Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/17392cac-2ffa-4bbe-b29b-48b0dc375b57.roa
File:                     17392cac-2ffa-4bbe-b29b-48b0dc375b57.roa (raw, json)
Hash identifier:          CXYg+YiROEMvDO72o7qCqhrBqpYKWuLTP+fSIte/oj0=
Subject key identifier:   60:C5:A0:87:4B:A0:84:31:4A:C2:3E:55:8A:14:6D:A6:78:C8:57:C6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       167C74B63C23EF2DA7C6A69A5FE0523677D36481
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/17392cac-2ffa-4bbe-b29b-48b0dc375b57.roa
Signing time:             Wed 22 Oct 2025 00:31:58 +0000
ROA not before:           Wed 22 Oct 2025 00:31:58 +0000
ROA not after:            Wed 26 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        66.152.160.0/19 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:7c:74:b6:3c:23:ef:2d:a7:c6:a6:9a:5f:e0:52:36:77:d3:64:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 22 00:31:58 2025 GMT
            Not After : Nov 26 23:59:59 2025 GMT
        Subject: serialNumber=3c7fea7286b2049db2145a84b45cdb2cc5db01d329644a02ff94fc6d971a1caf, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:f4:08:0f:69:c7:3c:bd:5b:d7:47:5e:22:ee:
                    93:f3:17:c1:52:df:29:2e:f8:78:32:4d:13:e8:48:
                    a5:9d:33:3a:45:40:de:03:55:19:e8:71:0e:27:dd:
                    e5:6b:0a:16:3d:63:cf:b0:51:41:a9:d8:c1:4b:71:
                    12:30:0e:86:ea:72:37:b2:61:9a:07:f0:35:0e:b8:
                    68:7f:ac:64:4e:01:7e:dc:04:4a:1f:01:a2:06:d5:
                    55:f4:cf:1b:d9:19:13:90:51:7e:76:75:30:0f:a1:
                    4d:b2:1b:ef:a8:02:64:76:7c:02:97:48:a6:8e:f0:
                    6f:1b:9d:3f:87:a3:b6:78:1e:d9:9b:6f:fb:84:ca:
                    3f:2f:d1:70:72:80:ac:a6:97:cd:29:7a:b6:39:eb:
                    1b:53:6a:0c:15:f3:43:1e:0a:e3:f8:71:de:7c:23:
                    1d:0d:0e:9e:57:82:27:a6:27:53:e9:55:52:3e:0e:
                    12:09:a9:04:29:23:dc:c3:9c:a6:57:ea:d2:ef:db:
                    b8:79:4b:e3:66:96:04:ef:24:fa:8c:8d:48:3d:6b:
                    9d:79:f1:ad:e6:42:b8:24:be:7c:22:d6:c9:d5:c4:
                    ad:1b:64:b0:95:12:cf:52:10:3a:8d:00:b2:76:be:
                    cf:24:ae:59:19:41:9e:1a:f0:f0:eb:c0:10:be:66:
                    d6:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:C5:A0:87:4B:A0:84:31:4A:C2:3E:55:8A:14:6D:A6:78:C8:57:C6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/17392cac-2ffa-4bbe-b29b-48b0dc375b57.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.152.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         8b:ee:2f:60:d1:9e:2e:bd:4e:23:b9:df:4b:00:ab:04:38:b9:
         eb:0d:9c:35:4e:32:15:84:a3:28:70:96:dd:0a:89:b3:22:76:
         2d:ac:68:fd:84:1e:71:d2:36:fe:39:1e:c9:0c:c1:d4:91:e5:
         ce:fd:63:e4:3f:11:c8:17:a3:0c:24:17:f3:5f:9e:fd:67:8b:
         ac:2e:39:c4:88:6b:25:b1:05:dc:ed:15:0b:73:4f:f1:3b:08:
         83:2b:fe:e3:5c:c6:36:58:94:6d:3b:f6:2b:92:d2:d6:67:21:
         58:67:32:a1:52:62:c5:a0:08:d8:70:90:6b:39:11:22:17:ef:
         f8:e5:02:fd:29:ed:c6:82:1d:3d:4d:f0:72:31:dc:a7:0c:87:
         15:af:34:81:82:da:17:a2:cc:54:20:82:67:93:9c:a1:76:73:
         ab:ef:7b:15:3b:29:21:ef:aa:1a:ef:2c:0c:43:eb:7c:22:40:
         ea:d8:13:e5:03:28:b6:cd:8b:4d:3b:93:b8:8b:26:8e:07:69:
         98:a0:d3:69:57:0c:3a:84:b6:25:38:81:d0:70:e3:9a:cc:79:
         bc:cd:32:d2:c9:b6:98:bf:f5:5f:b6:09:4a:93:d1:02:2f:e8:
         9d:15:fd:ab:a7:59:82:08:73:5d:66:37:5c:7b:a2:69:be:56:
         36:5e:c9:ed
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFnx0tjwj7y2nxqaaX+BSNnfTZIEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIyMDAzMTU4WhcNMjUxMTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0AzYzdmZWE3Mjg2YjIwNDlkYjIxNDVhODRiNDVjZGIyY2M1
ZGIwMWQzMjk2NDRhMDJmZjk0ZmM2ZDk3MWExY2FmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCQ9AgPacc8vVvXR14i7pPzF8FS3yku+HgyTRPoSKWdMzpF
QN4DVRnocQ4n3eVrChY9Y8+wUUGp2MFLcRIwDobqcjeyYZoH8DUOuGh/rGROAX7c
BEofAaIG1VX0zxvZGROQUX52dTAPoU2yG++oAmR2fAKXSKaO8G8bnT+Ho7Z4Htmb
b/uEyj8v0XBygKyml80perY56xtTagwV80MeCuP4cd58Ix0NDp5XgiemJ1PpVVI+
DhIJqQQpI9zDnKZX6tLv27h5S+NmlgTvJPqMjUg9a5158a3mQrgkvnwi1snVxK0b
ZLCVEs9SEDqNALJ2vs8krlkZQZ4a8PDrwBC+ZtaNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUYMWgh0ughDFKwj5VihRtpnjIV8YwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE3MzkyY2FjLTJmZmEtNGJiZS1iMjliLTQ4YjBkYzM3NWI1Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAVCmKAwDQYJKoZIhvcNAQELBQADggEBAIvuL2DRni69TiO530sAqwQ4uesN
nDVOMhWEoyhwlt0KibMidi2saP2EHnHSNv45HskMwdSR5c79Y+Q/EcgXowwkF/Nf
nv1ni6wuOcSIayWxBdztFQtzT/E7CIMr/uNcxjZYlG079iuS0tZnIVhnMqFSYsWg
CNhwkGs5ESIX7/jlAv0p7caCHT1N8HIx3KcMhxWvNIGC2heizFQggmeTnKF2c6vv
exU7KSHvqhrvLAxD63wiQOrYE+UDKLbNi007k7iLJo4HaZig02lXDDqEtiU4gdBw
45rMebzNMtLJtpi/9V+2CUqT0QIv6J0V/aunWYIIc11mN1x7omm+VjZeye0=
-----END CERTIFICATE-----