Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a7a166f1-f6b0-46bb-9a51-7cd66b150b0b.roa
File:                     a7a166f1-f6b0-46bb-9a51-7cd66b150b0b.roa (raw, json)
Hash identifier:          QkFbU2fPBqyZ8gpWeNzrbnttiA5ibgS0yEywzy7s9qk=
Subject key identifier:   8A:00:A0:27:23:1E:24:1F:4D:86:29:B1:C9:AB:DF:83:1E:9C:C5:04
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       623D86E013DAE1CEA836B3000EAED06A705A9D6A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a7a166f1-f6b0-46bb-9a51-7cd66b150b0b.roa
Signing time:             Fri 17 Oct 2025 21:31:19 +0000
ROA not before:           Fri 17 Oct 2025 21:31:19 +0000
ROA not after:            Fri 21 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        169.155.88.0/21 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:3d:86:e0:13:da:e1:ce:a8:36:b3:00:0e:ae:d0:6a:70:5a:9d:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 17 21:31:19 2025 GMT
            Not After : Nov 21 23:59:59 2025 GMT
        Subject: serialNumber=bcf0701c314cdbbc5a745a7e7d33f74829b68042401763b07aa724f99c59a790, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:ee:31:32:d6:93:f5:72:c8:8f:b4:96:63:c0:
                    5a:c5:02:47:a1:04:dd:65:a4:a7:a6:9b:44:15:07:
                    5c:7b:f3:01:f3:3d:7f:eb:9e:a7:ac:e6:b1:94:63:
                    ba:b8:60:65:ac:6f:9a:6a:7a:5e:e2:00:2c:57:dc:
                    ca:04:b6:9a:36:8f:25:91:64:87:7c:a7:da:ff:a5:
                    a4:ce:eb:65:60:bf:b8:58:19:c4:6d:17:dc:1f:a7:
                    82:47:02:30:4b:49:28:ee:58:f6:b2:cb:8d:ef:29:
                    23:21:14:9d:18:ef:f4:b8:2d:21:58:6b:bf:d8:21:
                    7f:83:a6:20:85:01:d2:48:ac:e1:c9:43:2a:14:de:
                    ee:bc:05:06:c3:96:74:83:c4:93:96:5c:f6:05:54:
                    f4:ca:72:f1:df:12:7c:0e:08:7c:60:28:2f:47:32:
                    60:59:f9:28:f6:98:a8:8d:25:87:43:5f:40:0c:23:
                    87:57:6d:e7:9e:ba:ac:e2:1e:2d:68:94:a9:b0:6f:
                    89:a3:44:4b:1e:6f:35:11:67:1b:12:b7:40:7a:6c:
                    85:c3:2b:dc:41:93:db:41:b7:ec:fc:5a:8a:ba:d8:
                    21:a7:09:cd:ab:56:5a:65:c6:f0:16:ee:9f:52:87:
                    15:81:d7:0c:b5:b7:f6:0a:ca:a3:f8:b2:3b:5a:bc:
                    cf:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:00:A0:27:23:1E:24:1F:4D:86:29:B1:C9:AB:DF:83:1E:9C:C5:04
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a7a166f1-f6b0-46bb-9a51-7cd66b150b0b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  169.155.88.0/21

    Signature Algorithm: sha256WithRSAEncryption
         1c:cb:85:82:c9:ca:2e:39:1c:4c:ab:22:1c:13:5f:cd:a2:66:
         eb:0c:71:e3:85:da:5f:f9:cb:90:25:6a:b7:1a:4f:75:92:96:
         78:a1:d0:c3:00:3a:e9:79:2f:76:27:2e:c3:e5:af:02:3e:03:
         4a:5e:40:64:b2:9f:ad:32:c3:6b:3d:63:49:6c:d6:1a:7d:0f:
         73:0d:63:24:1c:2c:5d:9f:f2:b5:9c:9b:46:28:dc:fb:0a:be:
         28:a2:f7:26:47:99:b7:49:03:de:43:c8:1b:31:85:96:39:07:
         68:9a:37:7a:74:13:b2:d0:78:2f:5c:68:b1:ba:2b:1e:4e:8d:
         d8:6e:2c:b1:75:1d:8b:ce:3c:fd:9a:54:b7:e2:ae:bb:e6:8e:
         3c:f2:0f:1f:d7:c7:4a:2e:33:2e:e6:16:55:17:45:90:f4:de:
         ff:12:45:e9:27:5f:15:d1:fe:d9:c2:80:4a:d4:4a:76:6a:66:
         58:40:71:ac:04:43:45:da:db:9f:2b:2b:a3:ae:48:27:e9:11:
         eb:2c:9d:d0:31:eb:93:87:85:ab:42:84:7d:6c:e0:02:16:0e:
         69:6d:71:31:e1:12:67:68:3d:f4:d4:73:13:32:0e:a7:1c:b3:
         6f:12:39:22:79:95:5a:d9:2e:42:f3:27:28:52:b6:79:ae:70:
         70:93:d3:10
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYj2G4BPa4c6oNrMADq7QanBanWowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE3MjEzMTE5WhcNMjUxMTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0BiY2YwNzAxYzMxNGNkYmJjNWE3NDVhN2U3ZDMzZjc0ODI5
YjY4MDQyNDAxNzYzYjA3YWE3MjRmOTljNTlhNzkwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCS7jEy1pP1csiPtJZjwFrFAkehBN1lpKemm0QVB1x78wHz
PX/rnqes5rGUY7q4YGWsb5pqel7iACxX3MoEtpo2jyWRZId8p9r/paTO62Vgv7hY
GcRtF9wfp4JHAjBLSSjuWPayy43vKSMhFJ0Y7/S4LSFYa7/YIX+DpiCFAdJIrOHJ
QyoU3u68BQbDlnSDxJOWXPYFVPTKcvHfEnwOCHxgKC9HMmBZ+Sj2mKiNJYdDX0AM
I4dXbeeeuqziHi1olKmwb4mjREsebzURZxsSt0B6bIXDK9xBk9tBt+z8Woq62CGn
Cc2rVlplxvAW7p9ShxWB1wy1t/YKyqP4sjtavM+zAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUigCgJyMeJB9Nhimxyavfgx6cxQQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E3YTE2NmYxLWY2YjAtNDZiYi05YTUxLTdjZDY2YjE1MGIwYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAOpm1gwDQYJKoZIhvcNAQELBQADggEBABzLhYLJyi45HEyrIhwTX82iZusM
ceOF2l/5y5AlarcaT3WSlnih0MMAOul5L3YnLsPlrwI+A0peQGSyn60yw2s9Y0ls
1hp9D3MNYyQcLF2f8rWcm0Yo3PsKviii9yZHmbdJA95DyBsxhZY5B2iaN3p0E7LQ
eC9caLG6Kx5OjdhuLLF1HYvOPP2aVLfirrvmjjzyDx/Xx0ouMy7mFlUXRZD03v8S
ReknXxXR/tnCgErUSnZqZlhAcawEQ0Xa258rK6OuSCfpEessndAx65OHhatChH1s
4AIWDmltcTHhEmdoPfTUcxMyDqccs28SOSJ5lVrZLkLzJyhStnmucHCT0xA=
-----END CERTIFICATE-----