Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2efb9bd0-475f-417d-8e72-8a50428e9da8.roa
File:                     2efb9bd0-475f-417d-8e72-8a50428e9da8.roa (raw, json)
Hash identifier:          5LhQAiHTn1a7PaMQTy2lhq+fE8jKbn8KXYtFbcy4oIg=
Subject key identifier:   35:DB:3E:22:AA:32:35:8B:3B:9D:06:18:33:BB:7E:9A:85:49:C9:7A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3A18AF6A54628309ECB14F1532FFF1C409A9D4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2efb9bd0-475f-417d-8e72-8a50428e9da8.roa
Signing time:             Fri 17 Oct 2025 00:12:07 +0000
ROA not before:           Fri 17 Oct 2025 00:12:07 +0000
ROA not after:            Fri 21 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        1.179.52.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:18:af:6a:54:62:83:09:ec:b1:4f:15:32:ff:f1:c4:09:a9:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 17 00:12:07 2025 GMT
            Not After : Nov 21 23:59:59 2025 GMT
        Subject: serialNumber=52e5a798d4d205a6061dd3180700d83bec7ed4a493119a7586b0078c67e7f73a, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:53:1c:02:36:7e:1c:8b:df:00:0c:de:e2:f1:
                    c6:40:3e:ca:a5:95:7e:37:50:03:87:7f:17:37:c5:
                    33:45:4a:27:50:ad:67:89:2b:ee:44:0c:71:50:06:
                    a5:5a:b4:f6:34:69:7b:7c:42:9b:1c:be:35:10:1c:
                    7c:c9:2a:db:e2:80:4e:77:4d:c3:80:70:f4:c7:5d:
                    bc:1c:04:45:82:21:b1:b8:49:ea:06:2b:63:39:d2:
                    b8:48:64:95:84:2f:35:c9:65:2a:9c:34:55:9c:76:
                    48:f7:4d:75:a1:4f:c4:1b:21:4c:98:bf:c8:38:d9:
                    15:46:7d:34:2a:26:c6:d2:fc:80:bd:a3:3a:9c:d6:
                    aa:e8:b4:53:5b:f7:3c:16:66:47:f7:09:66:e2:bd:
                    30:3f:c3:48:bc:4c:1f:9b:56:65:2a:0d:0d:55:d4:
                    0d:94:f5:99:0c:6f:63:6f:89:1f:24:71:aa:3f:78:
                    cc:98:36:56:61:04:c7:34:db:86:f9:e8:28:52:b3:
                    76:d7:cf:d8:05:fb:7d:0d:db:02:3f:5e:e6:da:41:
                    59:c8:96:7d:b8:91:41:ad:dc:85:8e:15:21:95:7d:
                    75:82:20:d7:b5:16:c1:e9:4c:52:3c:ff:13:0f:20:
                    54:ad:7f:79:dc:8b:f0:e5:85:15:fc:f3:bf:e1:be:
                    ba:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:DB:3E:22:AA:32:35:8B:3B:9D:06:18:33:BB:7E:9A:85:49:C9:7A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2efb9bd0-475f-417d-8e72-8a50428e9da8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.179.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7a:a3:4e:61:90:e1:4e:01:19:84:e8:90:bf:c6:09:6e:58:15:
         99:41:8a:5c:b9:d0:c7:46:9e:79:11:d1:52:98:d6:28:d1:42:
         f0:e5:40:ca:9f:f1:b9:69:6f:f8:fb:f6:d4:04:c4:e6:af:13:
         1d:17:ea:19:89:80:55:15:e8:61:6f:97:6c:ba:84:1e:1d:40:
         c6:2b:ed:7d:8c:3f:0f:46:7e:3c:1a:35:75:48:6d:0a:93:bf:
         bf:4c:9f:0b:47:5c:d6:90:fd:98:82:05:eb:a6:b6:2c:5a:b9:
         5e:c6:00:5e:5e:3d:5f:f4:c1:c3:34:93:8e:be:8e:f7:d0:f1:
         41:44:3a:17:ce:b1:b1:3e:f9:98:b6:f3:b0:56:7b:93:39:9d:
         da:90:ad:37:ad:74:42:5d:0a:bd:ae:d9:f4:6d:0c:38:87:41:
         8f:4f:83:6d:4d:97:6f:80:74:9d:0c:ab:42:39:22:33:ae:df:
         2d:84:5f:d5:82:3e:fe:38:3b:5b:3d:28:d3:63:8e:62:60:4b:
         54:a2:87:fb:36:b5:8f:d3:d0:57:60:46:7b:95:a0:7d:de:f8:
         55:92:56:fd:a5:3b:5b:a5:94:3c:4b:2d:2e:43:07:6a:b9:fc:
         e1:1e:20:7d:49:30:06:2b:d3:ae:0c:3b:ab:75:58:8b:28:a4:
         5b:e8:3a:21
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITOhivalRigwnssU8VMv/xxAmp1DANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzI2ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAxOGQ0MmJlMzU4ZWIz
NzEwN2RiZThjYjcxZDBhNzAeFw0yNTEwMTcwMDEyMDdaFw0yNTExMjEyMzU5NTla
MHoxSTBHBgNVBAUTQDUyZTVhNzk4ZDRkMjA1YTYwNjFkZDMxODA3MDBkODNiZWM3
ZWQ0YTQ5MzExOWE3NTg2YjAwNzhjNjdlN2Y3M2ExLTArBgNVBAMTJGIyNWM5NzBm
LWQ4MTMtNDQ1Yy1iZmUyLTYyNjY4NTE4Yzg3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKpTHAI2fhyL3wAM3uLxxkA+yqWVfjdQA4d/FzfFM0VKJ1Ct
Z4kr7kQMcVAGpVq09jRpe3xCmxy+NRAcfMkq2+KATndNw4Bw9MddvBwERYIhsbhJ
6gYrYznSuEhklYQvNcllKpw0VZx2SPdNdaFPxBshTJi/yDjZFUZ9NComxtL8gL2j
OpzWqui0U1v3PBZmR/cJZuK9MD/DSLxMH5tWZSoNDVXUDZT1mQxvY2+JHyRxqj94
zJg2VmEExzTbhvnoKFKzdtfP2AX7fQ3bAj9e5tpBWciWfbiRQa3chY4VIZV9dYIg
17UWwelMUjz/Ew8gVK1/edyL8OWFFfzzv+G+ulkCAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBQ12z4iqjI1izudBhgzu36ahUnJejAfBgNVHSMEGDAWgBQQXdeNVXhAq0Nd
vRUhII8p+kk/rjAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzFiYTMwMmI4LThk
YWItNDkxZC1iOWVkLWQ3YzkyZDAzMGQ4Mi82ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAx
OGQ0MmJlMzU4ZWIzNzEwN2RiZThjYjcxZDBhNy5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8yMGFhMzI5Yi1mYzUyLTRjNjEtYmY1My0wOTcy
NWMwNDI5NDIvMmVmYjliZDAtNDc1Zi00MTdkLThlNzItOGE1MDQyOGU5ZGE4LnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMt
MDk3MjVjMDQyOTQyL19xeDNSSjhCalVLLU5ZNnpjUWZiNk10eDBLYy5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAgGzNDANBgkqhkiG9w0BAQsFAAOCAQEAeqNOYZDhTgEZhOiQv8YJblgVmUGK
XLnQx0aeeRHRUpjWKNFC8OVAyp/xuWlv+Pv21ATE5q8THRfqGYmAVRXoYW+XbLqE
Hh1AxivtfYw/D0Z+PBo1dUhtCpO/v0yfC0dc1pD9mIIF66a2LFq5XsYAXl49X/TB
wzSTjr6O99DxQUQ6F86xsT75mLbzsFZ7kzmd2pCtN610Ql0Kva7Z9G0MOIdBj0+D
bU2Xb4B0nQyrQjkiM67fLYRf1YI+/jg7Wz0o02OOYmBLVKKH+za1j9PQV2BGe5Wg
fd74VZJW/aU7W6WUPEstLkMHarn84R4gfUkwBivTrgw7q3VYiyikW+g6IQ==
-----END CERTIFICATE-----