Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5ce64577-e032-4364-b209-0c4fa179abff.roa
File:                     5ce64577-e032-4364-b209-0c4fa179abff.roa (raw, json)
Hash identifier:          hBADHV33QFGSXXp5LBpz9UsK5Uvcfb3UfaG8vmHVLOU=
Subject key identifier:   00:31:F7:A9:85:66:3E:93:71:FC:D2:A5:17:7F:BE:17:51:59:2B:BF
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       469B014A4A6DBFBBC5A02A1197575C26EE32931B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5ce64577-e032-4364-b209-0c4fa179abff.roa
Signing time:             Tue 14 Oct 2025 00:42:46 +0000
ROA not before:           Tue 14 Oct 2025 00:42:46 +0000
ROA not after:            Tue 18 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        130.176.143.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:9b:01:4a:4a:6d:bf:bb:c5:a0:2a:11:97:57:5c:26:ee:32:93:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 14 00:42:46 2025 GMT
            Not After : Nov 18 23:59:59 2025 GMT
        Subject: serialNumber=6adbc4656499e7cf272ff13318599c97d1c1397c40f0cdab078e2875725770f6, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:5a:22:7e:07:6b:93:ea:8d:c0:f6:7b:72:5a:
                    3f:d4:15:3c:41:76:b0:3a:9c:7a:30:b7:2f:8e:8c:
                    a1:02:85:55:6f:5a:ea:87:68:17:0a:00:6e:6f:6e:
                    f3:20:1b:6a:cf:12:33:c3:ce:65:0d:b1:d4:20:9e:
                    a4:a5:f8:8d:9e:68:2e:3b:ca:93:6c:fb:b8:e5:10:
                    b0:d1:a2:14:db:c6:f3:82:79:2b:30:ae:e0:79:e6:
                    a7:68:a9:20:e7:b7:65:23:da:28:73:7e:18:b3:74:
                    18:9b:6a:b6:c9:9e:73:bd:32:14:5f:68:bc:b5:ce:
                    33:28:b6:b7:33:a5:9e:02:53:cc:7a:90:0f:38:91:
                    ae:b4:27:35:f0:e5:41:69:23:e3:bd:1a:a7:55:8a:
                    d7:72:38:5e:6c:9f:fc:b3:97:6f:5b:26:e8:af:b9:
                    1e:2f:38:18:50:c7:88:56:a9:ac:e0:7a:4b:60:22:
                    bb:c3:3e:c6:bc:2f:ef:ef:50:f8:8b:2a:c2:d4:0d:
                    73:f9:05:54:99:6f:dd:2e:93:1a:2e:ae:a7:7a:99:
                    8f:65:ba:b6:b2:7a:c6:4e:18:c3:dc:51:62:c8:83:
                    4c:18:10:67:a8:59:f9:e4:bb:8a:97:8c:78:49:49:
                    d9:b6:55:b5:16:2c:fd:31:03:6b:3c:74:e2:f6:81:
                    ad:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:31:F7:A9:85:66:3E:93:71:FC:D2:A5:17:7F:BE:17:51:59:2B:BF
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5ce64577-e032-4364-b209-0c4fa179abff.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  130.176.143.0/24

    Signature Algorithm: sha256WithRSAEncryption
         cd:17:8a:5f:cc:2c:e4:2a:6f:c0:61:50:9b:f8:f8:cd:68:3d:
         8e:89:57:fb:0b:5e:73:76:a0:27:16:2b:81:6e:63:8e:d4:9c:
         f6:a4:b8:a7:56:68:95:cd:d9:0a:1c:db:ca:53:dd:03:ee:1c:
         b3:1a:24:4d:b3:1f:75:9e:42:d8:4a:3a:c2:ef:79:5e:d2:6a:
         ae:5a:0d:46:0d:8f:f3:13:48:e1:60:84:17:20:69:bc:6d:77:
         bf:7e:ae:27:fb:fa:d9:70:43:45:16:43:9a:0c:12:33:54:90:
         8f:d4:39:1a:c5:59:27:6f:1a:60:d5:fa:51:64:23:cf:08:a9:
         98:ae:48:3b:d1:80:f0:cf:73:0a:1f:04:34:c3:55:3e:a6:48:
         2e:0b:bb:4c:6f:ce:87:2f:ec:a9:22:84:e3:90:34:14:b2:0b:
         d0:71:3a:5f:69:98:85:a6:51:13:ca:95:8d:0f:c5:48:48:33:
         27:2d:64:88:24:6c:10:a8:6f:88:73:93:82:5e:ba:6e:61:36:
         a5:bb:1a:4f:78:7e:ba:98:4d:f9:06:ea:59:12:38:ad:6d:31:
         6e:7b:82:22:28:ae:2c:b5:81:ef:7e:97:c7:31:e5:0a:87:6f:
         8e:27:91:5c:aa:b6:dc:a9:c5:ee:28:c1:17:97:a3:07:80:60:
         f0:6d:24:37
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURpsBSkptv7vFoCoRl1dcJu4ykxswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE0MDA0MjQ2WhcNMjUxMTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A2YWRiYzQ2NTY0OTllN2NmMjcyZmYxMzMxODU5OWM5N2Qx
YzEzOTdjNDBmMGNkYWIwNzhlMjg3NTcyNTc3MGY2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCaWiJ+B2uT6o3A9ntyWj/UFTxBdrA6nHowty+OjKEChVVv
WuqHaBcKAG5vbvMgG2rPEjPDzmUNsdQgnqSl+I2eaC47ypNs+7jlELDRohTbxvOC
eSswruB55qdoqSDnt2Uj2ihzfhizdBibarbJnnO9MhRfaLy1zjMotrczpZ4CU8x6
kA84ka60JzXw5UFpI+O9GqdVitdyOF5sn/yzl29bJuivuR4vOBhQx4hWqazgektg
IrvDPsa8L+/vUPiLKsLUDXP5BVSZb90ukxourqd6mY9lurayesZOGMPcUWLIg0wY
EGeoWfnku4qXjHhJSdm2VbUWLP0xA2s8dOL2ga3TAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUADH3qYVmPpNx/NKlF3++F1FZK78wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzVjZTY0NTc3LWUwMzItNDM2NC1iMjA5LTBjNGZhMTc5YWJmZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACCsI8wDQYJKoZIhvcNAQELBQADggEBAM0Xil/MLOQqb8BhUJv4+M1oPY6J
V/sLXnN2oCcWK4FuY47UnPakuKdWaJXN2Qoc28pT3QPuHLMaJE2zH3WeQthKOsLv
eV7Saq5aDUYNj/MTSOFghBcgabxtd79+rif7+tlwQ0UWQ5oMEjNUkI/UORrFWSdv
GmDV+lFkI88IqZiuSDvRgPDPcwofBDTDVT6mSC4Lu0xvzocv7KkihOOQNBSyC9Bx
Ol9pmIWmURPKlY0PxUhIMyctZIgkbBCob4hzk4Jeum5hNqW7Gk94frqYTfkG6lkS
OK1tMW57giIoriy1ge9+l8cx5QqHb44nkVyqttypxe4owReXoweAYPBtJDc=
-----END CERTIFICATE-----