Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0ed3afac-055a-4ba0-8dd9-6d8700aa13eb.roa
File:                     0ed3afac-055a-4ba0-8dd9-6d8700aa13eb.roa (raw, json)
Hash identifier:          IgMoRsdkOcLA67MwYfYOspJdZJoTg3bRfOaSInzIOus=
Subject key identifier:   1E:DF:B6:1A:61:7F:99:5F:DA:97:6B:39:E0:85:6E:5D:06:E9:67:67
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1E9C6040EE8A53463C832B5D0884127CDDF92875
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0ed3afac-055a-4ba0-8dd9-6d8700aa13eb.roa
Signing time:             Tue 07 Oct 2025 00:40:19 +0000
ROA not before:           Tue 07 Oct 2025 00:40:19 +0000
ROA not after:            Tue 11 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        184.72.128.0/17 maxlen: 17
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:9c:60:40:ee:8a:53:46:3c:83:2b:5d:08:84:12:7c:dd:f9:28:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  7 00:40:19 2025 GMT
            Not After : Nov 11 23:59:59 2025 GMT
        Subject: serialNumber=bac2c0954a035ae4d496a8ee1ba160d6fa27702adf3ddc0a88a574954b5db766, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:ae:04:11:02:1a:bd:d6:c3:f3:95:c1:f4:86:
                    00:11:2e:8f:60:9c:39:26:1f:ae:1a:77:24:97:41:
                    be:f4:73:a8:db:33:59:5e:71:b1:82:34:85:99:82:
                    b7:23:99:5c:2d:65:47:59:0d:5b:1c:3a:5b:69:bd:
                    83:32:19:e7:c7:87:38:93:7f:a1:04:6f:0d:59:86:
                    7a:1e:a3:18:af:e1:23:04:cf:40:af:57:69:09:8b:
                    b1:6d:b5:5e:96:dd:d0:7a:d3:42:2e:95:73:5a:04:
                    19:ce:8a:51:02:97:a1:fd:f4:e2:af:f9:f7:a2:88:
                    ae:af:b9:42:b6:35:c4:e1:33:a3:3a:6f:86:a1:16:
                    9b:f5:c5:9f:db:89:0a:2d:40:31:7d:68:38:4a:bb:
                    21:00:b6:d5:27:fc:22:6b:47:e5:4e:2a:49:b7:6e:
                    61:a6:f0:87:fa:b5:f9:4c:b6:68:5f:a3:1b:d4:d4:
                    9f:76:41:82:d3:e6:a0:55:4e:65:e5:1a:2c:cd:9e:
                    6b:46:0e:e3:f5:60:dd:42:fd:0e:94:52:fe:f3:f2:
                    c6:30:76:0d:c0:6b:8f:3c:f1:50:b4:c7:d9:76:87:
                    e4:94:8f:5c:6b:c3:c4:7d:b6:e1:60:f3:74:f9:fa:
                    f8:f2:47:ca:0b:a0:31:84:52:6f:3d:12:70:65:1b:
                    bf:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:DF:B6:1A:61:7F:99:5F:DA:97:6B:39:E0:85:6E:5D:06:E9:67:67
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0ed3afac-055a-4ba0-8dd9-6d8700aa13eb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  184.72.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         bc:f0:83:0f:bd:e8:af:9a:d9:9b:20:b0:0d:34:39:de:65:fa:
         d9:43:a2:df:37:80:c6:07:5b:ef:ce:a1:39:f0:a9:e9:9f:e7:
         dc:e7:7d:cf:74:01:cb:52:b0:f3:c0:99:33:4c:29:ad:68:4f:
         de:d0:f8:2c:c2:d6:11:a5:4c:28:39:92:27:6a:47:a6:85:7a:
         f8:49:e7:9c:e3:e3:cc:72:c5:e1:7f:c9:13:fc:8e:7f:30:74:
         78:cd:7a:4a:5b:32:04:3e:bd:32:cd:50:db:c6:fc:4e:38:ea:
         dc:02:2a:f0:4d:dc:77:7b:4d:23:c8:60:7c:6b:1a:af:ec:49:
         4b:6e:1e:21:92:fd:3a:78:89:e3:cd:53:73:20:5d:41:bc:a7:
         b7:f8:e0:70:cc:de:ca:fb:5e:54:1d:fe:97:0d:e9:d0:25:9f:
         9e:62:76:50:3d:a2:0f:1c:54:bc:8c:60:44:fe:92:87:93:be:
         f8:a7:3c:f8:de:63:2f:b8:72:04:dd:52:20:f4:1c:be:38:2d:
         1f:97:36:00:d0:6d:de:37:a6:ce:dc:5a:18:5d:c3:eb:c8:14:
         4f:a9:3b:ca:30:0d:7b:de:e4:96:e9:a2:d6:4c:8b:eb:3b:0a:
         9f:c3:b2:85:3e:a1:42:fe:94:37:3c:4b:7a:5d:41:4f:4d:c2:
         1a:ca:81:a6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUHpxgQO6KU0Y8gytdCIQSfN35KHUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA3MDA0MDE5WhcNMjUxMTExMjM1OTU5
WjB6MUkwRwYDVQQFE0BiYWMyYzA5NTRhMDM1YWU0ZDQ5NmE4ZWUxYmExNjBkNmZh
Mjc3MDJhZGYzZGRjMGE4OGE1NzQ5NTRiNWRiNzY2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCLrgQRAhq91sPzlcH0hgARLo9gnDkmH64adySXQb70c6jb
M1lecbGCNIWZgrcjmVwtZUdZDVscOltpvYMyGefHhziTf6EEbw1Zhnoeoxiv4SME
z0CvV2kJi7FttV6W3dB600IulXNaBBnOilECl6H99OKv+feiiK6vuUK2NcThM6M6
b4ahFpv1xZ/biQotQDF9aDhKuyEAttUn/CJrR+VOKkm3bmGm8If6tflMtmhfoxvU
1J92QYLT5qBVTmXlGizNnmtGDuP1YN1C/Q6UUv7z8sYwdg3Aa4888VC0x9l2h+SU
j1xrw8R9tuFg83T5+vjyR8oLoDGEUm89EnBlG78jAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUHt+2GmF/mV/al2s54IVuXQbpZ2cwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzBlZDNhZmFjLTA1NWEtNGJhMC04ZGQ5LTZkODcwMGFhMTNlYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAe4SIAwDQYJKoZIhvcNAQELBQADggEBALzwgw+96K+a2ZsgsA00Od5l+tlD
ot83gMYHW+/OoTnwqemf59znfc90ActSsPPAmTNMKa1oT97Q+CzC1hGlTCg5kidq
R6aFevhJ55zj48xyxeF/yRP8jn8wdHjNekpbMgQ+vTLNUNvG/E446twCKvBN3Hd7
TSPIYHxrGq/sSUtuHiGS/Tp4iePNU3MgXUG8p7f44HDM3sr7XlQd/pcN6dAln55i
dlA9og8cVLyMYET+koeTvvinPPjeYy+4cgTdUiD0HL44LR+XNgDQbd43ps7cWhhd
w+vIFE+pO8owDXve5JbpotZMi+s7Cp/DsoU+oUL+lDc8S3pdQU9NwhrKgaY=
-----END CERTIFICATE-----