Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2966c35f-19a0-48e0-a0af-c1840ddaa93a.roa
File:                     2966c35f-19a0-48e0-a0af-c1840ddaa93a.roa (raw, json)
Hash identifier:          FwiOBS8CGX9jn/dAyifRpcpd6wbBfV3FjqRDfQlLvhI=
Subject key identifier:   B6:56:C8:99:68:DF:02:22:8E:CC:83:28:C6:58:4F:19:BB:0A:AB:51
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4C8AEACE6CDF6976D33DBFE13E0F875FA96CE306
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2966c35f-19a0-48e0-a0af-c1840ddaa93a.roa
Signing time:             Fri 24 Oct 2025 00:10:47 +0000
ROA not before:           Fri 24 Oct 2025 00:10:47 +0000
ROA not after:            Fri 28 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        99.200.0.0/13 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:8a:ea:ce:6c:df:69:76:d3:3d:bf:e1:3e:0f:87:5f:a9:6c:e3:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 24 00:10:47 2025 GMT
            Not After : Nov 28 23:59:59 2025 GMT
        Subject: serialNumber=b4fd03101136e53d4cfa14ea805d10a7f162b74fc78d907de4a21d0a60968678, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:7f:15:89:94:5f:f0:79:01:d2:c9:56:03:eb:
                    30:c2:a1:92:33:4e:b2:ae:70:61:8a:e8:51:88:8b:
                    5e:9d:87:8c:28:b6:88:50:36:c4:9f:f1:03:ff:f2:
                    c1:ac:8d:59:2f:3d:77:0e:6c:4e:6a:02:f7:32:5c:
                    7c:c7:26:77:a9:eb:82:63:50:52:9d:f8:9c:8e:49:
                    4f:d2:77:9c:86:03:24:ad:f2:93:69:98:44:b0:f5:
                    65:ee:b1:ff:c6:71:03:b8:96:b1:15:51:17:0d:0a:
                    78:0f:9f:87:ec:d4:1d:74:cc:f2:45:0e:2a:98:40:
                    48:3a:89:5f:be:50:21:d5:89:86:d9:58:66:be:10:
                    13:1f:35:61:5f:32:8a:5b:50:40:a6:c0:7c:cb:4c:
                    1a:15:d7:ea:9b:44:c9:6d:29:ca:ad:cc:29:2a:a5:
                    22:55:4c:72:c8:07:9e:6a:9e:59:b9:b5:92:5c:4a:
                    a5:b8:77:32:99:ef:11:a2:d9:2b:81:86:95:da:ae:
                    1c:d2:c6:e0:83:33:e2:41:1d:11:1f:dc:7c:a1:c7:
                    6f:50:51:2d:42:1f:27:1d:4c:78:93:92:a8:10:16:
                    6c:1f:ef:80:d4:3c:f4:da:b6:36:94:50:03:83:fa:
                    18:bb:55:87:2a:fd:b7:86:ca:e8:51:ac:34:24:58:
                    b1:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:56:C8:99:68:DF:02:22:8E:CC:83:28:C6:58:4F:19:BB:0A:AB:51
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2966c35f-19a0-48e0-a0af-c1840ddaa93a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.200.0.0/13

    Signature Algorithm: sha256WithRSAEncryption
         a4:2f:04:ff:34:51:74:24:43:fa:ce:3b:6e:bc:79:80:d8:c9:
         4e:ab:aa:37:45:11:d1:8a:b1:9a:ad:5c:63:36:41:56:fa:2c:
         6a:f8:1b:af:55:42:f4:62:2f:ad:ca:5b:fc:83:b1:89:06:3a:
         f0:20:eb:7e:75:9f:0e:5d:c7:30:d8:28:35:7e:a4:9f:46:df:
         6d:be:86:e2:62:e5:68:d3:f4:5d:3a:39:55:1c:1e:68:0d:e8:
         0e:b0:ff:e7:67:ac:b9:9c:f5:34:0d:bd:7f:1e:5d:34:82:40:
         8e:f1:b0:1d:4b:e6:f3:86:da:37:ea:59:b3:ce:7b:94:b2:3a:
         d8:78:1f:74:3b:94:55:7b:9c:a5:0f:2c:de:af:71:a7:78:7c:
         9e:89:5f:64:8f:4f:9a:75:71:27:c7:b1:30:76:e4:d3:f8:db:
         0e:6b:8c:4a:74:8a:5d:4d:13:14:17:c9:3c:a5:2e:70:1e:60:
         82:f4:a1:e0:5f:40:aa:e1:29:5f:af:cd:7d:f0:d4:d2:e3:da:
         1d:8f:b2:de:58:f0:e1:e4:c9:8c:c7:98:be:dc:6e:72:01:25:
         80:61:be:24:e9:57:c8:bb:37:7f:05:46:49:43:0b:b1:3b:f0:
         f8:21:18:1a:9f:d0:a5:24:28:03:f5:a1:b3:3f:2a:8b:47:3a:
         68:80:15:98
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUTIrqzmzfaXbTPb/hPg+HX6ls4wYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI0MDAxMDQ3WhcNMjUxMTI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BiNGZkMDMxMDExMzZlNTNkNGNmYTE0ZWE4MDVkMTBhN2Yx
NjJiNzRmYzc4ZDkwN2RlNGEyMWQwYTYwOTY4Njc4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC8fxWJlF/weQHSyVYD6zDCoZIzTrKucGGK6FGIi16dh4wo
tohQNsSf8QP/8sGsjVkvPXcObE5qAvcyXHzHJnep64JjUFKd+JyOSU/Sd5yGAySt
8pNpmESw9WXusf/GcQO4lrEVURcNCngPn4fs1B10zPJFDiqYQEg6iV++UCHViYbZ
WGa+EBMfNWFfMopbUECmwHzLTBoV1+qbRMltKcqtzCkqpSJVTHLIB55qnlm5tZJc
SqW4dzKZ7xGi2SuBhpXarhzSxuCDM+JBHREf3Hyhx29QUS1CHycdTHiTkqgQFmwf
74DUPPTatjaUUAOD+hi7VYcq/beGyuhRrDQkWLFbAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUtlbImWjfAiKOzIMoxlhPGbsKq1EwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI5NjZjMzVmLTE5YTAtNDhlMC1hMGFmLWMxODQwZGRhYTkzYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwNjyDANBgkqhkiG9w0BAQsFAAOCAQEApC8E/zRRdCRD+s47brx5gNjJTquq
N0UR0Yqxmq1cYzZBVvosavgbr1VC9GIvrcpb/IOxiQY68CDrfnWfDl3HMNgoNX6k
n0bfbb6G4mLlaNP0XTo5VRweaA3oDrD/52esuZz1NA29fx5dNIJAjvGwHUvm84ba
N+pZs857lLI62HgfdDuUVXucpQ8s3q9xp3h8nolfZI9PmnVxJ8exMHbk0/jbDmuM
SnSKXU0TFBfJPKUucB5ggvSh4F9AquEpX6/NffDU0uPaHY+y3ljw4eTJjMeYvtxu
cgElgGG+JOlXyLs3fwVGSUMLsTvw+CEYGp/QpSQoA/Whsz8qi0c6aIAVmA==
-----END CERTIFICATE-----