Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f97c29c9-3c94-4811-9c51-f893093882a8.roa
File:                     f97c29c9-3c94-4811-9c51-f893093882a8.roa (raw, json)
Hash identifier:          JGXzhclWo1B4aTvmg4TVZWSRWfXsuDXIqKZ3RPGUqzw=
Subject key identifier:   18:AE:ED:3A:F4:76:AB:25:F9:07:CB:7C:BF:5F:B4:23:37:88:0D:59
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0228B650F2842E4FF6E79F907796F896769B0EB8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f97c29c9-3c94-4811-9c51-f893093882a8.roa
Signing time:             Fri 17 Oct 2025 20:10:13 +0000
ROA not before:           Fri 17 Oct 2025 20:10:13 +0000
ROA not after:            Fri 21 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        174.129.128.0/18 maxlen: 18
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:28:b6:50:f2:84:2e:4f:f6:e7:9f:90:77:96:f8:96:76:9b:0e:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 17 20:10:13 2025 GMT
            Not After : Nov 21 23:59:59 2025 GMT
        Subject: serialNumber=314333805da8a26fc54b004cb415fb4ede3aa258d6b147ab0b0eef3adab01ce0, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fa:1f:2f:df:21:3c:52:94:83:eb:2d:50:01:63:
                    cc:c2:33:cf:16:bb:9b:cd:a3:8f:bd:13:13:00:2a:
                    41:34:13:86:0a:1e:11:bd:a0:71:14:21:5f:05:8f:
                    4b:c2:4c:1e:ea:4e:a6:4c:87:38:7d:72:96:29:32:
                    b7:b8:8f:82:be:6e:51:a8:64:47:f5:ed:1d:92:16:
                    21:7e:97:59:ce:a7:c9:11:29:9b:dc:bc:f9:71:3e:
                    1d:2e:b4:ea:d2:28:78:b5:3e:56:11:ff:33:99:5b:
                    c1:26:9d:a0:4d:2c:e3:0c:78:be:5b:62:d4:64:47:
                    1a:aa:d1:d4:27:22:ab:30:d8:f5:8d:53:f6:10:ca:
                    91:d4:e5:a5:c0:34:11:49:ea:5b:98:f8:fc:09:0e:
                    81:73:3d:3d:53:da:39:d5:6b:47:50:91:27:75:27:
                    b3:47:ea:04:01:ff:0a:c7:88:f4:88:15:c0:92:a9:
                    dc:93:cf:9c:e4:3c:e5:71:24:44:77:6a:18:56:30:
                    85:b9:0f:ad:03:4b:5f:1b:16:a8:d2:07:c3:93:7e:
                    9d:4f:72:53:d3:bf:c7:08:f8:f1:d4:70:95:f6:c0:
                    df:3c:9c:1c:ee:ac:b6:01:a5:6f:17:2c:e8:d1:9d:
                    be:8a:ea:d5:78:19:dc:d6:e6:72:9f:ab:41:04:b1:
                    04:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:AE:ED:3A:F4:76:AB:25:F9:07:CB:7C:BF:5F:B4:23:37:88:0D:59
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f97c29c9-3c94-4811-9c51-f893093882a8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  174.129.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         66:3d:05:95:50:e7:d1:93:d5:2a:da:9a:3e:d2:30:ab:16:5e:
         54:21:8b:8f:f2:d8:28:78:d2:6d:c1:01:67:aa:28:3a:40:71:
         67:74:f1:4f:41:25:3e:d3:d1:f1:5a:36:84:de:52:c3:26:4f:
         d2:aa:68:c1:e8:c4:70:f4:af:80:74:61:32:8d:b6:40:b2:5b:
         e5:1c:84:9b:8e:7b:c7:ba:f1:19:42:b4:84:02:34:7a:53:d2:
         3b:ad:57:80:6c:20:ea:64:15:8c:99:72:91:6a:96:2d:f2:94:
         04:72:a6:cc:3b:6d:b8:f2:f1:b6:85:21:c3:4e:a5:53:1a:f1:
         27:19:75:cb:b0:9a:75:2b:b4:55:e1:7e:cb:db:55:17:4a:5a:
         e8:19:1b:07:ef:b5:1c:47:65:81:0c:ce:fd:74:f6:43:f3:80:
         94:85:50:bb:c3:5d:a3:fc:61:d3:fa:20:22:9a:d9:93:dd:90:
         ae:a7:cf:13:54:ca:af:67:c2:97:18:33:0e:49:2a:43:8f:cc:
         da:7f:c1:3b:27:3f:de:c2:e9:fd:bf:fd:41:03:0d:79:6a:59:
         bb:14:e7:ca:33:8e:d9:76:c9:7c:2b:6c:a6:47:cb:db:32:1d:
         51:fb:66:f9:9d:79:e8:e3:8a:fc:f9:35:f7:d4:b1:a0:52:ae:
         f6:ad:8d:63
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAii2UPKELk/255+Qd5b4lnabDrgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE3MjAxMDEzWhcNMjUxMTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0AzMTQzMzM4MDVkYThhMjZmYzU0YjAwNGNiNDE1ZmI0ZWRl
M2FhMjU4ZDZiMTQ3YWIwYjBlZWYzYWRhYjAxY2UwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD6Hy/fITxSlIPrLVABY8zCM88Wu5vNo4+9ExMAKkE0E4YK
HhG9oHEUIV8Fj0vCTB7qTqZMhzh9cpYpMre4j4K+blGoZEf17R2SFiF+l1nOp8kR
KZvcvPlxPh0utOrSKHi1PlYR/zOZW8EmnaBNLOMMeL5bYtRkRxqq0dQnIqsw2PWN
U/YQypHU5aXANBFJ6luY+PwJDoFzPT1T2jnVa0dQkSd1J7NH6gQB/wrHiPSIFcCS
qdyTz5zkPOVxJER3ahhWMIW5D60DS18bFqjSB8OTfp1PclPTv8cI+PHUcJX2wN88
nBzurLYBpW8XLOjRnb6K6tV4GdzW5nKfq0EEsQQFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUGK7tOvR2qyX5B8t8v1+0IzeIDVkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Y5N2MyOWM5LTNjOTQtNDgxMS05YzUxLWY4OTMwOTM4ODJhOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAaugYAwDQYJKoZIhvcNAQELBQADggEBAGY9BZVQ59GT1Sramj7SMKsWXlQh
i4/y2Ch40m3BAWeqKDpAcWd08U9BJT7T0fFaNoTeUsMmT9KqaMHoxHD0r4B0YTKN
tkCyW+UchJuOe8e68RlCtIQCNHpT0jutV4BsIOpkFYyZcpFqli3ylARypsw7bbjy
8baFIcNOpVMa8ScZdcuwmnUrtFXhfsvbVRdKWugZGwfvtRxHZYEMzv109kPzgJSF
ULvDXaP8YdP6ICKa2ZPdkK6nzxNUyq9nwpcYMw5JKkOPzNp/wTsnP97C6f2//UED
DXlqWbsU58ozjtl2yXwrbKZHy9syHVH7Zvmdeejjivz5NffUsaBSrvatjWM=
-----END CERTIFICATE-----