Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/957ea7c6-3090-4382-9ef5-24bfb9390cf9.roa
File:                     957ea7c6-3090-4382-9ef5-24bfb9390cf9.roa (raw, json)
Hash identifier:          EGPm8kWHMiHwOlfbBTDTJNXinhpnSla9Uuiir2+ZnY8=
Subject key identifier:   00:10:36:00:DE:3B:C0:F2:D0:C3:8E:B2:4A:37:68:66:DD:7F:08:5D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0C530F208BC537641D1D86A77D370CA0D1620F59
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/957ea7c6-3090-4382-9ef5-24bfb9390cf9.roa
Signing time:             Wed 01 Oct 2025 00:11:17 +0000
ROA not before:           Wed 01 Oct 2025 00:11:17 +0000
ROA not after:            Wed 05 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        209.164.64.0/18 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:53:0f:20:8b:c5:37:64:1d:1d:86:a7:7d:37:0c:a0:d1:62:0f:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  1 00:11:17 2025 GMT
            Not After : Nov  5 23:59:59 2025 GMT
        Subject: serialNumber=eae8fad0f84e154d74b288394d8ad2cbe4c54fa5f3efc024bed207bc0fafe071, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:bc:33:dc:62:67:63:33:b7:a7:47:0c:1d:96:
                    45:e6:47:57:d1:4c:11:64:53:1e:04:56:39:da:ca:
                    bc:c1:fb:c0:9a:a1:76:d4:79:3a:59:d4:86:2e:40:
                    eb:9f:0c:40:de:70:d0:e4:2b:2a:63:f7:4b:89:59:
                    64:ef:f7:7c:a2:09:1e:4a:da:8b:04:70:88:dc:81:
                    20:4d:8b:a7:4f:18:7d:69:78:79:67:16:13:a8:4e:
                    f6:f2:b7:ae:ec:df:e8:50:79:c8:35:ce:a0:5d:bb:
                    d8:30:f5:cb:12:2b:39:a5:79:cc:c5:1a:e7:fc:31:
                    c3:d6:79:52:9a:89:c5:1d:46:e9:f2:c8:58:83:bd:
                    e1:e9:8c:2a:8f:5d:ee:4f:cf:94:3b:22:27:c6:f5:
                    ce:e1:5e:f1:09:a8:d6:4d:ac:58:bd:cf:17:60:8e:
                    8f:c6:86:e2:39:0e:e3:30:a0:01:4f:ed:e5:7a:e1:
                    5e:42:26:89:76:a4:e7:a5:de:c3:84:fa:45:9f:7b:
                    a1:88:8c:56:ac:66:be:d2:04:ff:05:5a:e7:4f:51:
                    69:0e:67:94:26:05:bf:7a:a7:04:a8:90:fe:b1:3e:
                    db:f7:24:8b:8c:41:ad:80:41:43:1a:4f:fd:cb:de:
                    34:25:4a:76:40:a2:c1:66:9d:9f:71:41:2b:f6:74:
                    c4:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:10:36:00:DE:3B:C0:F2:D0:C3:8E:B2:4A:37:68:66:DD:7F:08:5D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/957ea7c6-3090-4382-9ef5-24bfb9390cf9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  209.164.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         33:76:55:45:ab:6d:0a:0a:94:8b:04:6e:d4:db:93:3e:aa:39:
         71:73:44:8a:48:e4:5f:9c:eb:b2:a6:6e:95:41:d3:e3:73:86:
         3c:c8:89:43:02:0b:a8:8f:be:e5:83:12:90:39:7d:fb:76:e0:
         af:52:88:a6:90:56:32:d2:f9:f5:8a:2c:6c:a3:a4:90:d2:1e:
         24:bd:df:91:aa:9a:0d:49:66:86:11:33:9a:ab:f3:a5:5c:4a:
         30:c8:24:87:82:41:a7:3b:fe:23:68:47:48:0a:a8:f5:de:7a:
         fc:ff:5b:d1:c5:e6:e8:53:a8:ac:8e:1e:75:62:0a:03:1d:4f:
         76:2b:ca:0d:67:35:6e:13:34:94:70:94:60:ea:ec:fb:55:db:
         64:49:66:e5:be:08:c8:48:44:6d:0a:d7:d7:50:d9:e5:9e:34:
         05:51:6e:07:82:10:ea:4d:a3:9e:d4:14:13:77:3b:85:83:97:
         1a:62:57:94:60:78:15:c3:f0:aa:9f:b3:ea:a1:3d:07:6f:2a:
         69:65:04:ca:06:97:96:fb:47:0b:59:0b:d8:2c:cc:38:5c:bd:
         26:6f:82:ba:69:85:5c:a8:e4:7d:a2:87:95:9d:0c:d2:e3:34:
         d8:c2:69:1f:18:ef:df:bb:3c:e5:e9:99:5f:01:c8:25:98:7e:
         fb:65:99:8c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDFMPIIvFN2QdHYanfTcMoNFiD1kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDAxMTE3WhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BlYWU4ZmFkMGY4NGUxNTRkNzRiMjg4Mzk0ZDhhZDJjYmU0
YzU0ZmE1ZjNlZmMwMjRiZWQyMDdiYzBmYWZlMDcxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDWvDPcYmdjM7enRwwdlkXmR1fRTBFkUx4EVjnayrzB+8Ca
oXbUeTpZ1IYuQOufDEDecNDkKypj90uJWWTv93yiCR5K2osEcIjcgSBNi6dPGH1p
eHlnFhOoTvbyt67s3+hQecg1zqBdu9gw9csSKzmleczFGuf8McPWeVKaicUdRuny
yFiDveHpjCqPXe5Pz5Q7IifG9c7hXvEJqNZNrFi9zxdgjo/GhuI5DuMwoAFP7eV6
4V5CJol2pOel3sOE+kWfe6GIjFasZr7SBP8FWudPUWkOZ5QmBb96pwSokP6xPtv3
JIuMQa2AQUMaT/3L3jQlSnZAosFmnZ9xQSv2dMTHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUABA2AN47wPLQw46ySjdoZt1/CF0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk1N2VhN2M2LTMwOTAtNDM4Mi05ZWY1LTI0YmZiOTM5MGNmOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAbRpEAwDQYJKoZIhvcNAQELBQADggEBADN2VUWrbQoKlIsEbtTbkz6qOXFz
RIpI5F+c67KmbpVB0+NzhjzIiUMCC6iPvuWDEpA5fft24K9SiKaQVjLS+fWKLGyj
pJDSHiS935Gqmg1JZoYRM5qr86VcSjDIJIeCQac7/iNoR0gKqPXeevz/W9HF5uhT
qKyOHnViCgMdT3Yryg1nNW4TNJRwlGDq7PtV22RJZuW+CMhIRG0K19dQ2eWeNAVR
bgeCEOpNo57UFBN3O4WDlxpiV5RgeBXD8Kqfs+qhPQdvKmllBMoGl5b7RwtZC9gs
zDhcvSZvgrpphVyo5H2ih5WdDNLjNNjCaR8Y79+7POXpmV8ByCWYfvtlmYw=
-----END CERTIFICATE-----