Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1461e263-3943-4fb6-92b2-79e0871e6a7a.roa
File:                     1461e263-3943-4fb6-92b2-79e0871e6a7a.roa (raw, json)
Hash identifier:          hxD6q82P/LvKC8L78QEd4C+ny9X1Qroe/10azNrsXSM=
Subject key identifier:   FE:B9:34:20:77:88:D0:CB:31:64:F3:89:83:76:03:07:F7:19:3F:F8
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7E32F1424CD33FA5858E27F8CE7B4397AB9CC83C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1461e263-3943-4fb6-92b2-79e0871e6a7a.roa
Signing time:             Tue 07 Oct 2025 00:23:26 +0000
ROA not before:           Tue 07 Oct 2025 00:23:26 +0000
ROA not after:            Tue 11 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        184.72.88.0/22 maxlen: 22
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:32:f1:42:4c:d3:3f:a5:85:8e:27:f8:ce:7b:43:97:ab:9c:c8:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  7 00:23:26 2025 GMT
            Not After : Nov 11 23:59:59 2025 GMT
        Subject: serialNumber=f13e36981c02cc548faebae939ac0637b1f00e676f9a69de22c62da44a5bdc84, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:4e:84:f9:2e:ae:be:65:af:49:73:d3:4d:0d:
                    b2:3d:fa:21:b1:db:04:d7:0c:81:6d:1b:62:16:48:
                    9a:3d:21:c0:0a:c4:5f:a6:21:0e:2d:c0:2c:f0:a0:
                    15:aa:62:d6:e5:df:68:29:68:30:6e:08:85:4f:85:
                    03:b8:75:93:f6:08:6e:33:e8:c6:c6:b7:b9:f6:80:
                    a0:b3:73:d8:ff:ff:df:1c:e8:a9:25:b9:02:67:8b:
                    94:f4:c9:05:71:5b:1a:d3:f2:8a:7a:46:62:24:b0:
                    6c:0e:f8:6c:bf:dc:f8:a0:73:2e:e8:6d:f9:d4:bb:
                    63:d1:cd:cc:04:99:8d:73:60:94:43:1a:8c:7d:a4:
                    bf:73:17:61:6b:32:88:0a:3d:9c:45:d9:e8:0c:85:
                    4c:e3:17:d0:e8:a4:52:37:29:44:93:4c:f6:e3:08:
                    12:d5:ff:a9:52:5e:48:74:a3:43:16:4c:46:60:cf:
                    f5:3a:d5:fb:a9:e6:0a:b2:74:6f:9a:6f:36:2b:5e:
                    f3:e0:a5:8e:ec:03:65:bf:2f:80:b7:cb:eb:67:d8:
                    c8:10:08:3b:0e:83:cc:f7:c6:c5:d9:b9:6e:f4:2e:
                    0e:3e:c1:e0:b7:30:de:8b:22:2b:09:63:22:f2:8e:
                    86:fc:38:4d:45:c2:86:f3:8c:8c:0f:e7:b6:bd:e5:
                    c8:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:B9:34:20:77:88:D0:CB:31:64:F3:89:83:76:03:07:F7:19:3F:F8
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1461e263-3943-4fb6-92b2-79e0871e6a7a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  184.72.88.0/22

    Signature Algorithm: sha256WithRSAEncryption
         98:20:24:8b:7b:06:1f:18:ac:91:1c:05:8d:d3:12:d2:7d:d2:
         07:12:ae:8f:6a:6f:08:17:b7:44:05:82:39:28:c2:e6:e3:b2:
         fb:21:9e:49:52:8d:5e:4e:af:93:6d:15:33:9e:35:57:c2:f1:
         08:0d:76:65:d4:01:95:16:94:1a:6a:17:99:2c:9f:3b:ba:54:
         55:cf:a6:20:34:7b:f0:c9:51:bd:9d:35:46:3f:2b:65:d9:97:
         bb:c3:e8:62:97:f7:f2:18:17:3e:ef:84:03:9a:3c:ff:2f:02:
         f1:ed:fd:26:e2:73:f4:d6:37:6d:c2:f9:4d:6d:68:57:50:df:
         be:fb:e6:06:23:d0:8e:00:b4:df:29:03:5b:b0:12:55:ae:cd:
         d8:c9:10:bf:6e:73:76:3c:83:1f:1a:72:81:f7:ed:6a:7b:ab:
         0e:ee:00:8a:4d:89:8a:25:79:b5:3b:26:d8:a1:d9:6a:7d:73:
         14:0e:65:6c:2e:98:3d:62:43:af:d4:fb:b7:b2:92:83:74:cf:
         6b:66:8b:e6:20:89:36:b0:7a:6e:b0:20:1a:fe:b5:ac:b6:b4:
         bd:65:2f:9c:13:85:05:a6:85:23:9b:04:14:db:91:46:26:6d:
         27:fd:16:28:1f:b0:ba:45:03:c5:9d:42:de:b2:ee:03:cf:be:
         b1:48:d9:f8
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfjLxQkzTP6WFjif4zntDl6ucyDwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA3MDAyMzI2WhcNMjUxMTExMjM1OTU5
WjB6MUkwRwYDVQQFE0BmMTNlMzY5ODFjMDJjYzU0OGZhZWJhZTkzOWFjMDYzN2Ix
ZjAwZTY3NmY5YTY5ZGUyMmM2MmRhNDRhNWJkYzg0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7ToT5Lq6+Za9Jc9NNDbI9+iGx2wTXDIFtG2IWSJo9IcAK
xF+mIQ4twCzwoBWqYtbl32gpaDBuCIVPhQO4dZP2CG4z6MbGt7n2gKCzc9j//98c
6KkluQJni5T0yQVxWxrT8op6RmIksGwO+Gy/3Pigcy7obfnUu2PRzcwEmY1zYJRD
Gox9pL9zF2FrMogKPZxF2egMhUzjF9DopFI3KUSTTPbjCBLV/6lSXkh0o0MWTEZg
z/U61fup5gqydG+abzYrXvPgpY7sA2W/L4C3y+tn2MgQCDsOg8z3xsXZuW70Lg4+
weC3MN6LIisJYyLyjob8OE1FwobzjIwP57a95ch/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU/rk0IHeI0MsxZPOJg3YDB/cZP/gwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE0NjFlMjYzLTM5NDMtNGZiNi05MmIyLTc5ZTA4NzFlNmE3YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAK4SFgwDQYJKoZIhvcNAQELBQADggEBAJggJIt7Bh8YrJEcBY3TEtJ90gcS
ro9qbwgXt0QFgjkowubjsvshnklSjV5Or5NtFTOeNVfC8QgNdmXUAZUWlBpqF5ks
nzu6VFXPpiA0e/DJUb2dNUY/K2XZl7vD6GKX9/IYFz7vhAOaPP8vAvHt/Sbic/TW
N23C+U1taFdQ37775gYj0I4AtN8pA1uwElWuzdjJEL9uc3Y8gx8acoH37Wp7qw7u
AIpNiYolebU7Jtih2Wp9cxQOZWwumD1iQ6/U+7eykoN0z2tmi+YgiTawem6wIBr+
tay2tL1lL5wThQWmhSObBBTbkUYmbSf9FigfsLpFA8WdQt6y7gPPvrFI2fg=
-----END CERTIFICATE-----