Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/37907f75-e7ff-4ab6-93f4-46f58160bbb9.roa
File:                     37907f75-e7ff-4ab6-93f4-46f58160bbb9.roa (raw, json)
Hash identifier:          cR21nQLuwhggZ/kNsXdKOnpfm0xMjECNvmOSWwLJCL4=
Subject key identifier:   C4:D0:38:3E:32:DA:F8:E4:54:91:65:52:F8:02:49:EB:BC:C1:C9:3C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       10C3B07899A45ECB7B70D03F2B69EDA696EE0F55
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/37907f75-e7ff-4ab6-93f4-46f58160bbb9.roa
Signing time:             Wed 05 Nov 2025 00:40:55 +0000
ROA not before:           Wed 05 Nov 2025 00:40:55 +0000
ROA not after:            Wed 10 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        206.53.96.0/19 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:c3:b0:78:99:a4:5e:cb:7b:70:d0:3f:2b:69:ed:a6:96:ee:0f:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  5 00:40:55 2025 GMT
            Not After : Dec 10 23:59:59 2025 GMT
        Subject: serialNumber=03fed80a9a9a9520ab4dffd49b7c83d37fc6619c0c852d231d2374e2a9cecf69, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:67:20:d8:3c:d0:47:b1:99:76:1d:71:67:8a:
                    f2:7e:60:d1:95:c3:2b:d9:7f:6b:ff:00:92:9c:81:
                    45:0e:39:66:43:76:2f:da:7e:3d:f8:8f:21:ce:4b:
                    5a:67:a2:fa:e6:c1:d3:42:8b:a7:69:ae:7e:7c:bb:
                    4a:ec:ff:8b:ec:c4:bb:fe:3a:7c:d4:ac:20:82:02:
                    69:cb:16:58:cb:16:8d:5f:84:ea:4d:42:6f:40:05:
                    ca:2f:28:60:d1:76:7b:0e:c3:80:fc:19:cb:5c:55:
                    53:6f:ae:e7:cf:db:9e:08:b7:4b:b5:95:43:95:30:
                    62:20:a1:5f:60:12:bc:68:47:cf:bc:96:51:2e:00:
                    d3:5a:f3:b5:af:2f:96:47:9b:28:21:c9:1b:12:c3:
                    37:69:9f:b7:45:5f:e1:02:d6:30:71:6e:92:f8:79:
                    70:3d:d6:9e:ce:49:9c:67:84:e7:c7:3c:22:93:e0:
                    a3:f2:3e:6f:b8:2e:78:d7:12:0b:86:d9:19:a3:1c:
                    45:5f:43:88:be:c7:89:f0:df:78:5c:8d:92:e0:4a:
                    2e:9c:4a:a5:ac:a4:69:a3:cb:6e:a6:33:94:15:f1:
                    96:20:fd:5b:05:8b:e7:03:a7:dd:e6:5e:c4:71:86:
                    64:59:04:99:90:7c:61:dd:ac:8b:51:64:04:e5:c9:
                    a6:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:D0:38:3E:32:DA:F8:E4:54:91:65:52:F8:02:49:EB:BC:C1:C9:3C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/37907f75-e7ff-4ab6-93f4-46f58160bbb9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  206.53.96.0/19

    Signature Algorithm: sha256WithRSAEncryption
         88:03:6c:a2:e2:49:ea:fc:84:3f:65:8b:80:45:04:ff:d2:b9:
         5c:75:1a:c5:d3:b0:e4:31:20:95:89:4d:16:39:2a:c0:94:85:
         ff:bd:5d:b1:a5:84:c2:25:e2:47:08:ad:01:1e:fc:3f:36:49:
         64:95:5f:4b:d3:16:e9:51:0e:8b:44:03:5a:d0:76:93:de:88:
         a4:84:be:15:4c:a6:81:96:bc:a5:23:9e:dd:bc:11:07:25:e4:
         9c:da:34:0f:54:e9:9a:b1:61:58:e0:43:97:5f:c4:20:a5:cb:
         9c:18:ad:dc:44:60:9d:76:a3:35:82:92:50:6a:ea:4f:ed:f5:
         33:a5:99:61:ad:58:53:8c:0f:06:20:b8:19:e0:b2:4b:80:a6:
         58:f9:00:45:06:94:bc:c9:e1:91:b0:67:93:8c:9f:43:53:8f:
         35:ac:d2:3a:88:f4:1d:ec:1f:dd:22:4f:2b:c1:5a:fe:13:8d:
         fa:6d:fd:2f:47:ca:d8:f9:a0:51:c7:b0:d7:0c:a1:58:60:42:
         6e:3a:7d:bb:2b:fb:5b:2e:48:09:5c:f3:53:9f:84:9c:f6:14:
         da:e8:e7:53:a0:b4:a5:80:cf:72:bc:c7:b5:b1:48:75:93:a0:
         7f:c6:43:f2:05:d8:01:65:d7:13:95:ec:2e:15:fd:51:01:4e:
         11:4f:ef:ff
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUEMOweJmkXst7cNA/K2ntppbuD1UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTA1MDA0MDU1WhcNMjUxMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AwM2ZlZDgwYTlhOWE5NTIwYWI0ZGZmZDQ5YjdjODNkMzdm
YzY2MTljMGM4NTJkMjMxZDIzNzRlMmE5Y2VjZjY5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDuZyDYPNBHsZl2HXFnivJ+YNGVwyvZf2v/AJKcgUUOOWZD
di/afj34jyHOS1pnovrmwdNCi6dprn58u0rs/4vsxLv+OnzUrCCCAmnLFljLFo1f
hOpNQm9ABcovKGDRdnsOw4D8GctcVVNvrufP254It0u1lUOVMGIgoV9gErxoR8+8
llEuANNa87WvL5ZHmyghyRsSwzdpn7dFX+EC1jBxbpL4eXA91p7OSZxnhOfHPCKT
4KPyPm+4LnjXEguG2RmjHEVfQ4i+x4nw33hcjZLgSi6cSqWspGmjy26mM5QV8ZYg
/VsFi+cDp93mXsRxhmRZBJmQfGHdrItRZATlyaY1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUxNA4PjLa+ORUkWVS+AJJ67zByTwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM3OTA3Zjc1LWU3ZmYtNGFiNi05M2Y0LTQ2ZjU4MTYwYmJiOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAXONWAwDQYJKoZIhvcNAQELBQADggEBAIgDbKLiSer8hD9li4BFBP/SuVx1
GsXTsOQxIJWJTRY5KsCUhf+9XbGlhMIl4kcIrQEe/D82SWSVX0vTFulRDotEA1rQ
dpPeiKSEvhVMpoGWvKUjnt28EQcl5JzaNA9U6ZqxYVjgQ5dfxCCly5wYrdxEYJ12
ozWCklBq6k/t9TOlmWGtWFOMDwYguBngskuAplj5AEUGlLzJ4ZGwZ5OMn0NTjzWs
0jqI9B3sH90iTyvBWv4Tjfpt/S9Hytj5oFHHsNcMoVhgQm46fbsr+1suSAlc81Of
hJz2FNro51OgtKWAz3K8x7WxSHWToH/GQ/IF2AFl1xOV7C4V/VEBThFP7/8=
-----END CERTIFICATE-----