Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/18d9ef43-18ae-4526-8e54-73a58fe8c993.roa
File:                     18d9ef43-18ae-4526-8e54-73a58fe8c993.roa (raw, json)
Hash identifier:          f69VtxwsX8NsqC/AoUsRGAsGvWkBU/UrvhqJXMo+hUo=
Subject key identifier:   47:9F:5A:59:16:81:EE:B3:10:27:54:7C:9A:44:9F:7F:25:78:DC:FC
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2AA005F65DCC3C3C49CC3DA14059C674D2756648
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/18d9ef43-18ae-4526-8e54-73a58fe8c993.roa
Signing time:             Tue 21 Oct 2025 00:10:59 +0000
ROA not before:           Tue 21 Oct 2025 00:10:59 +0000
ROA not after:            Tue 25 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        98.82.142.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:a0:05:f6:5d:cc:3c:3c:49:cc:3d:a1:40:59:c6:74:d2:75:66:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 21 00:10:59 2025 GMT
            Not After : Nov 25 23:59:59 2025 GMT
        Subject: serialNumber=6d63c1de8fb135f51bf1735efe1edf493bf07d938eeedb88eb67f8d4942362c1, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:0b:16:9e:93:80:a3:90:18:9f:2e:98:80:32:
                    cc:72:2b:24:5d:23:35:9c:42:54:32:10:fb:85:27:
                    f0:1b:d6:66:57:f7:a4:f7:48:e3:3b:a2:bc:32:3f:
                    12:9a:76:f0:09:8e:9a:e5:b9:b2:fe:b2:f1:6a:a8:
                    5a:53:d2:03:ef:bf:e5:0a:29:21:b9:a1:15:ed:f8:
                    a7:d8:36:3b:3a:2b:d9:b3:88:3f:23:51:a6:77:7b:
                    d8:1a:7c:c4:98:ea:a5:05:64:ee:12:8e:8b:c6:4a:
                    09:26:2b:bf:12:89:b8:ed:cf:3b:69:ed:3b:08:f8:
                    b2:35:fc:12:2b:3a:2f:37:d5:bd:e4:10:d9:11:56:
                    81:85:88:33:cd:56:4a:2b:5f:29:b4:d7:50:fa:63:
                    1a:67:c6:a6:b3:e7:3e:9b:d2:dd:67:80:ae:60:56:
                    59:11:b0:2c:06:5a:b6:22:1b:79:f1:b8:e9:6c:dc:
                    43:ce:a0:1c:90:58:98:55:64:31:16:80:2e:a2:76:
                    47:43:d2:49:31:83:60:48:a8:df:db:a3:8e:16:a0:
                    69:49:6b:ae:8c:14:eb:86:c6:17:5b:97:1f:58:0c:
                    01:cb:59:2c:f7:c8:ff:64:1c:57:28:48:3e:c1:11:
                    b9:01:a4:62:6c:60:c9:6e:aa:43:ce:50:de:e2:5d:
                    e4:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:9F:5A:59:16:81:EE:B3:10:27:54:7C:9A:44:9F:7F:25:78:DC:FC
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/18d9ef43-18ae-4526-8e54-73a58fe8c993.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  98.82.142.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d7:d1:c3:a9:32:66:a2:0a:ae:5d:55:6a:8a:1d:44:01:b8:7d:
         ec:bd:b0:b1:2d:54:cd:58:5b:c0:89:c8:4c:2b:61:ad:38:c5:
         c6:df:6a:ac:24:13:f4:5b:c3:04:ae:89:eb:39:db:10:be:92:
         50:78:ec:6c:6b:be:30:16:4b:c9:e2:83:6a:7b:b1:83:aa:bb:
         99:cb:53:f2:e4:4e:79:a9:de:b7:8b:37:b9:5f:13:8e:bb:00:
         d2:2b:f3:fd:71:e7:04:9b:99:68:e3:2b:0e:f7:e0:37:1c:dc:
         67:88:8f:07:5f:e7:02:bf:33:b8:7a:6c:2f:7a:2e:fd:5a:bd:
         c3:45:72:d7:91:f4:56:3b:0f:3f:80:13:8f:fe:14:54:86:bd:
         55:81:0b:d8:e5:ca:f9:1f:8c:be:63:e3:89:72:af:a5:0e:2e:
         79:d9:c2:a4:04:36:39:91:b8:1a:e3:f5:a1:da:fd:8b:2e:aa:
         bb:fe:83:f8:c2:33:14:2d:37:ba:e0:96:8c:2d:b1:23:56:81:
         66:2b:09:78:70:fc:4e:aa:5d:ff:23:32:f4:e3:d0:92:75:3e:
         ff:95:1f:41:e6:c1:ba:7b:90:bc:62:7c:49:fd:7d:f6:98:44:
         b2:27:12:e2:70:f1:dc:a0:1c:2e:b8:d2:4e:c9:6f:85:ea:29:
         24:d3:88:b0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKqAF9l3MPDxJzD2hQFnGdNJ1ZkgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIxMDAxMDU5WhcNMjUxMTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A2ZDYzYzFkZThmYjEzNWY1MWJmMTczNWVmZTFlZGY0OTNi
ZjA3ZDkzOGVlZWRiODhlYjY3ZjhkNDk0MjM2MmMxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDfCxaek4CjkBifLpiAMsxyKyRdIzWcQlQyEPuFJ/Ab1mZX
96T3SOM7orwyPxKadvAJjprlubL+svFqqFpT0gPvv+UKKSG5oRXt+KfYNjs6K9mz
iD8jUaZ3e9gafMSY6qUFZO4SjovGSgkmK78Sibjtzztp7TsI+LI1/BIrOi831b3k
ENkRVoGFiDPNVkorXym011D6Yxpnxqaz5z6b0t1ngK5gVlkRsCwGWrYiG3nxuOls
3EPOoByQWJhVZDEWgC6idkdD0kkxg2BIqN/bo44WoGlJa66MFOuGxhdblx9YDAHL
WSz3yP9kHFcoSD7BEbkBpGJsYMluqkPOUN7iXeTlAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUR59aWRaB7rMQJ1R8mkSffyV43PwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE4ZDllZjQzLTE4YWUtNDUyNi04ZTU0LTczYTU4ZmU4Yzk5My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABiUo4wDQYJKoZIhvcNAQELBQADggEBANfRw6kyZqIKrl1VaoodRAG4fey9
sLEtVM1YW8CJyEwrYa04xcbfaqwkE/RbwwSuies52xC+klB47GxrvjAWS8nig2p7
sYOqu5nLU/LkTnmp3reLN7lfE467ANIr8/1x5wSbmWjjKw734Dcc3GeIjwdf5wK/
M7h6bC96Lv1avcNFcteR9FY7Dz+AE4/+FFSGvVWBC9jlyvkfjL5j44lyr6UOLnnZ
wqQENjmRuBrj9aHa/Ysuqrv+g/jCMxQtN7rglowtsSNWgWYrCXhw/E6qXf8jMvTj
0JJ1Pv+VH0Hmwbp7kLxifEn9ffaYRLInEuJw8dygHC640k7Jb4XqKSTTiLA=
-----END CERTIFICATE-----