Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/37be519d-0e3d-49b8-b4fa-cb00f7a29ad8.roa
File:                     37be519d-0e3d-49b8-b4fa-cb00f7a29ad8.roa (raw, json)
Hash identifier:          np909QuDazamQc3+du3lVYrKlVX3c5asIxLRJjuASZI=
Subject key identifier:   FB:46:87:E0:5C:F0:84:79:C8:F7:BE:6D:5C:CD:0B:5E:BB:EF:BC:C5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       91846ADB9EA9A80435B436389F7BD4134CEADB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/37be519d-0e3d-49b8-b4fa-cb00f7a29ad8.roa
Signing time:             Sat 25 Oct 2025 00:30:43 +0000
ROA not before:           Sat 25 Oct 2025 00:30:43 +0000
ROA not after:            Sat 29 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        104.200.224.0/19 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            91:84:6a:db:9e:a9:a8:04:35:b4:36:38:9f:7b:d4:13:4c:ea:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 25 00:30:43 2025 GMT
            Not After : Nov 29 23:59:59 2025 GMT
        Subject: serialNumber=87ee27218ca243437e5c7ee7ccf658c258532dd76577e338a006ceab34c4d686, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:0b:cd:df:1b:d8:b3:6b:52:89:43:1c:c2:07:
                    ff:0f:6f:4e:ff:86:55:7f:77:54:cd:87:6b:84:54:
                    ff:9b:e4:c2:6d:05:e5:40:77:f5:95:8e:e8:c7:aa:
                    e7:4b:d8:ec:4b:fa:57:3c:2c:fc:38:60:15:33:dd:
                    c3:eb:75:94:05:4f:aa:34:cd:48:5d:67:8e:78:ca:
                    88:38:57:ae:69:49:29:41:a4:17:f2:76:48:7d:ed:
                    34:a2:e5:7a:22:45:6e:f9:b9:b1:14:d3:dc:e8:d1:
                    0b:99:48:49:e7:17:ff:6f:dc:48:90:1c:d3:0d:81:
                    cf:45:ad:ef:75:c2:b6:e3:34:f3:76:9d:df:02:37:
                    d9:01:83:33:5e:ee:b1:3c:5c:94:4e:3a:df:80:44:
                    20:8b:28:6d:89:56:58:a1:45:6b:69:d5:2b:ef:a7:
                    30:5e:38:f6:0d:ba:57:f2:68:30:af:c7:d8:d4:5b:
                    3c:fb:67:61:61:e5:43:3d:59:41:e7:a8:26:5d:b8:
                    47:82:81:16:95:cd:39:23:a5:58:79:bf:2c:1c:0c:
                    7b:e2:8f:09:0c:04:28:54:01:41:17:41:3a:5b:60:
                    7c:f8:90:da:01:15:47:89:ec:dc:d2:ec:82:0e:33:
                    e2:cd:07:4f:31:10:04:26:ec:90:41:ef:06:b4:d0:
                    88:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:46:87:E0:5C:F0:84:79:C8:F7:BE:6D:5C:CD:0B:5E:BB:EF:BC:C5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/37be519d-0e3d-49b8-b4fa-cb00f7a29ad8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.200.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         09:1d:ee:1d:b4:3c:48:f7:4c:3f:d6:40:65:d7:e1:00:3b:3c:
         bf:a6:de:02:c4:09:c1:87:cb:b4:b9:6c:03:46:4b:90:76:77:
         ec:89:35:f7:51:71:96:72:2f:b6:d6:30:ae:2f:15:02:e4:2b:
         5f:0f:d1:aa:f3:cc:c3:19:43:fb:b0:9b:80:7c:bb:b4:58:ed:
         56:21:96:08:f4:ea:f6:a7:6c:32:63:60:df:aa:d0:8c:f3:c9:
         80:e6:ed:df:77:be:c6:14:12:8b:c9:ab:5d:41:93:87:96:49:
         58:9d:bb:49:65:0f:43:ee:98:5f:14:6c:8e:d7:15:0c:98:5f:
         4f:6b:90:ec:91:56:47:e3:d6:4c:5b:b2:33:91:6c:49:93:4f:
         7f:5f:62:7a:3e:54:a0:bb:73:29:af:76:77:b8:cd:37:e0:24:
         52:f7:16:7f:50:23:3b:54:8e:7d:f3:1b:b5:cb:f3:ba:37:41:
         06:7b:33:0d:da:73:53:73:22:fe:60:24:9e:83:99:86:85:a9:
         67:25:2a:6c:80:2f:4b:ad:16:a2:28:c7:1d:24:d9:b7:b0:60:
         9c:d5:96:e0:cd:6f:43:87:4a:3a:10:1d:f4:24:9f:5a:e4:9d:
         8b:2b:ee:59:d6:48:64:b7:d1:18:4a:a9:ea:c4:95:fb:1f:e2:
         dc:55:2b:8f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAJGEatueqagENbQ2OJ971BNM6tswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI1MDAzMDQzWhcNMjUxMTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A4N2VlMjcyMThjYTI0MzQzN2U1YzdlZTdjY2Y2NThjMjU4
NTMyZGQ3NjU3N2UzMzhhMDA2Y2VhYjM0YzRkNjg2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCTC83fG9iza1KJQxzCB/8Pb07/hlV/d1TNh2uEVP+b5MJt
BeVAd/WVjujHqudL2OxL+lc8LPw4YBUz3cPrdZQFT6o0zUhdZ454yog4V65pSSlB
pBfydkh97TSi5XoiRW75ubEU09zo0QuZSEnnF/9v3EiQHNMNgc9Fre91wrbjNPN2
nd8CN9kBgzNe7rE8XJROOt+ARCCLKG2JVlihRWtp1SvvpzBeOPYNulfyaDCvx9jU
Wzz7Z2Fh5UM9WUHnqCZduEeCgRaVzTkjpVh5vywcDHvijwkMBChUAUEXQTpbYHz4
kNoBFUeJ7NzS7IIOM+LNB08xEAQm7JBB7wa00IgBAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU+0aH4FzwhHnI975tXM0LXrvvvMUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM3YmU1MTlkLTBlM2QtNDliOC1iNGZhLWNiMDBmN2EyOWFkOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAVoyOAwDQYJKoZIhvcNAQELBQADggEBAAkd7h20PEj3TD/WQGXX4QA7PL+m
3gLECcGHy7S5bANGS5B2d+yJNfdRcZZyL7bWMK4vFQLkK18P0arzzMMZQ/uwm4B8
u7RY7VYhlgj06vanbDJjYN+q0IzzyYDm7d93vsYUEovJq11Bk4eWSVidu0llD0Pu
mF8UbI7XFQyYX09rkOyRVkfj1kxbsjORbEmTT39fYno+VKC7cymvdne4zTfgJFL3
Fn9QIztUjn3zG7XL87o3QQZ7Mw3ac1NzIv5gJJ6DmYaFqWclKmyAL0utFqIoxx0k
2bewYJzVluDNb0OHSjoQHfQkn1rknYsr7lnWSGS30RhKqerElfsf4txVK48=
-----END CERTIFICATE-----