Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/12ee22c9-4918-4fcc-bfe0-41c7247cbe08.roa
File:                     12ee22c9-4918-4fcc-bfe0-41c7247cbe08.roa (raw, json)
Hash identifier:          LqXVVOES2YU5KusftwpQsXCskwXUwA+rpui2Donv85k=
Subject key identifier:   49:9A:89:45:97:B6:39:4D:B9:FD:3A:9D:AD:95:E3:F9:C7:EE:7B:EF
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       47716D935357243CBF38355E15895A6883F344FD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/12ee22c9-4918-4fcc-bfe0-41c7247cbe08.roa
Signing time:             Tue 07 Oct 2025 00:40:23 +0000
ROA not before:           Tue 07 Oct 2025 00:40:23 +0000
ROA not after:            Tue 11 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        192.184.32.0/19 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:71:6d:93:53:57:24:3c:bf:38:35:5e:15:89:5a:68:83:f3:44:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  7 00:40:23 2025 GMT
            Not After : Nov 11 23:59:59 2025 GMT
        Subject: serialNumber=f8c3e5f1039afbeb99daeab2deb9f89b5813491914570a2d98e673d0640c0604, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:5e:9e:33:0c:24:2e:9e:36:79:d2:c3:b8:31:
                    e4:55:34:84:f7:8c:00:73:15:d0:4c:1c:8d:60:2c:
                    e5:e1:02:17:61:3d:fd:39:3c:80:53:10:c1:ce:e9:
                    f2:e4:17:15:f5:64:80:52:28:bd:91:1e:18:b1:66:
                    cb:de:ee:a6:56:0b:03:6c:da:ce:0e:61:90:87:86:
                    76:24:71:a4:15:42:38:8f:c2:8d:c9:0e:be:41:f6:
                    7c:64:e4:f8:04:6d:5a:fc:8f:ca:a8:cc:e3:29:06:
                    a4:9b:c6:42:03:76:63:70:06:6a:09:d8:94:c2:c4:
                    ce:52:fe:49:bd:08:74:22:90:1f:0f:52:25:9e:01:
                    53:8a:e0:4d:16:b8:11:81:62:83:39:df:f1:1e:b1:
                    f5:31:f1:49:c9:df:dd:0c:f9:a7:8e:ca:d6:7f:4d:
                    0c:17:46:2f:f9:e6:f6:07:b3:17:49:1c:ee:b3:e5:
                    e9:0a:c3:67:68:0c:b7:de:4d:79:91:c3:ce:f0:58:
                    67:4a:4a:92:03:24:71:7e:f7:a4:a3:46:78:c0:62:
                    7d:72:06:63:d9:a2:87:96:4d:74:b4:b8:28:0f:5d:
                    27:da:9c:15:21:d1:4e:2a:65:2c:46:88:15:0c:a9:
                    f3:11:c2:e9:b6:d0:78:76:4b:44:ee:45:ea:84:bf:
                    1d:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:9A:89:45:97:B6:39:4D:B9:FD:3A:9D:AD:95:E3:F9:C7:EE:7B:EF
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/12ee22c9-4918-4fcc-bfe0-41c7247cbe08.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.184.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         c2:4f:89:31:c3:80:c1:6a:84:56:c2:a2:3b:5e:99:96:f1:7d:
         de:07:6a:c6:24:f6:06:6f:5c:49:61:9a:dc:ab:19:f6:fb:69:
         68:79:68:cf:33:19:ec:01:20:fc:f0:3e:27:8d:87:16:8b:cc:
         ef:7a:ea:bb:a5:99:c2:51:da:75:59:04:2c:79:3b:c4:9d:d9:
         f5:6c:91:3b:74:07:b1:bb:ba:f1:23:14:99:8d:d0:1b:ea:5c:
         2d:64:e6:38:52:fc:90:2e:f8:61:d2:77:9e:25:28:b3:84:7e:
         0f:b0:21:fd:e6:d3:ab:35:18:7c:99:dd:a9:22:8b:5e:15:78:
         9a:f1:24:89:89:3f:90:73:b4:d6:4a:35:89:04:6d:26:71:fc:
         5c:f8:11:ed:40:7e:37:5c:42:f5:51:94:44:60:d3:f2:2a:b1:
         69:01:9a:96:4c:d6:69:16:d3:3a:3f:f0:c1:36:26:61:25:f7:
         bb:42:2c:2a:0d:ee:ca:c6:e2:4d:d6:86:4b:87:0e:9f:dd:e0:
         27:13:30:2e:4a:ee:80:bf:c1:34:e5:c8:31:42:db:4d:2f:cb:
         a7:2c:13:66:41:5f:59:b5:d8:5b:c4:bb:54:8a:32:90:f4:af:
         bb:2f:6e:c5:ad:d4:a9:b9:39:e2:e3:af:43:d2:b8:35:81:74:
         67:c9:64:04
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUR3Ftk1NXJDy/ODVeFYlaaIPzRP0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA3MDA0MDIzWhcNMjUxMTExMjM1OTU5
WjB6MUkwRwYDVQQFE0BmOGMzZTVmMTAzOWFmYmViOTlkYWVhYjJkZWI5Zjg5YjU4
MTM0OTE5MTQ1NzBhMmQ5OGU2NzNkMDY0MGMwNjA0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpXp4zDCQunjZ50sO4MeRVNIT3jABzFdBMHI1gLOXhAhdh
Pf05PIBTEMHO6fLkFxX1ZIBSKL2RHhixZsve7qZWCwNs2s4OYZCHhnYkcaQVQjiP
wo3JDr5B9nxk5PgEbVr8j8qozOMpBqSbxkIDdmNwBmoJ2JTCxM5S/km9CHQikB8P
UiWeAVOK4E0WuBGBYoM53/EesfUx8UnJ390M+aeOytZ/TQwXRi/55vYHsxdJHO6z
5ekKw2doDLfeTXmRw87wWGdKSpIDJHF+96SjRnjAYn1yBmPZooeWTXS0uCgPXSfa
nBUh0U4qZSxGiBUMqfMRwum20Hh2S0TuReqEvx0bAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUSZqJRZe2OU25/TqdrZXj+cfue+8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzEyZWUyMmM5LTQ5MTgtNGZjYy1iZmUwLTQxYzcyNDdjYmUwOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAXAuCAwDQYJKoZIhvcNAQELBQADggEBAMJPiTHDgMFqhFbCojtemZbxfd4H
asYk9gZvXElhmtyrGfb7aWh5aM8zGewBIPzwPieNhxaLzO966rulmcJR2nVZBCx5
O8Sd2fVskTt0B7G7uvEjFJmN0BvqXC1k5jhS/JAu+GHSd54lKLOEfg+wIf3m06s1
GHyZ3akii14VeJrxJImJP5BztNZKNYkEbSZx/Fz4Ee1AfjdcQvVRlERg0/IqsWkB
mpZM1mkW0zo/8ME2JmEl97tCLCoN7srG4k3WhkuHDp/d4CcTMC5K7oC/wTTlyDFC
200vy6csE2ZBX1m12FvEu1SKMpD0r7svbsWt1Km5OeLjr0PSuDWBdGfJZAQ=
-----END CERTIFICATE-----