Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9544df28-c3ca-47ba-851e-1178b9c685ec.roa
File:                     9544df28-c3ca-47ba-851e-1178b9c685ec.roa (raw, json)
Hash identifier:          x11HvZOU45kXT1p83BiTTPf2jNwFLMO/wT1E9tjR8Uo=
Subject key identifier:   A5:B5:A6:31:8C:CF:B2:F5:35:B4:E4:D3:F7:AC:78:C0:90:A7:C3:CE
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7530FE0CE4BBF9B4A66F84315F740660119F3F73
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9544df28-c3ca-47ba-851e-1178b9c685ec.roa
Signing time:             Wed 01 Oct 2025 00:52:51 +0000
ROA not before:           Wed 01 Oct 2025 00:52:51 +0000
ROA not after:            Wed 05 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        96.0.48.0/21 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:30:fe:0c:e4:bb:f9:b4:a6:6f:84:31:5f:74:06:60:11:9f:3f:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  1 00:52:51 2025 GMT
            Not After : Nov  5 23:59:59 2025 GMT
        Subject: serialNumber=5c0de9d5a1059e64157b0a03b62df9849495c7ce9bd2b79ad088680e4b3316ba, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:1d:69:8e:bd:a4:89:1a:e5:cf:81:2e:85:17:
                    71:c5:d7:07:3e:b0:b4:09:4d:f8:a3:0b:32:de:59:
                    38:34:51:ac:b5:21:d3:fa:9d:0a:8d:49:cc:06:07:
                    e7:c7:c1:e5:07:df:df:d7:97:05:d8:0e:82:5b:5a:
                    b0:fa:d3:09:82:1a:65:84:5c:c0:4c:39:32:26:c0:
                    8e:22:6b:98:76:10:07:43:10:09:13:07:5c:8e:34:
                    4b:be:73:db:40:94:01:89:08:1f:7c:3b:a5:8d:15:
                    30:33:e7:de:00:a1:b3:a8:9f:cb:eb:f7:30:f8:af:
                    41:89:59:e7:83:ff:63:cd:c5:c2:d9:a6:53:72:e8:
                    b9:05:a6:20:34:ec:8a:7c:8a:5f:80:c8:54:16:15:
                    26:8b:78:b2:cf:c4:96:65:23:e0:f9:be:fe:02:f5:
                    42:c5:f4:2d:01:b9:f4:79:c7:a6:0e:48:77:5e:47:
                    19:a8:d8:a5:1b:57:b1:78:c5:ea:27:7e:32:04:87:
                    a5:cd:8b:78:ef:2e:ce:a2:32:2a:6c:68:9f:48:44:
                    94:43:f8:58:9d:8e:33:01:e6:91:07:e7:fd:7f:f6:
                    07:c0:22:a3:70:e2:6f:94:55:ef:e6:0a:b1:7b:f5:
                    fe:ef:17:a5:bc:1d:d7:ca:84:72:70:97:7f:48:9b:
                    8d:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:B5:A6:31:8C:CF:B2:F5:35:B4:E4:D3:F7:AC:78:C0:90:A7:C3:CE
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9544df28-c3ca-47ba-851e-1178b9c685ec.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  96.0.48.0/21

    Signature Algorithm: sha256WithRSAEncryption
         68:0f:09:f2:9b:9c:63:31:01:3d:f1:04:9c:6f:cb:69:fd:dc:
         91:1c:1b:d6:74:65:46:2e:70:55:5d:8c:ea:f5:ec:68:ab:06:
         2f:df:f3:40:ad:12:a4:c4:d5:dc:73:21:bd:a2:4c:f9:ca:a1:
         51:29:0a:5a:2b:8e:e8:ef:0d:67:26:b2:b8:03:89:67:b6:ca:
         ee:bc:2c:a7:b4:c9:07:de:a8:8d:a8:a3:0c:27:9e:a7:8c:0b:
         af:55:ab:b5:e2:c9:7a:87:f3:93:22:0e:81:38:43:a8:3f:d6:
         20:eb:16:84:54:70:c1:a1:f1:b0:04:7c:2c:0e:d8:5b:de:e6:
         36:9a:8b:cb:60:87:b6:0c:aa:46:a8:46:78:99:35:b8:42:71:
         e3:04:69:68:23:a7:2b:d2:f0:b7:12:9d:8e:19:e1:b2:36:01:
         eb:80:c5:1d:63:7e:33:0e:fd:4d:b1:39:c4:34:c0:72:bf:fd:
         31:8a:37:38:dc:8d:79:b3:c9:a2:5b:7e:16:d6:4d:10:2b:60:
         41:c7:65:9d:0e:7e:38:7f:27:fd:ae:7c:a8:24:31:b6:82:77:
         e8:94:38:cb:94:61:41:3d:15:9b:45:de:c8:8d:c8:a1:f2:f3:
         e6:31:f7:62:9d:02:13:47:9b:e2:4c:4a:52:47:53:cc:e1:98:
         53:59:24:e2
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdTD+DOS7+bSmb4QxX3QGYBGfP3MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDA1MjUxWhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A1YzBkZTlkNWExMDU5ZTY0MTU3YjBhMDNiNjJkZjk4NDk0
OTVjN2NlOWJkMmI3OWFkMDg4NjgwZTRiMzMxNmJhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCVHWmOvaSJGuXPgS6FF3HF1wc+sLQJTfijCzLeWTg0Uay1
IdP6nQqNScwGB+fHweUH39/XlwXYDoJbWrD60wmCGmWEXMBMOTImwI4ia5h2EAdD
EAkTB1yONEu+c9tAlAGJCB98O6WNFTAz594AobOon8vr9zD4r0GJWeeD/2PNxcLZ
plNy6LkFpiA07Ip8il+AyFQWFSaLeLLPxJZlI+D5vv4C9ULF9C0BufR5x6YOSHde
Rxmo2KUbV7F4xeonfjIEh6XNi3jvLs6iMipsaJ9IRJRD+FidjjMB5pEH5/1/9gfA
IqNw4m+UVe/mCrF79f7vF6W8HdfKhHJwl39Im42bAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUpbWmMYzPsvU1tOTT96x4wJCnw84wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk1NDRkZjI4LWMzY2EtNDdiYS04NTFlLTExNzhiOWM2ODVlYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANgADAwDQYJKoZIhvcNAQELBQADggEBAGgPCfKbnGMxAT3xBJxvy2n93JEc
G9Z0ZUYucFVdjOr17GirBi/f80CtEqTE1dxzIb2iTPnKoVEpClorjujvDWcmsrgD
iWe2yu68LKe0yQfeqI2oowwnnqeMC69Vq7XiyXqH85MiDoE4Q6g/1iDrFoRUcMGh
8bAEfCwO2Fve5jaai8tgh7YMqkaoRniZNbhCceMEaWgjpyvS8LcSnY4Z4bI2AeuA
xR1jfjMO/U2xOcQ0wHK//TGKNzjcjXmzyaJbfhbWTRArYEHHZZ0Ofjh/J/2ufKgk
MbaCd+iUOMuUYUE9FZtF3siNyKHy8+Yx92KdAhNHm+JMSlJHU8zhmFNZJOI=
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:00:01 2025 by rpki-client