Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1505dba2-f5d8-4cfa-892e-d67f9fff862f.roa
File:                     1505dba2-f5d8-4cfa-892e-d67f9fff862f.roa (raw, json)
Hash identifier:          VEV7PwygZUDUbEtZfet+8aDWLhECE7Clf6bBkYaG7SY=
Subject key identifier:   C6:60:14:61:B8:E5:F0:D5:49:9B:C8:E9:43:C5:A5:EE:C9:BA:76:D7
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0C941A03B426FCCA60C3956E9AB7FE705652E507
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1505dba2-f5d8-4cfa-892e-d67f9fff862f.roa
Signing time:             Tue 28 Oct 2025 00:31:19 +0000
ROA not before:           Tue 28 Oct 2025 00:31:19 +0000
ROA not after:            Tue 02 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.250.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:94:1a:03:b4:26:fc:ca:60:c3:95:6e:9a:b7:fe:70:56:52:e5:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 28 00:31:19 2025 GMT
            Not After : Dec  2 23:59:59 2025 GMT
        Subject: serialNumber=9488c6bb36c208a7bcd1ed66ed1266ef262232d34cf9fde313a3d1aea2f925f8, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:10:dc:00:4b:48:c6:a9:73:35:f6:3c:38:6e:
                    81:84:e5:fc:19:ba:12:3c:f1:30:3d:ff:a7:e9:28:
                    29:b0:95:1d:30:53:44:46:1f:f6:dd:78:7b:f5:37:
                    12:d5:43:a5:3f:1c:88:a6:bd:ed:ca:58:a3:0b:bd:
                    15:58:99:b7:72:e6:bb:7f:78:c1:74:f3:6e:51:fd:
                    8a:28:35:4f:be:45:30:49:8d:70:66:2b:d9:42:a1:
                    b7:ab:2b:18:a4:ad:16:e4:52:7f:e0:65:d4:1e:f2:
                    7d:ce:74:81:72:55:6a:c5:17:5f:a5:d6:b4:50:95:
                    15:1d:c7:72:37:92:c5:c8:76:b2:c5:e6:b3:46:81:
                    e1:4f:01:59:9e:1d:ee:6f:84:43:a7:b5:0f:b6:e7:
                    37:9e:da:67:dd:50:47:98:94:b3:eb:d8:da:3c:2b:
                    9f:4b:d7:a6:14:7d:93:94:9d:97:a9:8d:e7:25:2e:
                    f6:eb:3b:e0:38:c5:06:ca:35:33:e1:f6:d5:b7:88:
                    7c:ca:1e:4d:ff:f7:a7:68:ac:8e:8a:5c:7f:03:8d:
                    41:ee:49:95:b8:ca:b2:45:4a:99:53:9b:3d:7e:58:
                    a9:ce:f7:ab:a6:de:ef:49:29:96:f3:e7:4f:b8:a1:
                    07:9b:6f:41:f0:65:fa:e9:8f:9d:29:44:6b:3f:a5:
                    65:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:60:14:61:B8:E5:F0:D5:49:9B:C8:E9:43:C5:A5:EE:C9:BA:76:D7
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1505dba2-f5d8-4cfa-892e-d67f9fff862f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.250.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:c0:8d:a1:22:e2:a4:62:aa:7a:81:05:64:2c:2b:29:0b:6c:
         82:15:41:7d:4c:a2:2d:2a:82:e5:3e:48:53:6a:d2:53:68:d1:
         ff:05:50:79:df:39:35:63:4d:35:35:54:e3:94:43:de:47:5a:
         a8:55:62:42:60:f4:f8:34:23:90:7f:78:d9:d7:3c:20:41:55:
         1d:33:2f:8a:6c:8c:0a:2c:08:f1:9e:9a:b8:9f:13:a5:5f:af:
         0e:6c:f4:e5:5e:fe:a2:d3:35:e0:c4:df:1b:0e:f9:65:af:9e:
         f9:47:9c:4b:1e:af:25:2d:9f:84:d5:6c:f5:69:9e:6e:a5:04:
         ff:28:3f:af:3e:82:c7:7b:d4:8a:61:80:4d:be:1e:46:b1:99:
         e3:bc:4f:65:dd:aa:d1:b0:cd:6e:e0:95:3a:ec:69:fd:f6:0a:
         2a:91:dd:2e:94:7c:b5:1d:16:96:10:59:48:12:ad:d5:12:2e:
         3c:8d:65:1d:95:2a:89:9f:23:b1:c5:99:a3:b4:4a:a7:11:d9:
         23:59:92:9f:f2:d5:51:d3:22:4d:d1:dd:b0:4a:ab:f7:15:23:
         ad:dc:43:9b:22:58:6a:b4:dc:ad:8b:36:3e:fb:f5:44:83:97:
         bf:8d:82:9e:1f:de:fd:f9:9a:85:86:6d:9d:0f:d6:17:18:18:
         0e:96:d1:68
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDJQaA7Qm/Mpgw5Vumrf+cFZS5QcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI4MDAzMTE5WhcNMjUxMjAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A5NDg4YzZiYjM2YzIwOGE3YmNkMWVkNjZlZDEyNjZlZjI2
MjIzMmQzNGNmOWZkZTMxM2EzZDFhZWEyZjkyNWY4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCcENwAS0jGqXM19jw4boGE5fwZuhI88TA9/6fpKCmwlR0w
U0RGH/bdeHv1NxLVQ6U/HIimve3KWKMLvRVYmbdy5rt/eMF0825R/YooNU++RTBJ
jXBmK9lCoberKxikrRbkUn/gZdQe8n3OdIFyVWrFF1+l1rRQlRUdx3I3ksXIdrLF
5rNGgeFPAVmeHe5vhEOntQ+25zee2mfdUEeYlLPr2No8K59L16YUfZOUnZepjecl
LvbrO+A4xQbKNTPh9tW3iHzKHk3/96dorI6KXH8DjUHuSZW4yrJFSplTmz1+WKnO
96um3u9JKZbz50+4oQebb0HwZfrpj50pRGs/pWWHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUxmAUYbjl8NVJm8jpQ8Wl7sm6dtcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE1MDVkYmEyLWY1ZDgtNGNmYS04OTJlLWQ2N2Y5ZmZmODYyZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTfowDQYJKoZIhvcNAQELBQADggEBAEfAjaEi4qRiqnqBBWQsKykLbIIV
QX1Moi0qguU+SFNq0lNo0f8FUHnfOTVjTTU1VOOUQ95HWqhVYkJg9Pg0I5B/eNnX
PCBBVR0zL4psjAosCPGemrifE6Vfrw5s9OVe/qLTNeDE3xsO+WWvnvlHnEseryUt
n4TVbPVpnm6lBP8oP68+gsd71IphgE2+HkaxmeO8T2XdqtGwzW7glTrsaf32CiqR
3S6UfLUdFpYQWUgSrdUSLjyNZR2VKomfI7HFmaO0SqcR2SNZkp/y1VHTIk3R3bBK
q/cVI63cQ5siWGq03K2LNj779USDl7+Ngp4f3v35moWGbZ0P1hcYGA6W0Wg=
-----END CERTIFICATE-----