Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dab24578-0ed3-4171-a698-4a0032cf4b07.roa
File:                     dab24578-0ed3-4171-a698-4a0032cf4b07.roa (raw, json)
Hash identifier:          6bFoWicqp9ct9cx+8MlHjGESkcSsWynYV8jyseTc8IU=
Subject key identifier:   25:0B:53:AF:D6:33:D3:68:75:71:FD:19:D0:04:49:FB:A3:72:29:5E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       518928E0E00691D799AB7C543F1BF49EBC0ADB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dab24578-0ed3-4171-a698-4a0032cf4b07.roa
Signing time:             Fri 03 Oct 2025 15:01:04 +0000
ROA not before:           Fri 03 Oct 2025 15:01:04 +0000
ROA not after:            Fri 07 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        99.82.166.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:89:28:e0:e0:06:91:d7:99:ab:7c:54:3f:1b:f4:9e:bc:0a:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  3 15:01:04 2025 GMT
            Not After : Nov  7 23:59:59 2025 GMT
        Subject: serialNumber=0692181029dde3abb28b1e57a77c52cc854a595237aa51352b887a4a3b1fda08, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:c5:2c:08:fd:9e:b3:18:61:e6:7e:fb:cb:04:
                    a9:b5:08:f9:59:77:3d:da:e3:de:88:4d:df:54:7c:
                    a3:04:60:81:24:be:8c:93:4b:df:25:7f:cb:1e:69:
                    b6:7d:95:f9:9b:0f:04:21:12:4d:e6:12:e7:ce:7b:
                    18:6d:4e:84:12:75:f5:df:57:da:d6:27:80:02:a5:
                    30:a3:68:1b:11:11:31:2c:f2:17:66:d1:b9:30:ed:
                    d6:c4:1c:39:f1:6f:c9:43:65:22:fb:77:f3:19:ff:
                    8b:f5:1b:49:7f:30:42:e2:3a:b5:fc:28:93:1c:1c:
                    38:4a:68:82:7c:04:ee:ed:99:fa:b9:71:e8:e4:75:
                    7f:6e:7e:48:97:77:f5:d7:06:ca:91:c5:98:d7:5b:
                    88:c8:67:e9:30:2f:2a:11:7d:08:ec:a1:17:5c:d9:
                    96:e8:6e:8e:17:50:5e:1d:2f:f0:a7:05:26:e6:a1:
                    dd:e2:14:d2:14:f1:dc:92:c7:4c:9c:0e:1c:18:cc:
                    40:dc:4d:13:4a:16:71:d8:1b:26:c3:cd:38:ab:5f:
                    4f:b5:ac:6c:b9:42:0e:e6:cb:6f:8e:27:01:88:fe:
                    fc:5d:34:a9:89:cb:2b:02:76:d0:c1:73:6b:06:44:
                    9c:dc:ef:97:8d:61:de:25:d5:bc:f6:3b:bd:61:19:
                    a1:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:0B:53:AF:D6:33:D3:68:75:71:FD:19:D0:04:49:FB:A3:72:29:5E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dab24578-0ed3-4171-a698-4a0032cf4b07.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.82.166.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:a7:09:b0:77:88:1e:e3:b3:23:88:9f:ce:49:da:8b:19:74:
         89:f2:cc:39:87:bc:9e:b3:bd:fd:a8:90:ac:5d:a4:d9:15:48:
         c1:da:eb:e5:6b:df:92:67:9f:1d:4f:d7:53:d3:c4:23:3e:f3:
         2a:85:fe:27:74:d5:93:31:5e:22:59:f4:1e:43:3d:63:c0:ca:
         16:06:c3:ae:98:16:8e:cc:72:ff:ac:90:3d:4d:be:95:0b:5d:
         1a:18:24:21:97:88:91:35:1d:1b:d4:5d:08:2a:76:16:7a:65:
         70:85:23:8f:1c:9f:72:0d:2c:5b:01:7d:c5:4f:c6:31:8c:49:
         b5:0b:c4:5b:e7:52:52:8a:10:7e:43:4e:37:71:7c:d1:30:54:
         d8:00:aa:76:34:70:99:1b:63:10:a4:d8:67:cb:78:2e:8b:46:
         8c:d1:9a:f0:c0:69:d1:d4:7e:38:86:82:3f:7e:fc:e4:2b:53:
         b1:17:d1:6b:35:75:aa:bc:2e:3a:84:27:51:e8:67:ae:03:9b:
         fa:ba:97:bc:7a:06:9c:cc:89:87:b7:a2:0a:63:bf:99:f1:7a:
         9a:a8:82:45:53:95:d4:56:4b:3b:bb:12:b8:36:15:3a:9e:21:
         b3:aa:a0:94:20:83:63:08:17:6a:0d:65:c4:0f:71:7f:da:55:
         91:e3:fd:7f
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITUYko4OAGkdeZq3xUPxv0nrwK2zANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzI2ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAxOGQ0MmJlMzU4ZWIz
NzEwN2RiZThjYjcxZDBhNzAeFw0yNTEwMDMxNTAxMDRaFw0yNTExMDcyMzU5NTla
MHoxSTBHBgNVBAUTQDA2OTIxODEwMjlkZGUzYWJiMjhiMWU1N2E3N2M1MmNjODU0
YTU5NTIzN2FhNTEzNTJiODg3YTRhM2IxZmRhMDgxLTArBgNVBAMTJGIyNWM5NzBm
LWQ4MTMtNDQ1Yy1iZmUyLTYyNjY4NTE4Yzg3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL7FLAj9nrMYYeZ++8sEqbUI+Vl3Pdrj3ohN31R8owRggSS+
jJNL3yV/yx5ptn2V+ZsPBCESTeYS5857GG1OhBJ19d9X2tYngAKlMKNoGxERMSzy
F2bRuTDt1sQcOfFvyUNlIvt38xn/i/UbSX8wQuI6tfwokxwcOEpognwE7u2Z+rlx
6OR1f25+SJd39dcGypHFmNdbiMhn6TAvKhF9COyhF1zZluhujhdQXh0v8KcFJuah
3eIU0hTx3JLHTJwOHBjMQNxNE0oWcdgbJsPNOKtfT7WsbLlCDubLb44nAYj+/F00
qYnLKwJ20MFzawZEnNzvl41h3iXVvPY7vWEZoWkCAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBQlC1Ov1jPTaHVx/RnQBEn7o3IpXjAfBgNVHSMEGDAWgBQQXdeNVXhAq0Nd
vRUhII8p+kk/rjAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzFiYTMwMmI4LThk
YWItNDkxZC1iOWVkLWQ3YzkyZDAzMGQ4Mi82ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAx
OGQ0MmJlMzU4ZWIzNzEwN2RiZThjYjcxZDBhNy5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8yMGFhMzI5Yi1mYzUyLTRjNjEtYmY1My0wOTcy
NWMwNDI5NDIvZGFiMjQ1NzgtMGVkMy00MTcxLWE2OTgtNGEwMDMyY2Y0YjA3LnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMt
MDk3MjVjMDQyOTQyL19xeDNSSjhCalVLLU5ZNnpjUWZiNk10eDBLYy5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAGNSpjANBgkqhkiG9w0BAQsFAAOCAQEASKcJsHeIHuOzI4ifzknaixl0ifLM
OYe8nrO9/aiQrF2k2RVIwdrr5WvfkmefHU/XU9PEIz7zKoX+J3TVkzFeIln0HkM9
Y8DKFgbDrpgWjsxy/6yQPU2+lQtdGhgkIZeIkTUdG9RdCCp2FnplcIUjjxyfcg0s
WwF9xU/GMYxJtQvEW+dSUooQfkNON3F80TBU2ACqdjRwmRtjEKTYZ8t4LotGjNGa
8MBp0dR+OIaCP3785CtTsRfRazV1qrwuOoQnUehnrgOb+rqXvHoGnMyJh7eiCmO/
mfF6mqiCRVOV1FZLO7sSuDYVOp4hs6qglCCDYwgXag1lxA9xf9pVkeP9fw==
-----END CERTIFICATE-----