Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/482e401f-8bd4-49bd-aa37-5a143d94fa53.roa
File:                     482e401f-8bd4-49bd-aa37-5a143d94fa53.roa (raw, json)
Hash identifier:          Jlr/ZXCUAfXnEEsEA5rhyKI72UfA4BoNTnTs1gvjOhs=
Subject key identifier:   06:A1:53:85:4B:19:A9:79:E8:55:A0:56:FC:6B:E6:DE:DE:E4:D2:CC
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2FA07E1D3A2AF053AED5950C65A95FD9E81254DF
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/482e401f-8bd4-49bd-aa37-5a143d94fa53.roa
Signing time:             Sun 26 Oct 2025 00:30:53 +0000
ROA not before:           Sun 26 Oct 2025 00:30:53 +0000
ROA not after:            Sun 30 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        64.252.108.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:a0:7e:1d:3a:2a:f0:53:ae:d5:95:0c:65:a9:5f:d9:e8:12:54:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 26 00:30:53 2025 GMT
            Not After : Nov 30 23:59:59 2025 GMT
        Subject: serialNumber=f3ec87f2083d5db1121ae4109a6b21c5d099736686c265f8d53dd55b0ff1dd96, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:da:28:7a:fc:fe:f8:fd:aa:a6:fb:8a:27:54:
                    06:2d:2e:48:8a:d8:b3:13:ee:98:ce:2a:0e:5c:f4:
                    eb:74:93:99:21:14:fb:86:fb:1d:d5:6c:f9:a1:f7:
                    32:36:d5:6b:a3:2d:29:f3:36:17:61:08:08:5b:59:
                    11:7c:62:01:11:a9:dc:14:d6:cd:ed:4d:93:98:82:
                    ce:cf:73:c4:81:39:58:25:a9:98:c6:aa:9d:f3:48:
                    0a:54:6e:18:d2:36:13:9c:ce:b3:06:15:b2:17:55:
                    ba:a6:49:1c:3b:ed:2c:df:46:21:88:a5:8b:05:cb:
                    41:5d:33:93:de:94:61:98:c1:cf:e5:b5:b5:2a:f4:
                    c9:02:1f:a6:9d:1b:10:e1:18:ba:8b:52:29:fb:fe:
                    06:da:26:ae:c8:a5:6d:5f:b8:61:16:a0:b3:3c:9f:
                    cf:7b:51:49:9b:a3:3a:7d:30:b2:96:70:c3:cc:cd:
                    b3:08:05:cc:65:c9:dc:da:87:ee:32:c7:38:14:86:
                    5a:14:ef:f9:b8:4e:8f:32:3b:b4:1e:f2:01:86:03:
                    f0:e4:f9:8e:6c:61:ce:2f:d8:17:c8:72:04:a8:09:
                    74:b7:bb:66:da:83:b2:d0:59:24:c8:1e:3a:a8:7c:
                    c0:9a:15:47:16:f7:b2:3d:b0:e7:4d:38:4e:2d:a9:
                    b9:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:A1:53:85:4B:19:A9:79:E8:55:A0:56:FC:6B:E6:DE:DE:E4:D2:CC
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/482e401f-8bd4-49bd-aa37-5a143d94fa53.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.252.108.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:9a:a4:c8:4d:14:e3:22:62:f2:30:1b:c2:eb:95:ee:e2:81:
         d2:1b:f2:5f:da:23:c4:b8:26:67:ed:6f:b4:19:bb:c6:f7:1a:
         5a:c2:47:64:2c:3d:eb:80:b0:3c:95:bb:31:51:5c:de:2d:b9:
         4e:fa:9b:12:ed:d0:1a:c4:b3:b2:b7:fd:07:ad:e5:f5:85:47:
         fc:1e:e4:88:a5:5a:6a:ea:4e:2b:5b:0c:6d:e9:b2:2c:63:fd:
         94:3b:5c:70:21:02:3e:51:ed:a5:43:ae:2d:45:88:a8:73:6e:
         bc:8f:78:de:81:14:93:1b:20:d7:aa:3a:7a:31:69:bc:5e:82:
         cf:d5:ae:71:59:68:b9:60:e1:2c:51:10:ff:4e:1a:a0:e1:85:
         b6:ae:49:1e:e1:b0:3e:7b:0a:20:ed:7c:80:ca:6b:e3:d9:25:
         7d:61:82:7f:1c:7f:b4:ed:5e:eb:00:32:99:b8:66:48:2b:d7:
         e2:51:75:96:41:ec:39:e1:0f:f3:50:90:93:e5:9d:d5:11:5e:
         ff:b2:85:2a:09:f0:7f:1b:de:68:74:7b:d0:35:6d:29:8e:1d:
         ac:31:86:f9:10:38:cc:99:44:08:fb:85:7f:c8:02:db:e7:04:
         b9:7f:2b:56:8e:d9:6d:3d:21:b8:5e:f8:77:e5:f9:ae:19:01:
         5b:ba:a1:04
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUL6B+HToq8FOu1ZUMZalf2egSVN8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI2MDAzMDUzWhcNMjUxMTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BmM2VjODdmMjA4M2Q1ZGIxMTIxYWU0MTA5YTZiMjFjNWQw
OTk3MzY2ODZjMjY1ZjhkNTNkZDU1YjBmZjFkZDk2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC62ih6/P74/aqm+4onVAYtLkiK2LMT7pjOKg5c9Ot0k5kh
FPuG+x3VbPmh9zI21WujLSnzNhdhCAhbWRF8YgERqdwU1s3tTZOYgs7Pc8SBOVgl
qZjGqp3zSApUbhjSNhOczrMGFbIXVbqmSRw77SzfRiGIpYsFy0FdM5PelGGYwc/l
tbUq9MkCH6adGxDhGLqLUin7/gbaJq7IpW1fuGEWoLM8n897UUmbozp9MLKWcMPM
zbMIBcxlydzah+4yxzgUhloU7/m4To8yO7Qe8gGGA/Dk+Y5sYc4v2BfIcgSoCXS3
u2bag7LQWSTIHjqofMCaFUcW97I9sOdNOE4tqbmbAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUBqFThUsZqXnoVaBW/Gvm3t7k0swwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ4MmU0MDFmLThiZDQtNDliZC1hYTM3LTVhMTQzZDk0ZmE1My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABA/GwwDQYJKoZIhvcNAQELBQADggEBAGKapMhNFOMiYvIwG8Lrle7igdIb
8l/aI8S4Jmftb7QZu8b3GlrCR2QsPeuAsDyVuzFRXN4tuU76mxLt0BrEs7K3/Qet
5fWFR/we5IilWmrqTitbDG3psixj/ZQ7XHAhAj5R7aVDri1FiKhzbryPeN6BFJMb
INeqOnoxabxegs/VrnFZaLlg4SxREP9OGqDhhbauSR7hsD57CiDtfIDKa+PZJX1h
gn8cf7TtXusAMpm4Zkgr1+JRdZZB7DnhD/NQkJPlndURXv+yhSoJ8H8b3mh0e9A1
bSmOHawxhvkQOMyZRAj7hX/IAtvnBLl/K1aO2W09Ibhe+Hfl+a4ZAVu6oQQ=
-----END CERTIFICATE-----