Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cbc192ee-d8a1-4b4e-b1ce-720db745ca6b.roa
File:                     cbc192ee-d8a1-4b4e-b1ce-720db745ca6b.roa (raw, json)
Hash identifier:          tDe91vWroiIHhn9mZh0AXAN/uockk0YQPl7bcjxIwEk=
Subject key identifier:   C5:65:10:51:7F:F5:48:7B:92:75:C1:4F:71:01:84:F9:C3:33:29:AF
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       75EC7AB157D5CDB3A8436E5ED8CB059F2B51F9E7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cbc192ee-d8a1-4b4e-b1ce-720db745ca6b.roa
Signing time:             Mon 20 Oct 2025 00:41:13 +0000
ROA not before:           Mon 20 Oct 2025 00:41:13 +0000
ROA not after:            Mon 24 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        108.157.240.0/22 maxlen: 22
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:ec:7a:b1:57:d5:cd:b3:a8:43:6e:5e:d8:cb:05:9f:2b:51:f9:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 20 00:41:13 2025 GMT
            Not After : Nov 24 23:59:59 2025 GMT
        Subject: serialNumber=43febda136fe5dcd79afcab4c6fc9b0fb9f6c0a6c3eabd218a1184e37d54e9c7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:67:90:ed:b4:fa:61:a9:b5:4e:45:94:03:ac:
                    53:d8:19:ea:cc:dc:37:05:3a:b0:a4:6b:60:9c:8b:
                    08:fd:3d:c4:03:30:c0:82:93:31:d5:26:49:33:17:
                    ca:41:22:cf:ac:1f:9c:75:28:e9:51:b7:54:54:05:
                    fb:5b:d5:c2:e4:c7:54:c0:38:47:be:38:46:22:ee:
                    c8:0e:84:6b:13:cc:f6:d4:63:8f:07:57:2a:1e:9c:
                    c3:61:07:b4:ab:c8:14:98:84:76:a5:a1:38:90:74:
                    ca:0e:e6:19:1f:55:d5:79:d4:26:dc:06:d2:92:d6:
                    18:c0:eb:34:07:21:de:a7:dc:5f:90:ce:5c:60:ca:
                    04:5a:2b:97:4f:7a:70:7e:e2:26:0d:36:e1:b7:0b:
                    d2:ee:fa:7f:81:c6:db:de:34:4f:8e:b7:72:b6:78:
                    f6:14:b9:7e:38:8e:8c:96:84:b7:35:52:a9:02:35:
                    70:7a:15:a2:73:11:ed:46:67:f4:7b:69:8f:cf:c9:
                    c0:e3:5a:9c:d4:d1:65:b4:1e:d4:dc:96:45:42:8e:
                    b6:93:82:bd:66:75:9a:d2:dd:4f:31:33:ea:64:c7:
                    37:45:45:e6:69:d5:6c:d6:6c:d9:78:cf:2c:4b:ff:
                    28:af:78:ea:51:d4:73:29:18:f7:90:44:ac:28:52:
                    aa:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:65:10:51:7F:F5:48:7B:92:75:C1:4F:71:01:84:F9:C3:33:29:AF
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cbc192ee-d8a1-4b4e-b1ce-720db745ca6b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  108.157.240.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b0:c6:16:d1:b6:14:21:2f:41:ec:6f:e7:39:90:a6:94:91:33:
         af:8d:e8:3a:f5:cb:ce:8e:65:34:24:a9:45:a8:d5:31:7b:1b:
         93:e5:2c:a7:24:34:f3:48:90:86:46:0a:c1:e7:2b:d2:08:09:
         80:99:77:e4:b7:04:2b:2b:fc:03:0d:59:9b:3b:da:3c:5a:9d:
         20:2b:2b:4f:92:6f:db:2b:17:e0:24:68:b3:37:33:3c:78:31:
         11:06:03:39:85:37:f3:e3:59:d6:03:30:20:b4:4b:b9:a6:49:
         85:de:c1:d1:91:8f:53:69:28:53:a5:95:8f:71:79:a8:7b:00:
         ca:5c:f4:89:2c:e7:35:be:9a:72:ba:ef:91:18:03:72:45:95:
         65:4c:bd:4e:74:20:b2:ae:ea:e2:52:22:37:04:02:41:42:a3:
         94:06:98:76:92:e7:f8:3d:cc:6d:f1:cb:91:b8:83:38:fa:4b:
         90:1b:94:c2:db:c6:4b:d9:5a:50:cb:35:b4:d3:66:3c:36:e0:
         bc:8b:3e:7e:49:56:a8:d1:d2:d6:8a:3f:f5:c2:29:fc:18:f4:
         05:a3:6d:34:c3:69:f4:0a:20:2a:2d:32:14:92:5b:31:26:8f:
         40:e5:f8:f4:4f:c5:09:fb:ab:a4:e7:20:91:e8:9e:d1:fd:9a:
         c4:32:90:3f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdex6sVfVzbOoQ25e2MsFnytR+ecwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIwMDA0MTEzWhcNMjUxMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A0M2ZlYmRhMTM2ZmU1ZGNkNzlhZmNhYjRjNmZjOWIwZmI5
ZjZjMGE2YzNlYWJkMjE4YTExODRlMzdkNTRlOWM3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDUZ5DttPphqbVORZQDrFPYGerM3DcFOrCka2Cciwj9PcQD
MMCCkzHVJkkzF8pBIs+sH5x1KOlRt1RUBftb1cLkx1TAOEe+OEYi7sgOhGsTzPbU
Y48HVyoenMNhB7SryBSYhHaloTiQdMoO5hkfVdV51CbcBtKS1hjA6zQHId6n3F+Q
zlxgygRaK5dPenB+4iYNNuG3C9Lu+n+BxtveNE+Ot3K2ePYUuX44joyWhLc1UqkC
NXB6FaJzEe1GZ/R7aY/PycDjWpzU0WW0HtTclkVCjraTgr1mdZrS3U8xM+pkxzdF
ReZp1WzWbNl4zyxL/yiveOpR1HMpGPeQRKwoUqq1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUxWUQUX/1SHuSdcFPcQGE+cMzKa8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NiYzE5MmVlLWQ4YTEtNGI0ZS1iMWNlLTcyMGRiNzQ1Y2E2Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJsnfAwDQYJKoZIhvcNAQELBQADggEBALDGFtG2FCEvQexv5zmQppSRM6+N
6Dr1y86OZTQkqUWo1TF7G5PlLKckNPNIkIZGCsHnK9IICYCZd+S3BCsr/AMNWZs7
2jxanSArK0+Sb9srF+AkaLM3Mzx4MREGAzmFN/PjWdYDMCC0S7mmSYXewdGRj1Np
KFOllY9xeah7AMpc9Iks5zW+mnK675EYA3JFlWVMvU50ILKu6uJSIjcEAkFCo5QG
mHaS5/g9zG3xy5G4gzj6S5AblMLbxkvZWlDLNbTTZjw24LyLPn5JVqjR0taKP/XC
KfwY9AWjbTTDafQKICotMhSSWzEmj0Dl+PRPxQn7q6TnIJHontH9msQykD8=
-----END CERTIFICATE-----