Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/980e8bc3-7bcd-46fb-8c14-cb075b8a677c.roa
File:                     980e8bc3-7bcd-46fb-8c14-cb075b8a677c.roa (raw, json)
Hash identifier:          ZsrMIVB+ff3DN5uvc26ugQyYnNOlJJjep3DrHwqXmzk=
Subject key identifier:   56:D2:33:5B:0D:A9:C9:1A:FF:28:8A:FC:F6:2B:00:6A:34:84:D6:F6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5706D2B39A3D4DBF3D40D65CCE566A487490FB84
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/980e8bc3-7bcd-46fb-8c14-cb075b8a677c.roa
Signing time:             Fri 03 Oct 2025 15:01:04 +0000
ROA not before:           Fri 03 Oct 2025 15:01:04 +0000
ROA not after:            Fri 07 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.82.128.0/18 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:06:d2:b3:9a:3d:4d:bf:3d:40:d6:5c:ce:56:6a:48:74:90:fb:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  3 15:01:04 2025 GMT
            Not After : Nov  7 23:59:59 2025 GMT
        Subject: serialNumber=85d83e3fd988ebbf552dc20e1478604c2916aa7751ef1e606a2f7d91ad377b69, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:fd:82:94:c7:a8:e0:1d:40:9a:98:01:25:68:
                    4d:6d:e5:c6:51:14:54:20:33:76:f7:93:af:8a:46:
                    a5:26:85:ab:c0:04:e1:96:c2:d7:95:1e:20:6d:fd:
                    0a:99:4b:f9:d1:12:3b:f7:c1:1d:5a:13:de:2a:0c:
                    9d:c8:1f:88:a4:fd:7a:50:60:0e:03:43:9e:2a:2c:
                    1c:7b:03:84:9d:f2:9f:05:d8:93:84:84:05:8e:d6:
                    e3:3e:12:f9:a5:b5:7f:c9:da:4d:26:99:74:21:30:
                    0d:47:68:81:0d:e1:40:6f:cb:9a:bf:74:ac:57:9c:
                    bc:4b:54:0a:29:84:35:e8:ec:86:e1:2d:55:75:4e:
                    c7:5a:c3:e3:c0:ec:5b:77:c7:81:1a:5c:3f:ef:f8:
                    e9:fa:2a:cf:ab:eb:df:d7:f8:6d:e5:dc:56:ad:0c:
                    60:25:c1:d9:4d:9b:93:ad:78:65:39:eb:bb:36:95:
                    7d:69:94:f3:3e:dc:bd:cd:24:19:59:f1:52:e1:af:
                    04:81:13:47:09:c7:50:11:ae:a1:7e:9f:61:96:e3:
                    c3:32:3e:ae:51:72:02:5a:b5:ce:35:91:27:a7:1d:
                    9f:d5:b6:d0:90:e1:1c:8f:33:93:90:4d:2b:1b:d8:
                    2e:1f:cf:37:90:88:60:55:44:44:06:9e:eb:d4:8f:
                    6e:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:D2:33:5B:0D:A9:C9:1A:FF:28:8A:FC:F6:2B:00:6A:34:84:D6:F6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/980e8bc3-7bcd-46fb-8c14-cb075b8a677c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.82.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         82:aa:fb:84:ed:fe:a4:db:c5:c1:51:5d:66:1b:84:df:24:a5:
         4c:a5:cf:ba:84:ac:ca:32:a6:4a:e7:b2:cc:fa:47:35:9d:66:
         fb:48:63:97:7b:7c:cf:80:52:19:c1:c6:06:15:b0:a5:c8:33:
         58:26:b0:00:ca:62:01:a1:01:d8:f3:2d:7b:1f:f8:e4:16:44:
         d3:54:e8:f6:d7:c4:79:14:2d:40:ea:01:d4:ad:bd:4f:ef:20:
         46:ca:55:6c:5e:dc:68:2b:03:dd:89:25:d8:08:47:5d:0a:be:
         11:83:87:9a:21:d8:15:77:21:e6:92:4f:f2:ac:3a:83:d3:12:
         68:7b:6b:b2:cf:72:dd:49:c7:e2:f9:a5:1d:08:7e:4d:e0:8d:
         b5:71:77:f0:f1:73:47:ef:e4:2f:64:fc:87:53:1d:89:41:42:
         fc:1a:53:96:09:a9:72:9a:90:d7:73:28:01:96:ef:43:b0:26:
         34:22:83:8a:63:aa:d9:0b:a6:f5:f3:7d:f6:04:87:fb:a1:74:
         19:50:64:4b:64:4c:ab:21:22:1f:93:b7:5b:35:03:53:cc:a3:
         b6:88:3a:67:97:ff:a9:10:89:53:14:15:48:bb:80:11:13:f8:
         91:76:1b:bb:a1:ec:e7:7f:67:be:7b:56:2d:1c:4d:75:96:51:
         16:5e:f2:53
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVwbSs5o9Tb89QNZczlZqSHSQ+4QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAzMTUwMTA0WhcNMjUxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A4NWQ4M2UzZmQ5ODhlYmJmNTUyZGMyMGUxNDc4NjA0YzI5
MTZhYTc3NTFlZjFlNjA2YTJmN2Q5MWFkMzc3YjY5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCv/YKUx6jgHUCamAElaE1t5cZRFFQgM3b3k6+KRqUmhavA
BOGWwteVHiBt/QqZS/nREjv3wR1aE94qDJ3IH4ik/XpQYA4DQ54qLBx7A4Sd8p8F
2JOEhAWO1uM+EvmltX/J2k0mmXQhMA1HaIEN4UBvy5q/dKxXnLxLVAophDXo7Ibh
LVV1Tsdaw+PA7Ft3x4EaXD/v+On6Ks+r69/X+G3l3FatDGAlwdlNm5OteGU567s2
lX1plPM+3L3NJBlZ8VLhrwSBE0cJx1ARrqF+n2GW48MyPq5RcgJatc41kSenHZ/V
ttCQ4RyPM5OQTSsb2C4fzzeQiGBVREQGnuvUj24zAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUVtIzWw2pyRr/KIr89isAajSE1vYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk4MGU4YmMzLTdiY2QtNDZmYi04YzE0LWNiMDc1YjhhNjc3Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZjUoAwDQYJKoZIhvcNAQELBQADggEBAIKq+4Tt/qTbxcFRXWYbhN8kpUyl
z7qErMoypkrnssz6RzWdZvtIY5d7fM+AUhnBxgYVsKXIM1gmsADKYgGhAdjzLXsf
+OQWRNNU6PbXxHkULUDqAdStvU/vIEbKVWxe3GgrA92JJdgIR10KvhGDh5oh2BV3
IeaST/KsOoPTEmh7a7LPct1Jx+L5pR0Ifk3gjbVxd/Dxc0fv5C9k/IdTHYlBQvwa
U5YJqXKakNdzKAGW70OwJjQig4pjqtkLpvXzffYEh/uhdBlQZEtkTKshIh+Tt1s1
A1PMo7aIOmeX/6kQiVMUFUi7gBET+JF2G7uh7Od/Z757Vi0cTXWWURZe8lM=
-----END CERTIFICATE-----