Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/08765d1b-0666-44f8-ba33-732d7e392300.roa
File:                     08765d1b-0666-44f8-ba33-732d7e392300.roa (raw, json)
Hash identifier:          r0Re7cFSzEBlGxdoSELAi4ugLfAEvQHgy0+sS+iux4M=
Subject key identifier:   D8:03:08:DB:74:10:D5:AF:47:83:D8:BD:E1:0F:89:27:11:4A:FB:0A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       53E69A2C5F8BCB6B307476CBD39A53FD3E3600E8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/08765d1b-0666-44f8-ba33-732d7e392300.roa
Signing time:             Tue 07 Oct 2025 00:22:34 +0000
ROA not before:           Tue 07 Oct 2025 00:22:34 +0000
ROA not after:            Tue 11 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        184.73.128.0/20 maxlen: 20
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:e6:9a:2c:5f:8b:cb:6b:30:74:76:cb:d3:9a:53:fd:3e:36:00:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  7 00:22:34 2025 GMT
            Not After : Nov 11 23:59:59 2025 GMT
        Subject: serialNumber=7b16bed29f0e04ce058881624f2b1d0e45856b210c64d9d464b856fc72beef7c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:9d:91:92:a8:af:76:8e:a7:bf:38:be:92:85:
                    e2:7b:ff:98:23:21:fb:34:97:a7:bd:9e:9d:cc:a2:
                    66:12:18:37:0e:8d:2b:bf:75:b8:64:2e:5c:51:72:
                    39:fb:33:91:53:68:c4:7c:26:d9:80:6d:24:6d:9f:
                    c9:8c:3e:51:a5:78:cb:21:61:84:8d:6c:06:85:dd:
                    cf:57:7c:cd:66:7d:25:d1:b1:2e:ac:24:ee:e2:af:
                    4a:7e:3e:4f:5e:ce:c5:9b:ed:85:ba:ec:e9:71:b1:
                    98:d0:1a:a1:da:03:b4:5b:f0:45:4b:e8:86:7e:03:
                    a6:27:1d:a4:78:31:f0:dc:a5:5d:91:4f:d8:ef:d0:
                    2d:5a:92:57:c3:e8:ed:25:79:4b:0b:5e:73:d5:29:
                    77:df:5d:86:96:e6:e9:0e:53:e3:99:a1:01:71:cf:
                    ba:fa:1a:c4:94:39:c9:72:55:ce:cb:5c:3a:f2:ad:
                    65:66:91:8d:5f:72:0a:ff:47:19:76:76:a7:6c:13:
                    45:77:c4:46:3e:f7:ea:29:aa:b0:cb:47:22:cf:ec:
                    40:99:ed:e8:41:04:36:81:6f:df:de:57:1a:a7:03:
                    16:ed:51:d5:89:69:ad:6f:03:ca:de:07:7b:c8:72:
                    a5:d5:99:f2:b8:5a:99:0b:98:90:c3:43:ef:78:7d:
                    6f:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:03:08:DB:74:10:D5:AF:47:83:D8:BD:E1:0F:89:27:11:4A:FB:0A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/08765d1b-0666-44f8-ba33-732d7e392300.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  184.73.128.0/20

    Signature Algorithm: sha256WithRSAEncryption
         59:e0:3d:9c:51:b5:93:52:54:08:a2:ae:50:0e:af:83:92:60:
         fb:fe:9f:7c:f2:0c:cb:82:cc:3f:2f:41:f1:f6:bd:4f:62:05:
         aa:06:a5:34:29:75:bc:cd:25:1d:c8:12:2f:96:9f:de:a4:e0:
         da:04:11:4c:33:53:b5:c4:9d:b8:b8:c1:ef:2c:74:42:59:08:
         12:26:19:be:27:2f:c2:91:76:6a:d2:e4:f1:f5:11:d7:3a:e6:
         b2:c4:d8:69:bc:e1:71:4c:04:db:56:46:31:16:45:43:7c:5b:
         50:98:c0:fc:9a:52:c8:9a:65:ab:b2:60:7d:9e:b9:52:cb:9c:
         9c:55:10:96:89:ad:4e:3f:4f:64:8d:1a:06:77:66:d3:21:6b:
         b2:9b:71:c2:ec:bb:c0:c7:70:12:2b:aa:26:84:f6:8f:15:13:
         a1:09:c4:0e:ce:39:e8:fc:ae:50:9e:4a:e6:8d:f0:83:93:96:
         a6:16:2a:ba:f6:9c:28:ba:1e:89:bd:10:ff:47:bb:4f:b6:52:
         99:3b:b5:bc:c5:80:60:b1:87:7b:9d:75:73:e4:11:ea:a9:28:
         22:a9:e6:4e:64:ec:0c:18:20:37:90:d6:d9:6b:12:5b:43:a8:
         a5:e2:e2:41:3b:72:7c:f5:98:59:7d:fd:4e:75:72:50:ae:2f:
         a2:47:22:c7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUU+aaLF+Ly2swdHbL05pT/T42AOgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA3MDAyMjM0WhcNMjUxMTExMjM1OTU5
WjB6MUkwRwYDVQQFE0A3YjE2YmVkMjlmMGUwNGNlMDU4ODgxNjI0ZjJiMWQwZTQ1
ODU2YjIxMGM2NGQ5ZDQ2NGI4NTZmYzcyYmVlZjdjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCTnZGSqK92jqe/OL6SheJ7/5gjIfs0l6e9np3MomYSGDcO
jSu/dbhkLlxRcjn7M5FTaMR8JtmAbSRtn8mMPlGleMshYYSNbAaF3c9XfM1mfSXR
sS6sJO7ir0p+Pk9ezsWb7YW67OlxsZjQGqHaA7Rb8EVL6IZ+A6YnHaR4MfDcpV2R
T9jv0C1aklfD6O0leUsLXnPVKXffXYaW5ukOU+OZoQFxz7r6GsSUOclyVc7LXDry
rWVmkY1fcgr/Rxl2dqdsE0V3xEY+9+opqrDLRyLP7ECZ7ehBBDaBb9/eVxqnAxbt
UdWJaa1vA8reB3vIcqXVmfK4WpkLmJDDQ+94fW9PAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU2AMI23QQ1a9Hg9i94Q+JJxFK+wowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzA4NzY1ZDFiLTA2NjYtNDRmOC1iYTMzLTczMmQ3ZTM5MjMwMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAS4SYAwDQYJKoZIhvcNAQELBQADggEBAFngPZxRtZNSVAiirlAOr4OSYPv+
n3zyDMuCzD8vQfH2vU9iBaoGpTQpdbzNJR3IEi+Wn96k4NoEEUwzU7XEnbi4we8s
dEJZCBImGb4nL8KRdmrS5PH1Edc65rLE2Gm84XFMBNtWRjEWRUN8W1CYwPyaUsia
ZauyYH2euVLLnJxVEJaJrU4/T2SNGgZ3ZtMha7KbccLsu8DHcBIrqiaE9o8VE6EJ
xA7OOej8rlCeSuaN8IOTlqYWKrr2nCi6Hom9EP9Hu0+2Upk7tbzFgGCxh3uddXPk
EeqpKCKp5k5k7AwYIDeQ1tlrEltDqKXi4kE7cnz1mFl9/U51clCuL6JHIsc=
-----END CERTIFICATE-----