Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/95cc89f9-cb09-4680-9d92-2d07d18c23c5.roa
File:                     95cc89f9-cb09-4680-9d92-2d07d18c23c5.roa (raw, json)
Hash identifier:          OWo/fCNS1rSz2tTTCcDicgdyFXhMQZls22chseKz4Xs=
Subject key identifier:   5C:D9:04:29:64:3E:E3:21:52:03:30:D4:27:C3:0C:CC:5F:FC:FC:16
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       023DE7D27C3404A8D77B0CBAE20044A4CA4F60BE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/95cc89f9-cb09-4680-9d92-2d07d18c23c5.roa
Signing time:             Tue 14 Oct 2025 15:42:18 +0000
ROA not before:           Tue 14 Oct 2025 15:42:18 +0000
ROA not after:            Tue 18 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        202.174.135.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:3d:e7:d2:7c:34:04:a8:d7:7b:0c:ba:e2:00:44:a4:ca:4f:60:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 14 15:42:18 2025 GMT
            Not After : Nov 18 23:59:59 2025 GMT
        Subject: serialNumber=160c89f4f462e9874b4bd52efdd2f01f2aa68bf500c88f672e9e07253dfa5070, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:d8:97:1c:88:01:62:49:2c:b9:88:f1:c3:5a:
                    c1:4e:17:7f:e4:e4:ef:06:7a:93:85:ab:0b:19:31:
                    0b:21:50:b8:34:c2:a8:0b:ab:a5:aa:9a:49:86:0d:
                    34:a8:01:d6:16:f9:99:2d:44:63:0c:af:22:3a:3e:
                    eb:1b:23:a3:24:4e:69:f4:8d:a3:6f:6a:b7:b6:34:
                    17:b0:25:a9:0d:52:62:dd:cd:90:00:ae:45:ad:4f:
                    ab:fb:df:c4:d0:2c:d1:e7:58:14:3d:91:bc:2f:6c:
                    87:3c:86:e6:6d:02:c7:b7:9b:57:85:95:7f:71:97:
                    3e:69:fc:b0:9e:b6:fc:c4:69:60:a7:dd:d9:2f:af:
                    47:5e:39:e5:2e:64:07:7c:54:93:53:e7:2a:01:69:
                    48:15:a1:c3:6c:50:8e:20:4a:78:d5:df:dd:6c:03:
                    2b:10:96:10:57:2f:90:41:f1:c3:02:75:56:41:07:
                    cd:ef:ff:1e:ee:56:58:fa:3d:c9:6f:df:63:5d:0c:
                    ad:4e:ac:93:81:49:bb:d5:86:1d:da:31:0d:a2:6a:
                    e4:1e:cf:a2:19:33:ef:12:28:20:0f:fa:c5:b7:08:
                    5f:fc:a2:32:2f:9e:b3:ce:12:9a:8f:cd:30:f5:52:
                    c5:bb:c9:37:ad:4b:c2:02:05:30:8c:4a:a1:2b:d9:
                    e5:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:D9:04:29:64:3E:E3:21:52:03:30:D4:27:C3:0C:CC:5F:FC:FC:16
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/95cc89f9-cb09-4680-9d92-2d07d18c23c5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.174.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:8e:5a:4c:9b:80:92:1e:4c:de:39:d2:c1:af:f6:8e:02:06:
         30:8e:04:31:21:9c:40:de:2c:6c:f0:f1:aa:73:45:22:68:25:
         e6:20:c5:76:bf:07:19:07:e9:fc:d3:92:cd:17:d0:40:fb:84:
         08:ba:95:02:1c:eb:b4:9f:90:ee:7e:8f:80:d8:2b:17:52:fc:
         05:13:8a:5c:b9:8c:a8:12:9d:f1:4f:93:b5:1a:cd:76:1f:2d:
         54:de:b0:8f:1d:5e:ed:99:36:15:31:37:9f:cd:94:28:4e:5a:
         35:1c:c4:91:b6:47:76:55:56:40:c3:26:80:16:e6:92:32:52:
         fd:80:10:5f:95:fb:ec:d8:a8:81:ce:10:da:20:b3:e6:2a:3f:
         a1:a2:9a:26:1d:31:11:c7:60:39:ca:01:45:b3:03:92:a7:8e:
         7b:cd:53:bb:e6:0f:46:03:15:99:03:33:5e:fc:6c:04:45:1a:
         42:15:6e:f5:a2:40:d2:df:b9:81:24:c1:93:86:c2:c2:26:ce:
         48:c0:c6:64:13:08:6b:3f:b6:8f:b8:46:5c:ff:15:b4:4c:7c:
         22:d5:74:62:ac:b1:cc:3b:4a:53:67:5d:3a:62:6c:13:00:df:
         93:e9:34:03:bd:82:61:7e:3d:d6:0e:39:32:65:7a:9d:55:44:
         5c:4e:93:d1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAj3n0nw0BKjXewy64gBEpMpPYL4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE0MTU0MjE4WhcNMjUxMTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AxNjBjODlmNGY0NjJlOTg3NGI0YmQ1MmVmZGQyZjAxZjJh
YTY4YmY1MDBjODhmNjcyZTllMDcyNTNkZmE1MDcwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDn2JcciAFiSSy5iPHDWsFOF3/k5O8GepOFqwsZMQshULg0
wqgLq6WqmkmGDTSoAdYW+ZktRGMMryI6PusbI6MkTmn0jaNvare2NBewJakNUmLd
zZAArkWtT6v738TQLNHnWBQ9kbwvbIc8huZtAse3m1eFlX9xlz5p/LCetvzEaWCn
3dkvr0deOeUuZAd8VJNT5yoBaUgVocNsUI4gSnjV391sAysQlhBXL5BB8cMCdVZB
B83v/x7uVlj6Pclv32NdDK1OrJOBSbvVhh3aMQ2iauQez6IZM+8SKCAP+sW3CF/8
ojIvnrPOEpqPzTD1UsW7yTetS8ICBTCMSqEr2eVdAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUXNkEKWQ+4yFSAzDUJ8MMzF/8/BYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk1Y2M4OWY5LWNiMDktNDY4MC05ZDkyLTJkMDdkMThjMjNjNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADKrocwDQYJKoZIhvcNAQELBQADggEBAEGOWkybgJIeTN450sGv9o4CBjCO
BDEhnEDeLGzw8apzRSJoJeYgxXa/BxkH6fzTks0X0ED7hAi6lQIc67SfkO5+j4DY
KxdS/AUTily5jKgSnfFPk7UazXYfLVTesI8dXu2ZNhUxN5/NlChOWjUcxJG2R3ZV
VkDDJoAW5pIyUv2AEF+V++zYqIHOENogs+YqP6GimiYdMRHHYDnKAUWzA5KnjnvN
U7vmD0YDFZkDM178bARFGkIVbvWiQNLfuYEkwZOGwsImzkjAxmQTCGs/to+4Rlz/
FbRMfCLVdGKsscw7SlNnXTpibBMA35PpNAO9gmF+PdYOOTJlep1VRFxOk9E=
-----END CERTIFICATE-----