Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/05d4d2f7-1a78-4934-8b97-d3baee111a75.roa
File:                     05d4d2f7-1a78-4934-8b97-d3baee111a75.roa (raw, json)
Hash identifier:          D1V2uDPkvZatXfJNW52EQabzZK6dqUjzumzTLNb3eCk=
Subject key identifier:   1B:E3:DA:CD:FF:EE:C3:19:22:30:74:03:0D:59:36:2C:0E:F3:F2:E7
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7CE174107158D564F1FED2E4E503630E40F8550B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/05d4d2f7-1a78-4934-8b97-d3baee111a75.roa
Signing time:             Tue 21 Oct 2025 00:50:04 +0000
ROA not before:           Tue 21 Oct 2025 00:50:04 +0000
ROA not after:            Tue 25 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        202.5.165.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:e1:74:10:71:58:d5:64:f1:fe:d2:e4:e5:03:63:0e:40:f8:55:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 21 00:50:04 2025 GMT
            Not After : Nov 25 23:59:59 2025 GMT
        Subject: serialNumber=6cf9ba91503a29f39464a37abfe6c0cf3dc694b240c01e5d6e6655522a89ca22, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:38:ba:b9:60:a3:cf:60:7f:97:a4:16:9b:f7:
                    18:0c:bf:63:b9:92:1c:da:25:9b:a5:5b:9a:5a:90:
                    d9:47:58:3e:f0:7d:d1:14:58:5b:6b:da:d8:8d:0a:
                    5e:d3:4f:0e:16:1b:0f:00:5c:1a:51:eb:b5:ea:5b:
                    3e:12:06:52:de:04:b7:2c:f2:41:c2:fd:8d:a1:8c:
                    fa:77:b2:71:d3:5b:84:88:24:87:3d:80:45:a0:4c:
                    04:1f:09:95:c8:6d:09:f9:32:46:9c:60:9b:5c:59:
                    3f:a7:2b:ab:f7:f6:97:49:5c:66:67:aa:19:eb:07:
                    da:49:67:e9:a1:4c:16:3e:a2:c4:8b:64:a3:f7:33:
                    2d:eb:6d:df:9b:08:70:38:ed:da:ff:17:73:ad:6e:
                    69:f3:be:2c:24:cd:49:91:ce:ce:13:3b:09:6e:39:
                    cf:04:7c:ae:1a:5f:ce:75:70:d1:c0:3a:05:20:28:
                    7f:76:7c:bc:b7:91:88:12:e1:59:50:c9:91:f8:17:
                    32:e7:8f:b9:ef:21:d7:f3:d0:9e:bb:f1:13:73:51:
                    43:c7:9f:50:9c:22:60:aa:99:f0:18:03:a1:f5:4b:
                    58:9e:e4:dc:21:e3:0d:f1:5e:4f:5d:a2:dc:e5:70:
                    46:d0:ef:85:6a:06:de:d4:49:97:a2:87:87:b1:0d:
                    45:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:E3:DA:CD:FF:EE:C3:19:22:30:74:03:0D:59:36:2C:0E:F3:F2:E7
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/05d4d2f7-1a78-4934-8b97-d3baee111a75.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.5.165.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:68:73:1c:ce:03:6c:c8:3c:53:83:cd:5d:29:f2:fb:93:d0:
         1d:c4:a3:dd:c7:63:bb:cb:99:98:db:77:68:f6:6e:e3:86:96:
         f2:b1:ef:fa:20:7d:c1:34:42:ec:00:17:59:7b:9b:93:93:e8:
         3b:f5:05:74:f2:aa:f9:2e:73:ed:5e:d6:73:14:e3:35:58:c0:
         41:26:6f:0a:6f:27:f6:c2:96:05:33:58:a7:1a:b0:9e:b5:34:
         57:69:ca:b4:be:2c:97:49:d1:92:a8:ab:e7:ce:ce:50:e7:4a:
         51:ce:06:89:c4:2b:b6:aa:3a:90:2d:b2:ac:bc:cb:a1:a5:4f:
         eb:e8:2e:38:4b:08:ef:5b:20:e8:dc:91:4e:14:27:bf:82:1c:
         e5:23:b0:ef:f6:bc:89:c8:15:1f:b1:ce:f6:45:92:a7:84:c6:
         db:79:50:1d:61:34:3a:5c:d3:1c:48:17:c2:a4:3d:41:b6:13:
         09:82:38:f1:c7:ed:07:a1:f6:25:6d:a4:68:7b:f3:ac:72:63:
         95:b0:9b:6a:3a:2b:10:0c:9d:df:fb:a9:b8:14:be:90:a6:d8:
         9f:7d:3c:11:4a:f8:4e:86:af:6b:b3:12:a7:32:3f:eb:d8:6d:
         19:81:95:79:fd:8a:ba:2e:ad:7e:6a:46:8e:17:87:66:e6:27:
         78:59:8f:8d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfOF0EHFY1WTx/tLk5QNjDkD4VQswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIxMDA1MDA0WhcNMjUxMTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A2Y2Y5YmE5MTUwM2EyOWYzOTQ2NGEzN2FiZmU2YzBjZjNk
YzY5NGIyNDBjMDFlNWQ2ZTY2NTU1MjJhODljYTIyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1OLq5YKPPYH+XpBab9xgMv2O5khzaJZulW5pakNlHWD7w
fdEUWFtr2tiNCl7TTw4WGw8AXBpR67XqWz4SBlLeBLcs8kHC/Y2hjPp3snHTW4SI
JIc9gEWgTAQfCZXIbQn5MkacYJtcWT+nK6v39pdJXGZnqhnrB9pJZ+mhTBY+osSL
ZKP3My3rbd+bCHA47dr/F3OtbmnzviwkzUmRzs4TOwluOc8EfK4aX851cNHAOgUg
KH92fLy3kYgS4VlQyZH4FzLnj7nvIdfz0J678RNzUUPHn1CcImCqmfAYA6H1S1ie
5Nwh4w3xXk9dotzlcEbQ74VqBt7USZeih4exDUWHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUG+Pazf/uwxkiMHQDDVk2LA7z8ucwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzA1ZDRkMmY3LTFhNzgtNDkzNC04Yjk3LWQzYmFlZTExMWE3NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADKBaUwDQYJKoZIhvcNAQELBQADggEBAB5ocxzOA2zIPFODzV0p8vuT0B3E
o93HY7vLmZjbd2j2buOGlvKx7/ogfcE0QuwAF1l7m5OT6Dv1BXTyqvkuc+1e1nMU
4zVYwEEmbwpvJ/bClgUzWKcasJ61NFdpyrS+LJdJ0ZKoq+fOzlDnSlHOBonEK7aq
OpAtsqy8y6GlT+voLjhLCO9bIOjckU4UJ7+CHOUjsO/2vInIFR+xzvZFkqeExtt5
UB1hNDpc0xxIF8KkPUG2EwmCOPHH7Qeh9iVtpGh786xyY5Wwm2o6KxAMnd/7qbgU
vpCm2J99PBFK+E6Gr2uzEqcyP+vYbRmBlXn9irourX5qRo4Xh2bmJ3hZj40=
-----END CERTIFICATE-----