:
         d1:fb:d6:88:9c:c2:46:ae:0a:6d:70:2e:17:71:f9:74:ea:de:
         60:40:1e:ec:b4:c9:46:65:9a:00:63:15:fa:5a:b6:26:d8:25:
         d4:9d:06:68:2f:cf:0c:ec:17:e1:06:71:4e:51:a0:72:ac:8f:
         4e:22:2c:9f:ed:62:ed:43:7a:89:b7:52:5e:fe:5d:32:37:1f:
         43:c2:db:bf:a6:01:3d:74:56:78:1a:b5:3d:2c:3f:05:68:7d:
         d9:45:99:f8:a4:67:ca:f9:53:66:91:25:9e:01:4e:ca:bb:12:
         cf:69:38:d7:11:1b:9a:7f:a8:03:db:36:c7:f9:87:53:55:5a:
         c7:13:54:3e:bb:de:6f:86:ec:36:28:8a:ab:f7:9f:39:bd:e5:
         74:56:ff:68:c0:19:61:b9:fa:94:6e:f9:0d:3a:f7:ea:f3:22:
         83:4c:08:54:bd:b9:9d:45:de:b3:b0:a3:31:7b:05:c1:ba:3b:
         aa:1b:df:de
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFJ1xqiP0tY+0P4HCyuFsihzkDYgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE5MDAxMTI1WhcNMjUxMTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A4Yzk0YzVjZDUwOTQyYmQxZmNhYzkwNjhjNjkwOTBjMTdm
NjkyNTFhZDM5NjdlMjUxM2I0NDViMDEzZjlhMjViMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCc4taSGai4u3R90h1lNU04PtFwbzPomYoKF5buA5jmtiW4
ans/ibsVZyMzYcMBVlZuHobPbnoxbrymHFLOldcxhY2IDoKo8jmj4coJF/zFznnn
mEav2hj5fjLNJdjriqOwspPlAKDzWcArVlAxyrciOQIxDVwUG+ueNc416WVmZk1I
JYW7/O7MGZEz+mFBgZo67ksS4OVLpBeyODCJFu/nFHlajAy+nG4zxlWCZJs7ch2S
+HMWeBYS/MS8Zr6ccMIV+c3pX9USoHL/q5g+wVCZqdLs2tRPiEE8WwXrn0s83lz5
+sfH7/Rc+hGoo4XfrC16P8Ux/unU7NRxa4/cNeoDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUh2ckR9xvwqsOjlraqtdejSPKQaMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M4OTI3NTRhLTYyYjYtNDU1NC1hZWY1LWY2MmZhYmNhMmQ0OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADA+44wDQYJKoZIhvcNAQELBQADggEBANe8QQaEYsaOTF0DYCwMazY6F6yX
G7/5Xoa4JjbGHUQHCsrS75y4r9NnfM+LT42V7VrWvp2MRpdhdwxn54hjA5TyZSN7
bWfqjNH71oicwkauCm1wLhdx+XTq3mBAHuy0yUZlmgBjFfpatibYJdSdBmgvzwzs
F+EGcU5RoHKsj04iLJ/tYu1Deom3Ul7+XTI3H0PC27+mAT10VngatT0sPwVofdlF
mfikZ8r5U2aRJZ4BTsq7Es9pONcRG5p/qAPbNsf5h1NVWscTVD673m+G7DYoiqv3
nzm95XRW/2jAGWG5+pRu+Q069+rzIoNMCFS9uZ1F3rOwozF7BcG6O6ob394=
-----END CERTIFICATE-----