Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/10f66a13-5879-48bb-b275-10276fd2b586.roa
File:                     10f66a13-5879-48bb-b275-10276fd2b586.roa (raw, json)
Hash identifier:          9sbAF6coAy/40j9lnolBK7f1/UH/PIwYkqs/47STGwk=
Subject key identifier:   CF:DB:E6:9A:AA:CD:ED:3C:4E:F3:8C:49:F4:68:B8:DB:CA:26:AC:A7
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       351FDAB3366C3E37891FB3B7A9DC254DE35E5A68
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/10f66a13-5879-48bb-b275-10276fd2b586.roa
Signing time:             Sun 26 Oct 2025 00:10:10 +0000
ROA not before:           Sun 26 Oct 2025 00:10:10 +0000
ROA not after:            Sun 30 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.161.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:1f:da:b3:36:6c:3e:37:89:1f:b3:b7:a9:dc:25:4d:e3:5e:5a:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 26 00:10:10 2025 GMT
            Not After : Nov 30 23:59:59 2025 GMT
        Subject: serialNumber=4715fedf1848789dabef283ca3a1ca6b15aaffecfc9b0d37d6fb031f226aeeb5, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:99:4b:bf:4d:c9:42:d8:3a:7d:20:8b:65:97:
                    dd:c6:a7:df:ae:54:b3:8b:d5:b8:ee:36:fc:51:52:
                    ea:cd:2b:6d:6e:33:eb:a5:48:30:9e:e1:51:4e:47:
                    2a:63:d1:e4:f6:47:b1:37:e3:bc:93:e5:13:56:7c:
                    d5:da:4d:e5:9c:fa:f4:e8:4c:87:3e:2d:8d:99:0a:
                    e8:f2:f7:31:fc:39:bb:8a:6f:d2:d0:54:0e:5f:84:
                    f9:77:04:44:cf:e7:8f:6f:cd:00:34:45:dc:26:b0:
                    9b:0f:ae:70:04:11:85:3f:48:68:eb:76:f5:18:25:
                    1c:a7:d1:4f:40:88:07:20:07:44:a0:33:72:0c:1d:
                    41:84:34:e9:40:ec:59:e9:58:fd:fb:3f:7b:a5:69:
                    18:19:85:49:a3:46:9c:63:c2:93:40:19:c9:b6:47:
                    c1:d1:9b:50:2e:cc:20:ab:9a:a8:5e:17:e8:cf:c8:
                    f5:c2:6f:61:de:3a:c6:f6:ea:57:f8:72:54:a5:dc:
                    3a:0f:5b:35:f9:e9:51:e6:40:ed:63:8f:23:3b:26:
                    00:81:d3:a8:23:35:e5:dd:b3:2b:28:b7:b5:53:07:
                    18:8d:33:4b:7e:2c:54:86:aa:38:9e:12:32:5f:f2:
                    ca:0e:e0:92:c1:be:f9:c1:b1:1e:6c:0d:14:82:ee:
                    31:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:DB:E6:9A:AA:CD:ED:3C:4E:F3:8C:49:F4:68:B8:DB:CA:26:AC:A7
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/10f66a13-5879-48bb-b275-10276fd2b586.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.161.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0f:9b:c5:7f:45:b1:89:52:d4:0c:12:96:ac:96:ee:e2:b0:e2:
         89:8e:64:75:54:e0:81:03:01:06:68:24:3e:d1:0e:16:34:f1:
         be:6f:e7:34:b9:82:57:30:37:67:92:de:88:d8:d9:f2:f5:7d:
         f6:14:a2:39:7d:c2:4e:ce:aa:b8:ea:d5:57:36:88:39:db:97:
         82:e2:74:ef:bc:f9:6f:7c:01:33:d2:3e:28:f4:75:4c:0d:45:
         b4:dd:e0:1c:42:af:8a:0d:3f:f0:61:42:e0:04:b8:e1:16:d2:
         d9:cf:3e:4c:e8:48:bc:b0:ab:80:75:2f:2a:d4:38:bf:5a:90:
         e8:8c:3c:12:a8:61:30:56:ee:12:4f:ac:0c:c0:02:54:e4:eb:
         df:33:fc:72:dc:d0:b1:0a:48:9f:b1:82:e3:01:cb:f6:21:0f:
         b0:68:69:b9:4d:83:70:90:63:87:4d:66:d2:80:da:74:39:7e:
         9c:1e:8d:16:4c:d9:2e:13:e1:37:93:64:c7:e3:21:36:40:c2:
         f3:c6:22:6b:07:3b:e3:37:52:70:c3:26:fa:a8:0e:87:0f:7c:
         6b:bc:82:83:e9:30:d1:24:a5:2f:97:e2:ee:eb:8c:bb:25:e7:
         ea:19:f6:c1:95:de:c8:05:43:2b:c1:37:db:25:28:32:60:5a:
         38:82:4f:ab
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNR/aszZsPjeJH7O3qdwlTeNeWmgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI2MDAxMDEwWhcNMjUxMTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0A0NzE1ZmVkZjE4NDg3ODlkYWJlZjI4M2NhM2ExY2E2YjE1
YWFmZmVjZmM5YjBkMzdkNmZiMDMxZjIyNmFlZWI1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCsmUu/TclC2Dp9IItll93Gp9+uVLOL1bjuNvxRUurNK21u
M+ulSDCe4VFORypj0eT2R7E347yT5RNWfNXaTeWc+vToTIc+LY2ZCujy9zH8ObuK
b9LQVA5fhPl3BETP549vzQA0RdwmsJsPrnAEEYU/SGjrdvUYJRyn0U9AiAcgB0Sg
M3IMHUGENOlA7FnpWP37P3ulaRgZhUmjRpxjwpNAGcm2R8HRm1AuzCCrmqheF+jP
yPXCb2HeOsb26lf4clSl3DoPWzX56VHmQO1jjyM7JgCB06gjNeXdsysot7VTBxiN
M0t+LFSGqjieEjJf8soO4JLBvvnBsR5sDRSC7jFNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUz9vmmqrN7TxO84xJ9Gi428omrKcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzEwZjY2YTEzLTU4NzktNDhiYi1iMjc1LTEwMjc2ZmQyYjU4Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTaEwDQYJKoZIhvcNAQELBQADggEBAA+bxX9FsYlS1AwSlqyW7uKw4omO
ZHVU4IEDAQZoJD7RDhY08b5v5zS5glcwN2eS3ojY2fL1ffYUojl9wk7Oqrjq1Vc2
iDnbl4LidO+8+W98ATPSPij0dUwNRbTd4BxCr4oNP/BhQuAEuOEW0tnPPkzoSLyw
q4B1LyrUOL9akOiMPBKoYTBW7hJPrAzAAlTk698z/HLc0LEKSJ+xguMBy/YhD7Bo
ablNg3CQY4dNZtKA2nQ5fpwejRZM2S4T4TeTZMfjITZAwvPGImsHO+M3UnDDJvqo
DocPfGu8goPpMNEkpS+X4u7rjLsl5+oZ9sGV3sgFQyvBN9slKDJgWjiCT6s=
-----END CERTIFICATE-----