Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/00c79a27-a1df-4e67-a58d-447d3fa2dde2.roa
File:                     00c79a27-a1df-4e67-a58d-447d3fa2dde2.roa (raw, json)
Hash identifier:          QwFYl4HcIsV+TDQOq/LAyzGoPOLr2J8izecICD+MbMY=
Subject key identifier:   B8:3F:62:E8:D1:39:63:83:62:01:23:00:7C:B4:7A:F3:C1:27:0D:88
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       48B8B7A7E8CCDB64D2D3323B3F58901AD88BC375
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/00c79a27-a1df-4e67-a58d-447d3fa2dde2.roa
Signing time:             Fri 31 Oct 2025 01:01:04 +0000
ROA not before:           Fri 31 Oct 2025 01:01:04 +0000
ROA not after:            Fri 05 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        50.18.48.0/20 maxlen: 20
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:b8:b7:a7:e8:cc:db:64:d2:d3:32:3b:3f:58:90:1a:d8:8b:c3:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 31 01:01:04 2025 GMT
            Not After : Dec  5 23:59:59 2025 GMT
        Subject: serialNumber=9bf5a6b211a26102596ad7277003cb63fbfb90c6087e28a589950c8c418e7ce6, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:ca:56:c1:ae:55:14:dd:31:78:1d:85:49:c0:
                    c9:53:4c:89:46:d9:33:a4:b4:ff:ee:53:cb:38:16:
                    ed:b2:ed:4c:80:e3:44:4e:18:71:9f:01:8f:e9:b7:
                    c7:0f:10:04:87:43:54:21:a5:5a:26:80:f9:10:72:
                    e8:65:6e:fc:58:40:c2:87:1d:34:88:03:36:41:b3:
                    60:be:cd:77:0e:da:0f:6e:5b:45:eb:e4:b2:ae:8a:
                    e5:73:74:f6:5b:3e:92:5d:bc:5a:81:aa:bc:e9:58:
                    93:6b:9c:c8:d3:62:eb:4c:bb:db:0d:09:27:cb:10:
                    17:3b:57:4e:7b:d2:ea:9e:23:32:7e:33:16:10:ba:
                    f6:b8:6e:f4:22:d8:3b:9b:c8:a7:13:3b:bb:f8:45:
                    85:f5:f7:ba:19:7b:bc:ea:d2:6c:a9:42:c3:92:df:
                    40:de:a8:6b:a6:b1:34:9f:5f:e4:f6:03:10:65:fa:
                    4e:db:b7:d4:b8:dd:cc:84:3d:bf:ca:b6:2d:39:aa:
                    f7:06:3f:4f:bb:bf:cf:7b:c0:5d:a8:5e:47:b2:4f:
                    33:ff:f2:06:4c:ad:ba:81:7e:4d:0e:a5:51:66:4b:
                    2d:77:d8:9c:dc:c3:7d:21:f6:e8:5f:c8:3b:a2:00:
                    84:11:15:5d:b9:b5:f4:e0:d2:a6:62:56:a6:58:21:
                    d1:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:3F:62:E8:D1:39:63:83:62:01:23:00:7C:B4:7A:F3:C1:27:0D:88
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/00c79a27-a1df-4e67-a58d-447d3fa2dde2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  50.18.48.0/20

    Signature Algorithm: sha256WithRSAEncryption
         0f:c8:7d:4b:61:f1:65:2d:ad:d6:d9:71:a1:30:ef:02:ee:8d:
         fc:39:ae:bd:9d:6a:ae:e1:53:da:d6:e2:f9:89:b1:98:01:10:
         c5:b1:91:3a:0f:44:9b:2d:00:b2:c6:55:3c:d6:73:73:6a:a7:
         3d:5b:a9:44:11:57:77:b0:f2:a2:78:ab:58:df:45:5f:1c:e2:
         89:e4:1d:63:44:82:bd:c5:97:af:cc:81:54:17:d1:1b:e8:1e:
         4a:db:aa:92:96:10:69:8f:e8:f6:44:dd:28:d5:9e:ec:f1:02:
         f3:2e:c5:80:83:cf:2a:e3:db:d2:1a:5a:d7:20:b4:6d:0b:46:
         4b:f8:86:3d:90:f9:c3:70:48:1f:fd:f1:25:64:70:18:3e:69:
         f3:7a:f9:c2:da:b6:47:bf:d6:af:49:b9:10:62:f3:ed:19:4c:
         37:55:63:d9:32:f9:be:bc:b8:24:bd:2b:39:51:dd:15:09:ca:
         8a:7e:33:d5:59:9d:55:c9:d5:f1:db:76:84:19:ad:58:69:13:
         f7:ec:ba:e0:a8:14:84:61:e1:03:55:79:91:7c:cf:db:b4:96:
         ac:b9:89:26:14:26:63:68:47:77:ad:f9:8f:b5:72:be:b4:bd:
         2c:b7:2a:0d:89:55:9f:ee:3f:43:9a:94:b6:c5:33:9c:0e:f5:
         d4:9b:89:56
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSLi3p+jM22TS0zI7P1iQGtiLw3UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDMxMDEwMTA0WhcNMjUxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A5YmY1YTZiMjExYTI2MTAyNTk2YWQ3Mjc3MDAzY2I2M2Zi
ZmI5MGM2MDg3ZTI4YTU4OTk1MGM4YzQxOGU3Y2U2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1ylbBrlUU3TF4HYVJwMlTTIlG2TOktP/uU8s4Fu2y7UyA
40ROGHGfAY/pt8cPEASHQ1QhpVomgPkQcuhlbvxYQMKHHTSIAzZBs2C+zXcO2g9u
W0Xr5LKuiuVzdPZbPpJdvFqBqrzpWJNrnMjTYutMu9sNCSfLEBc7V0570uqeIzJ+
MxYQuva4bvQi2DubyKcTO7v4RYX197oZe7zq0mypQsOS30DeqGumsTSfX+T2AxBl
+k7bt9S43cyEPb/Kti05qvcGP0+7v897wF2oXkeyTzP/8gZMrbqBfk0OpVFmSy13
2Jzcw30h9uhfyDuiAIQRFV25tfTg0qZiVqZYIdFRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUuD9i6NE5Y4NiASMAfLR688EnDYgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzAwYzc5YTI3LWExZGYtNGU2Ny1hNThkLTQ0N2QzZmEyZGRlMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQyEjAwDQYJKoZIhvcNAQELBQADggEBAA/IfUth8WUtrdbZcaEw7wLujfw5
rr2daq7hU9rW4vmJsZgBEMWxkToPRJstALLGVTzWc3Nqpz1bqUQRV3ew8qJ4q1jf
RV8c4onkHWNEgr3Fl6/MgVQX0RvoHkrbqpKWEGmP6PZE3SjVnuzxAvMuxYCDzyrj
29IaWtcgtG0LRkv4hj2Q+cNwSB/98SVkcBg+afN6+cLatke/1q9JuRBi8+0ZTDdV
Y9ky+b68uCS9KzlR3RUJyop+M9VZnVXJ1fHbdoQZrVhpE/fsuuCoFIRh4QNVeZF8
z9u0lqy5iSYUJmNoR3et+Y+1cr60vSy3Kg2JVZ/uP0OalLbFM5wO9dSbiVY=
-----END CERTIFICATE-----