Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d0c88a40-44cb-4ee0-a0f5-5f6d559b9c61.roa
File:                     d0c88a40-44cb-4ee0-a0f5-5f6d559b9c61.roa (raw, json)
Hash identifier:          kWsef+3ROUK0c6OyEiDVI9ucjXvNrI1PKQtzvB7a6Zs=
Subject key identifier:   92:CD:DE:F8:45:85:A4:1F:EB:2E:35:5E:C5:F3:25:27:42:B4:55:77
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       527BFB9C79AC32EF2610418456A29E589FE1FE7A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d0c88a40-44cb-4ee0-a0f5-5f6d559b9c61.roa
Signing time:             Tue 21 Oct 2025 00:00:11 +0000
ROA not before:           Tue 21 Oct 2025 00:00:11 +0000
ROA not after:            Tue 25 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.144.192.0/18 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:7b:fb:9c:79:ac:32:ef:26:10:41:84:56:a2:9e:58:9f:e1:fe:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 21 00:00:11 2025 GMT
            Not After : Nov 25 23:59:59 2025 GMT
        Subject: serialNumber=1f352d466b78302acb583dd1d8670153b78bf22b2ebb988cc285668029471711, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:0d:80:a4:99:bc:8c:88:8c:7a:6e:ea:b1:c9:
                    0b:c4:4b:22:57:1e:86:7e:46:1d:8b:7f:de:a2:b8:
                    92:57:08:bd:ec:93:d3:14:eb:20:38:33:1d:07:1c:
                    d7:0b:a2:c2:e9:a9:3e:8c:9f:2c:2f:50:2b:f3:5c:
                    5a:c7:04:85:7e:94:bd:44:ab:31:55:17:f0:03:27:
                    ff:db:ef:e8:f5:a5:b2:64:1e:b7:e5:ac:a0:60:16:
                    41:47:4e:4b:bb:1d:14:28:f4:b3:ca:04:71:ee:4c:
                    9e:81:e0:5e:23:02:aa:db:8f:ab:1a:c3:a9:c8:13:
                    8b:ab:e7:ca:65:1b:78:70:68:79:e0:41:33:12:c4:
                    82:e3:5b:2f:f3:bb:20:eb:7f:12:71:ac:57:22:2d:
                    2a:10:a0:c7:71:eb:e6:2a:fb:b3:96:91:ff:3e:12:
                    f5:c6:d0:ef:5e:b3:8d:f2:29:73:21:8c:df:7e:3c:
                    ce:f2:2b:fa:aa:51:36:a8:9d:7d:8f:37:74:69:c6:
                    f4:c4:14:b6:91:e5:b9:1b:bd:cb:45:4f:56:0a:b1:
                    36:7e:ce:e0:a1:ac:5f:f8:f2:67:08:3c:af:06:1a:
                    01:f0:e5:4e:03:f8:61:9a:99:a6:0a:78:1c:83:95:
                    aa:3e:93:a4:a6:1c:50:da:a9:3b:bf:97:68:f8:f4:
                    5c:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:CD:DE:F8:45:85:A4:1F:EB:2E:35:5E:C5:F3:25:27:42:B4:55:77
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d0c88a40-44cb-4ee0-a0f5-5f6d559b9c61.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.144.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         3a:36:f6:57:0c:c5:b7:44:ec:ab:ec:4d:94:5a:b8:4a:27:c4:
         1f:56:b4:cd:eb:a6:ee:16:0d:6e:a8:58:57:62:04:19:cd:cb:
         f1:bd:e4:d3:89:68:55:5f:a8:5f:69:b5:64:49:e0:9f:ea:ea:
         16:92:f9:da:0c:5e:be:52:09:d9:c0:f4:43:de:8a:bd:3b:17:
         ee:23:ae:57:ff:2b:d4:a2:01:55:65:62:bb:70:a0:93:22:a6:
         21:87:4b:40:21:0e:87:86:fc:c7:2c:70:d3:01:06:5c:26:11:
         ce:74:71:b6:ee:c3:3c:27:af:3e:92:25:43:4d:a1:25:c6:18:
         6c:44:80:3b:16:b4:40:81:f7:7d:34:5f:7b:56:58:9b:2b:88:
         3b:43:27:db:ca:47:98:cb:11:7f:96:c0:dd:45:09:d7:90:d7:
         e2:d6:e7:da:e5:d6:20:a5:10:48:fc:6f:c4:c3:eb:26:58:23:
         4e:0a:a7:e0:4d:26:80:7a:da:9e:64:c6:96:1b:d2:f7:38:d4:
         43:ae:ab:b9:2f:61:b2:36:9e:ec:46:f1:18:71:69:bc:c4:12:
         4d:89:0d:e1:f1:9a:96:e2:c4:2f:92:54:f5:1c:25:c7:a9:b5:
         74:e2:17:5c:c1:24:74:b1:64:dc:63:fa:d2:cf:59:a9:d3:23:
         10:45:c7:9e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUnv7nHmsMu8mEEGEVqKeWJ/h/nowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIxMDAwMDExWhcNMjUxMTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0AxZjM1MmQ0NjZiNzgzMDJhY2I1ODNkZDFkODY3MDE1M2I3
OGJmMjJiMmViYjk4OGNjMjg1NjY4MDI5NDcxNzExMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDGDYCkmbyMiIx6buqxyQvESyJXHoZ+Rh2Lf96iuJJXCL3s
k9MU6yA4Mx0HHNcLosLpqT6MnywvUCvzXFrHBIV+lL1EqzFVF/ADJ//b7+j1pbJk
HrflrKBgFkFHTku7HRQo9LPKBHHuTJ6B4F4jAqrbj6saw6nIE4ur58plG3hwaHng
QTMSxILjWy/zuyDrfxJxrFciLSoQoMdx6+Yq+7OWkf8+EvXG0O9es43yKXMhjN9+
PM7yK/qqUTaonX2PN3RpxvTEFLaR5bkbvctFT1YKsTZ+zuChrF/48mcIPK8GGgHw
5U4D+GGamaYKeByDlao+k6SmHFDaqTu/l2j49FzzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUks3e+EWFpB/rLjVexfMlJ0K0VXcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2QwYzg4YTQwLTQ0Y2ItNGVlMC1hMGY1LTVmNmQ1NTliOWM2MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZjkMAwDQYJKoZIhvcNAQELBQADggEBADo29lcMxbdE7KvsTZRauEonxB9W
tM3rpu4WDW6oWFdiBBnNy/G95NOJaFVfqF9ptWRJ4J/q6haS+doMXr5SCdnA9EPe
ir07F+4jrlf/K9SiAVVlYrtwoJMipiGHS0AhDoeG/McscNMBBlwmEc50cbbuwzwn
rz6SJUNNoSXGGGxEgDsWtECB9300X3tWWJsriDtDJ9vKR5jLEX+WwN1FCdeQ1+LW
59rl1iClEEj8b8TD6yZYI04Kp+BNJoB62p5kxpYb0vc41EOuq7kvYbI2nuxG8Rhx
abzEEk2JDeHxmpbixC+SVPUcJceptXTiF1zBJHSxZNxj+tLPWanTIxBFx54=
-----END CERTIFICATE-----