Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e5ea8925-9558-4469-8ce3-9d1b73305dd2.roa
File:                     e5ea8925-9558-4469-8ce3-9d1b73305dd2.roa (raw, json)
Hash identifier:          LR86UrH9yLa6xmeEKRE0OSCJOjmMgfOEGHikx7Dcl5U=
Subject key identifier:   DE:9F:96:14:E2:9C:B5:EE:8C:F3:E5:8D:6F:F1:76:77:14:8D:62:94
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       493D22840A41A97C9195A887CB0D908B3B8AB69A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e5ea8925-9558-4469-8ce3-9d1b73305dd2.roa
Signing time:             Fri 17 Oct 2025 00:12:02 +0000
ROA not before:           Fri 17 Oct 2025 00:12:02 +0000
ROA not after:            Fri 21 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        1.178.4.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:3d:22:84:0a:41:a9:7c:91:95:a8:87:cb:0d:90:8b:3b:8a:b6:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 17 00:12:02 2025 GMT
            Not After : Nov 21 23:59:59 2025 GMT
        Subject: serialNumber=a50636c5238ff09716940a22fff32a282c1a0a1de94167f7ee45cf885f5eaa6c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:29:90:12:d5:79:54:c1:13:52:6e:d7:7a:a2:
                    89:2e:75:cc:09:69:80:c6:4b:15:1b:5b:9f:0b:87:
                    27:af:71:54:cf:1c:74:8e:eb:37:e9:8a:f8:c1:3c:
                    4f:2a:53:42:be:bd:b0:1f:20:75:57:fc:3b:1c:75:
                    eb:7f:8d:a1:62:13:69:7a:af:43:f3:ef:81:b4:c1:
                    13:1b:a3:b5:ae:8c:b3:84:b4:dd:c3:12:f3:95:79:
                    c9:ba:3c:b9:5d:bd:d7:7d:9e:fa:9f:4b:a3:4e:0f:
                    22:2e:fa:fb:6d:3f:3a:47:14:5d:c1:da:cc:fa:fc:
                    00:4e:fa:ae:0f:7a:cd:b1:c3:72:b3:64:76:2e:f9:
                    97:7f:da:44:a6:fb:2a:17:fa:12:b4:d2:65:2e:95:
                    75:8b:61:5c:7b:b9:0f:43:e3:02:b3:a3:a1:fa:af:
                    48:70:a3:c9:b9:a3:64:cb:8e:b6:db:02:cc:4a:31:
                    28:25:d2:f1:ef:25:b6:95:cc:43:39:aa:25:9a:e6:
                    40:be:37:cd:07:b4:6a:53:15:08:b2:76:2f:49:bc:
                    8b:2c:c4:0d:02:9a:df:6c:54:6d:fa:f1:33:19:67:
                    8f:11:63:cf:9d:bf:bd:0d:f7:2e:f4:60:0a:0d:75:
                    2c:33:ed:16:9c:cc:e0:da:1f:2a:94:77:a6:1c:bd:
                    b8:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:9F:96:14:E2:9C:B5:EE:8C:F3:E5:8D:6F:F1:76:77:14:8D:62:94
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e5ea8925-9558-4469-8ce3-9d1b73305dd2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.178.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         83:aa:fc:9f:f8:7f:bc:70:e8:02:76:04:6b:14:b8:54:88:68:
         aa:e4:e1:0f:74:09:f0:6c:91:14:5f:65:2c:03:d2:1e:83:c9:
         f2:f4:e6:cd:d2:c2:0a:1f:5e:00:68:56:87:e5:1e:d9:3f:b8:
         65:84:24:27:42:77:3d:b7:2a:f7:9d:13:7b:94:39:4c:f5:3c:
         f1:2b:00:95:59:72:f0:7e:35:b8:d0:9c:a3:0b:be:43:a2:4b:
         0a:ba:6b:34:32:5c:60:05:6d:dd:ca:dd:e7:ed:c6:ea:93:49:
         a2:e1:c0:ae:e7:d9:b6:53:da:e1:d2:81:53:d8:d3:fd:ff:8e:
         16:e2:c7:bb:9e:75:23:87:01:18:a5:da:74:71:7b:a0:9d:45:
         ca:82:60:de:7b:ae:07:7e:a9:6a:a2:ee:93:f2:e0:c0:05:e2:
         4e:04:8a:bc:d8:97:ec:eb:4e:68:41:64:fb:c9:5a:87:71:99:
         4c:a9:0e:e9:5b:92:7c:ce:8b:c7:16:86:d5:34:d5:e2:ac:d8:
         d9:bd:ea:dc:c9:fc:f8:f4:4b:08:73:2a:f7:31:e0:95:26:6d:
         9f:5d:b5:65:0e:98:f5:2d:4f:8e:d7:a4:60:3f:c5:fe:8b:72:
         22:36:29:80:79:e4:4d:eb:8f:f8:44:42:4c:62:7f:91:40:6c:
         a7:19:34:7c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUST0ihApBqXyRlaiHyw2QizuKtpowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE3MDAxMjAyWhcNMjUxMTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0BhNTA2MzZjNTIzOGZmMDk3MTY5NDBhMjJmZmYzMmEyODJj
MWEwYTFkZTk0MTY3ZjdlZTQ1Y2Y4ODVmNWVhYTZjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDsKZAS1XlUwRNSbtd6ookudcwJaYDGSxUbW58LhyevcVTP
HHSO6zfpivjBPE8qU0K+vbAfIHVX/Dscdet/jaFiE2l6r0Pz74G0wRMbo7WujLOE
tN3DEvOVecm6PLldvdd9nvqfS6NODyIu+vttPzpHFF3B2sz6/ABO+q4Pes2xw3Kz
ZHYu+Zd/2kSm+yoX+hK00mUulXWLYVx7uQ9D4wKzo6H6r0hwo8m5o2TLjrbbAsxK
MSgl0vHvJbaVzEM5qiWa5kC+N80HtGpTFQiydi9JvIssxA0Cmt9sVG368TMZZ48R
Y8+dv70N9y70YAoNdSwz7RaczODaHyqUd6YcvbhlAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU3p+WFOKcte6M8+WNb/F2dxSNYpQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U1ZWE4OTI1LTk1NTgtNDQ2OS04Y2UzLTlkMWI3MzMwNWRkMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIBsgQwDQYJKoZIhvcNAQELBQADggEBAIOq/J/4f7xw6AJ2BGsUuFSIaKrk
4Q90CfBskRRfZSwD0h6DyfL05s3SwgofXgBoVoflHtk/uGWEJCdCdz23KvedE3uU
OUz1PPErAJVZcvB+NbjQnKMLvkOiSwq6azQyXGAFbd3K3eftxuqTSaLhwK7n2bZT
2uHSgVPY0/3/jhbix7uedSOHARil2nRxe6CdRcqCYN57rgd+qWqi7pPy4MAF4k4E
irzYl+zrTmhBZPvJWodxmUypDulbknzOi8cWhtU01eKs2Nm96tzJ/Pj0SwhzKvcx
4JUmbZ9dtWUOmPUtT47XpGA/xf6LciI2KYB55E3rj/hEQkxif5FAbKcZNHw=
-----END CERTIFICATE-----