Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d52a2426-22bb-4acf-ba82-9cc75ad6512e.roa
File:                     d52a2426-22bb-4acf-ba82-9cc75ad6512e.roa (raw, json)
Hash identifier:          k3ryNEiTtZPcDPKJk5womfwLMbt4X9facCTvFO0inBM=
Subject key identifier:   C4:E4:7D:8A:36:23:EA:D2:07:D6:37:EA:C8:8D:48:80:58:71:99:51
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6A70AEBA8026FF8417091F3B5A49A7647AFE792A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d52a2426-22bb-4acf-ba82-9cc75ad6512e.roa
Signing time:             Fri 03 Oct 2025 00:43:06 +0000
ROA not before:           Fri 03 Oct 2025 00:43:06 +0000
ROA not after:            Fri 07 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.247.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:70:ae:ba:80:26:ff:84:17:09:1f:3b:5a:49:a7:64:7a:fe:79:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  3 00:43:06 2025 GMT
            Not After : Nov  7 23:59:59 2025 GMT
        Subject: serialNumber=2527651660bfca89b258c91baa1f8d4d62657410fcfa42681db45fae08557b47, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:19:88:b5:c5:42:77:63:61:ff:66:ac:48:d2:
                    11:eb:2e:5a:4e:ed:3e:a8:39:d8:ac:46:58:20:e3:
                    33:f6:11:10:7e:5c:b4:96:16:07:e3:d1:3f:f8:d9:
                    06:c4:71:27:9b:61:61:77:81:04:4a:42:3a:ca:49:
                    9f:40:68:3a:09:48:89:8f:4e:d5:74:90:ed:75:92:
                    00:19:54:d9:4a:94:61:39:31:87:ff:ca:95:08:54:
                    81:60:10:eb:88:e6:8d:18:88:79:24:31:46:12:93:
                    cf:19:1d:64:d3:54:bc:da:62:0a:3f:47:e2:a6:35:
                    ba:02:77:23:04:05:a9:20:a7:b4:13:44:ad:d3:ca:
                    7f:3f:98:a0:91:ec:3a:73:47:86:47:b6:43:b9:7a:
                    db:c4:bf:da:cd:57:64:1b:4d:ae:f3:79:0e:41:38:
                    5b:1f:c2:41:66:43:7f:e2:c3:cf:65:f8:42:a3:e5:
                    34:a9:21:57:c5:a1:28:f8:c6:7b:b4:d6:9b:88:ae:
                    83:29:97:0e:0b:6d:d9:c1:4e:fc:0c:9e:bb:4b:a8:
                    15:b1:d7:aa:e5:61:72:d4:04:64:c9:2b:7c:b1:ba:
                    1c:0a:e6:e4:55:0b:05:54:84:78:66:59:82:5b:b4:
                    c7:64:1f:d2:d9:eb:bc:1d:c2:7a:11:40:2b:bb:6c:
                    7b:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:E4:7D:8A:36:23:EA:D2:07:D6:37:EA:C8:8D:48:80:58:71:99:51
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d52a2426-22bb-4acf-ba82-9cc75ad6512e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.247.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:47:0f:4e:ac:38:df:6b:62:d3:66:d5:ba:4c:2d:0f:cc:41:
         8e:9a:0f:d7:4f:00:35:5f:db:e3:1a:64:1c:ee:23:20:02:9f:
         ee:c1:06:f2:47:67:7a:f4:3f:c0:4e:c7:bb:27:d2:6d:4a:02:
         05:30:b1:d9:38:7c:97:3e:f8:d2:af:fa:8b:d7:35:e8:16:b7:
         e6:db:f5:70:08:c7:9e:01:56:b8:32:70:6c:4a:ca:d3:31:8a:
         44:8d:22:d5:c3:2f:d1:b6:ea:6c:d1:51:f7:da:30:00:97:e2:
         91:59:8a:19:cb:f3:55:dd:43:3a:77:c3:6d:2a:38:04:6c:9b:
         e2:8e:46:0a:d7:ff:84:5d:cb:f9:e6:9e:4c:92:2f:59:77:30:
         cb:6f:46:4c:f9:78:81:66:78:02:96:26:f4:35:96:cf:b2:fa:
         0a:10:30:1d:92:47:a4:c0:91:73:0f:cd:ed:08:e4:88:ff:de:
         0d:04:fe:7d:77:c9:e9:4c:c9:ec:85:01:68:db:70:dd:40:e6:
         8d:bc:4f:9b:03:5a:bc:46:be:0b:51:b1:20:57:fb:9e:76:f2:
         ac:56:ae:0e:98:f1:9b:9b:98:ca:d3:19:96:40:79:c7:7b:95:
         07:67:93:21:93:9a:01:42:15:12:d6:0c:12:8f:29:2f:c4:0b:
         17:14:2b:3e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUanCuuoAm/4QXCR87WkmnZHr+eSowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAzMDA0MzA2WhcNMjUxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0AyNTI3NjUxNjYwYmZjYTg5YjI1OGM5MWJhYTFmOGQ0ZDYy
NjU3NDEwZmNmYTQyNjgxZGI0NWZhZTA4NTU3YjQ3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDBGYi1xUJ3Y2H/ZqxI0hHrLlpO7T6oOdisRlgg4zP2ERB+
XLSWFgfj0T/42QbEcSebYWF3gQRKQjrKSZ9AaDoJSImPTtV0kO11kgAZVNlKlGE5
MYf/ypUIVIFgEOuI5o0YiHkkMUYSk88ZHWTTVLzaYgo/R+KmNboCdyMEBakgp7QT
RK3Tyn8/mKCR7DpzR4ZHtkO5etvEv9rNV2QbTa7zeQ5BOFsfwkFmQ3/iw89l+EKj
5TSpIVfFoSj4xnu01puIroMplw4LbdnBTvwMnrtLqBWx16rlYXLUBGTJK3yxuhwK
5uRVCwVUhHhmWYJbtMdkH9LZ67wdwnoRQCu7bHvRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUxOR9ijYj6tIH1jfqyI1IgFhxmVEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Q1MmEyNDI2LTIyYmItNGFjZi1iYTgyLTljYzc1YWQ2NTEyZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTfcwDQYJKoZIhvcNAQELBQADggEBACpHD06sON9rYtNm1bpMLQ/MQY6a
D9dPADVf2+MaZBzuIyACn+7BBvJHZ3r0P8BOx7sn0m1KAgUwsdk4fJc++NKv+ovX
NegWt+bb9XAIx54BVrgycGxKytMxikSNItXDL9G26mzRUffaMACX4pFZihnL81Xd
Qzp3w20qOARsm+KORgrX/4Rdy/nmnkySL1l3MMtvRkz5eIFmeAKWJvQ1ls+y+goQ
MB2SR6TAkXMPze0I5Ij/3g0E/n13yelMyeyFAWjbcN1A5o28T5sDWrxGvgtRsSBX
+5528qxWrg6Y8ZubmMrTGZZAecd7lQdnkyGTmgFCFRLWDBKPKS/ECxcUKz4=
-----END CERTIFICATE-----