Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c8766e16-a2c3-4078-aa9e-504e17a360f9.roa
File:                     c8766e16-a2c3-4078-aa9e-504e17a360f9.roa (raw, json)
Hash identifier:          D+LEziCxwF98mwUpNs5ca4zwbuKv9cE6Qb3dijUGTQ0=
Subject key identifier:   89:49:89:F7:52:71:48:7C:CE:0F:DC:21:5F:C6:EE:D8:0F:FF:78:CB
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       67D00908DC1E7C516B8C3D9822703255A4CE47C5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c8766e16-a2c3-4078-aa9e-504e17a360f9.roa
Signing time:             Sat 18 Oct 2025 01:50:43 +0000
ROA not before:           Sat 18 Oct 2025 01:50:43 +0000
ROA not after:            Sat 22 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        161.178.0.0/18 maxlen: 18
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:d0:09:08:dc:1e:7c:51:6b:8c:3d:98:22:70:32:55:a4:ce:47:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 18 01:50:43 2025 GMT
            Not After : Nov 22 23:59:59 2025 GMT
        Subject: serialNumber=7f0e1b6a8c5262bd7493b23d7db98b3fc9aa2db635461380ab606093dff78394, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:c8:d8:64:5e:97:30:0b:38:a9:ed:f7:ef:2a:
                    aa:5a:83:1d:c1:6c:a9:28:28:bf:69:7b:86:0a:f3:
                    2a:cd:c3:af:f8:6c:78:2b:c1:0e:61:31:dc:5e:25:
                    2f:73:83:af:3e:9a:ec:1e:e6:99:fa:f5:36:14:a3:
                    eb:28:af:7d:6f:65:07:04:33:07:d8:e1:17:ed:e7:
                    34:91:df:ec:61:59:d9:e0:8b:b8:09:85:0d:2b:e3:
                    67:8a:46:89:66:7c:78:70:bb:a4:d5:9d:dc:2c:78:
                    5d:b0:2e:ca:45:05:72:4c:ff:c7:9a:57:3c:13:3e:
                    1f:ea:b4:07:fc:5b:60:04:7c:7b:c6:7d:13:96:c5:
                    96:41:a5:79:9a:95:03:c1:b4:7d:0c:fb:0a:62:f3:
                    82:0c:aa:98:1c:83:a8:f7:c6:a7:5f:57:3e:82:71:
                    f1:53:1b:55:dd:9b:86:12:6d:2b:db:b3:11:14:f3:
                    f8:cf:bc:e2:e1:36:fb:49:15:9b:98:53:6a:42:b5:
                    4a:9c:61:ed:61:02:7a:ad:02:19:1d:17:b4:c7:66:
                    b2:19:0d:fa:98:7c:4f:36:95:b0:9e:95:aa:6d:c6:
                    7f:11:1e:c1:51:23:c0:94:84:87:c5:b0:e8:bc:15:
                    13:0f:c1:87:8a:5b:93:ba:4a:16:cf:5b:1f:21:75:
                    01:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:49:89:F7:52:71:48:7C:CE:0F:DC:21:5F:C6:EE:D8:0F:FF:78:CB
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c8766e16-a2c3-4078-aa9e-504e17a360f9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  161.178.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         cf:d3:a3:3f:e5:a7:e7:7d:f8:fd:8e:af:2d:35:3f:9d:7e:13:
         01:c1:c5:0e:95:3d:f3:85:6f:34:04:f5:3d:6e:e7:04:66:99:
         9e:d8:17:84:4f:1d:e1:df:fe:52:b2:10:ec:73:52:30:e8:18:
         15:6c:f3:34:5f:b3:ae:cf:94:5a:a9:91:02:73:1d:36:c5:15:
         85:a1:13:aa:61:28:a3:fe:30:87:2f:53:c5:c3:7d:8b:d1:42:
         31:b2:9c:89:76:b8:19:f6:a2:6d:41:0e:68:06:fd:6e:95:a6:
         90:17:4d:00:14:32:4f:53:d7:24:11:6f:c0:42:ed:8b:8a:5d:
         bf:4f:b6:5e:5b:38:b7:7e:1f:06:61:20:c3:80:94:5d:a0:67:
         de:53:1e:1c:1c:ba:4a:ea:8e:39:54:0f:bf:49:5b:61:c4:d2:
         19:51:a4:bf:26:f9:92:fe:87:b3:00:23:9d:37:1b:69:ba:e8:
         38:6f:da:a9:b1:8f:1d:a1:8b:14:ad:36:2b:e3:b7:d8:1a:39:
         36:cb:d8:16:20:1c:29:e8:01:74:e4:88:75:f7:27:2f:86:b6:
         90:d4:6f:55:40:05:63:8d:b9:ba:c8:06:ba:54:6a:18:98:0a:
         a3:e0:ae:7a:f0:b9:6c:d4:e2:79:94:a9:b9:a9:4e:28:80:14:
         c9:77:03:bd
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUZ9AJCNwefFFrjD2YInAyVaTOR8UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE4MDE1MDQzWhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A3ZjBlMWI2YThjNTI2MmJkNzQ5M2IyM2Q3ZGI5OGIzZmM5
YWEyZGI2MzU0NjEzODBhYjYwNjA5M2RmZjc4Mzk0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDPyNhkXpcwCzip7ffvKqpagx3BbKkoKL9pe4YK8yrNw6/4
bHgrwQ5hMdxeJS9zg68+muwe5pn69TYUo+sor31vZQcEMwfY4Rft5zSR3+xhWdng
i7gJhQ0r42eKRolmfHhwu6TVndwseF2wLspFBXJM/8eaVzwTPh/qtAf8W2AEfHvG
fROWxZZBpXmalQPBtH0M+wpi84IMqpgcg6j3xqdfVz6CcfFTG1Xdm4YSbSvbsxEU
8/jPvOLhNvtJFZuYU2pCtUqcYe1hAnqtAhkdF7THZrIZDfqYfE82lbCelaptxn8R
HsFRI8CUhIfFsOi8FRMPwYeKW5O6ShbPWx8hdQH/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUiUmJ91JxSHzOD9whX8bu2A//eMswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M4NzY2ZTE2LWEyYzMtNDA3OC1hYTllLTUwNGUxN2EzNjBmOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAahsgAwDQYJKoZIhvcNAQELBQADggEBAM/Toz/lp+d9+P2Ory01P51+EwHB
xQ6VPfOFbzQE9T1u5wRmmZ7YF4RPHeHf/lKyEOxzUjDoGBVs8zRfs67PlFqpkQJz
HTbFFYWhE6phKKP+MIcvU8XDfYvRQjGynIl2uBn2om1BDmgG/W6VppAXTQAUMk9T
1yQRb8BC7YuKXb9Ptl5bOLd+HwZhIMOAlF2gZ95THhwcukrqjjlUD79JW2HE0hlR
pL8m+ZL+h7MAI503G2m66Dhv2qmxjx2hixStNivjt9gaOTbL2BYgHCnoAXTkiHX3
Jy+GtpDUb1VABWONubrIBrpUahiYCqPgrnrwuWzU4nmUqbmpTiiAFMl3A70=
-----END CERTIFICATE-----