Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fbd49bcd-224f-4a8b-93d2-80dc17cdd84c.roa
File:                     fbd49bcd-224f-4a8b-93d2-80dc17cdd84c.roa (raw, json)
Hash identifier:          w8jUu8esZYhuqGaa0DrqiFUkp388vy3aQO6omJaVDAQ=
Subject key identifier:   D8:10:36:66:0D:2E:46:83:39:0A:EC:9E:0D:85:0F:28:F6:31:53:F0
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7604A62F4F20B561F5158A141BB9307F373F2918
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fbd49bcd-224f-4a8b-93d2-80dc17cdd84c.roa
Signing time:             Wed 01 Oct 2025 00:41:17 +0000
ROA not before:           Wed 01 Oct 2025 00:41:17 +0000
ROA not after:            Wed 05 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        64.252.69.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:04:a6:2f:4f:20:b5:61:f5:15:8a:14:1b:b9:30:7f:37:3f:29:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  1 00:41:17 2025 GMT
            Not After : Nov  5 23:59:59 2025 GMT
        Subject: serialNumber=7dda5b00277ca79fba280ef666c1a218619206eb09ad139fd99ea497e00bc084, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:03:96:ea:41:95:ca:3c:a3:44:64:45:64:3b:
                    48:17:d4:b8:47:64:c1:da:53:44:09:65:f4:05:70:
                    e0:6b:ce:81:b7:39:4b:f8:6a:62:74:78:be:0c:bb:
                    80:99:a8:c8:d9:b5:75:cf:46:14:89:01:40:0f:70:
                    b3:04:fb:a9:fc:c8:4a:30:2a:82:11:16:37:60:e4:
                    48:33:ee:ba:23:ac:ab:b8:5a:ef:cf:23:18:5b:b7:
                    16:57:3b:3b:27:c3:97:ae:56:82:e9:cc:54:0d:1d:
                    ff:3c:94:bf:18:e1:7e:51:2d:54:7b:e6:06:3f:d4:
                    4b:fc:23:5d:4e:f2:44:15:b1:9a:12:e2:e8:c3:ee:
                    37:cd:52:49:4b:a7:0c:b7:f6:92:2b:62:3f:0e:15:
                    ae:2a:24:2b:66:22:12:ca:82:97:ba:fe:e9:2c:66:
                    81:46:83:50:65:92:64:9c:13:b0:a6:1d:21:e8:8e:
                    cc:8a:25:26:11:7e:6d:7d:fa:ea:a3:7a:ad:aa:5e:
                    f3:25:29:14:3a:4d:f3:d0:a3:05:38:06:a9:a4:17:
                    1f:03:aa:5f:65:65:f1:a7:23:d8:1d:e9:61:30:bb:
                    71:f6:23:f2:b7:7d:ad:ab:b8:69:6c:44:d4:72:be:
                    27:2a:98:61:ce:c5:1a:3b:df:33:16:7e:29:68:14:
                    6d:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:10:36:66:0D:2E:46:83:39:0A:EC:9E:0D:85:0F:28:F6:31:53:F0
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fbd49bcd-224f-4a8b-93d2-80dc17cdd84c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.252.69.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:b5:3d:76:15:8e:1c:7c:20:72:93:1a:74:ac:ba:5d:0c:ba:
         fd:0b:66:be:86:04:40:a0:f1:62:7f:07:28:e5:d7:ec:97:dd:
         fa:4f:63:9b:f7:01:78:27:cb:f1:4a:43:89:fa:2c:18:b6:80:
         d9:5d:5f:77:0e:62:26:d1:d5:17:3a:4d:ee:18:3d:da:e2:28:
         eb:9a:18:84:41:93:06:b8:13:3b:6c:79:b3:da:f6:83:db:ea:
         3c:27:83:07:51:36:50:75:a0:b2:07:aa:49:87:07:a0:8e:93:
         4c:9b:dd:ab:db:9c:e4:b7:cf:7d:40:43:22:13:6c:42:92:37:
         cd:af:64:fd:03:55:77:bf:c7:b1:88:7d:2b:a0:2b:45:5e:79:
         06:d9:27:34:9a:84:04:03:08:c3:c7:c4:28:30:e8:76:be:b3:
         50:91:67:ad:57:a5:21:e6:39:24:b5:19:8b:df:37:38:eb:48:
         34:4e:b8:68:a2:1c:66:38:f0:0f:fe:7d:a1:4e:99:b2:04:00:
         89:9e:df:ad:d4:d7:8f:c9:33:d2:a8:83:cf:4c:01:6d:ad:41:
         fb:eb:b3:e4:5d:55:b8:89:43:0a:b8:6a:87:ce:a1:b4:96:9a:
         b4:a8:30:b4:11:31:78:c5:1a:46:71:fb:93:04:d5:56:2e:c1:
         ee:af:32:6a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdgSmL08gtWH1FYoUG7kwfzc/KRgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDA0MTE3WhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A3ZGRhNWIwMDI3N2NhNzlmYmEyODBlZjY2NmMxYTIxODYx
OTIwNmViMDlhZDEzOWZkOTllYTQ5N2UwMGJjMDg0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDCA5bqQZXKPKNEZEVkO0gX1LhHZMHaU0QJZfQFcOBrzoG3
OUv4amJ0eL4Mu4CZqMjZtXXPRhSJAUAPcLME+6n8yEowKoIRFjdg5Egz7rojrKu4
Wu/PIxhbtxZXOzsnw5euVoLpzFQNHf88lL8Y4X5RLVR75gY/1Ev8I11O8kQVsZoS
4ujD7jfNUklLpwy39pIrYj8OFa4qJCtmIhLKgpe6/uksZoFGg1BlkmScE7CmHSHo
jsyKJSYRfm19+uqjeq2qXvMlKRQ6TfPQowU4BqmkFx8Dql9lZfGnI9gd6WEwu3H2
I/K3fa2ruGlsRNRyvicqmGHOxRo73zMWfiloFG1dAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU2BA2Zg0uRoM5CuyeDYUPKPYxU/AwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ZiZDQ5YmNkLTIyNGYtNGE4Yi05M2QyLTgwZGMxN2NkZDg0Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABA/EUwDQYJKoZIhvcNAQELBQADggEBAHC1PXYVjhx8IHKTGnSsul0Muv0L
Zr6GBECg8WJ/Byjl1+yX3fpPY5v3AXgny/FKQ4n6LBi2gNldX3cOYibR1Rc6Te4Y
PdriKOuaGIRBkwa4EztsebPa9oPb6jwngwdRNlB1oLIHqkmHB6COk0yb3avbnOS3
z31AQyITbEKSN82vZP0DVXe/x7GIfSugK0VeeQbZJzSahAQDCMPHxCgw6Ha+s1CR
Z61XpSHmOSS1GYvfNzjrSDROuGiiHGY48A/+faFOmbIEAIme363U14/JM9Kog89M
AW2tQfvrs+RdVbiJQwq4aofOobSWmrSoMLQRMXjFGkZx+5ME1VYuwe6vMmo=
-----END CERTIFICATE-----