Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6f026282-f10b-4ef5-906c-37599d97fc01.roa
File:                     6f026282-f10b-4ef5-906c-37599d97fc01.roa (raw, json)
Hash identifier:          rhXjnQNXS/pXXr99sJHGp5qnXaprwfyuiWbnjIMMbX8=
Subject key identifier:   EA:41:CB:C6:05:98:95:DC:AC:2B:F0:C8:4E:C6:79:D8:F9:AD:FD:B0
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4856E66E03F54C8630C01871B47237136F4520FC
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6f026282-f10b-4ef5-906c-37599d97fc01.roa
Signing time:             Sun 02 Nov 2025 00:41:23 +0000
ROA not before:           Sun 02 Nov 2025 00:41:23 +0000
ROA not after:            Sun 07 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.151.160.0/21 maxlen: 21
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:56:e6:6e:03:f5:4c:86:30:c0:18:71:b4:72:37:13:6f:45:20:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  2 00:41:23 2025 GMT
            Not After : Dec  7 23:59:59 2025 GMT
        Subject: serialNumber=2433a78deb7629bbd74c0f9af28d3d9f5b25996a9c8b9ee549f820a2566b16d7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:5e:1a:d7:43:0a:c6:b5:10:c5:0a:2b:36:0b:
                    f4:54:1b:bd:96:fc:41:7b:03:22:64:99:a2:ea:70:
                    41:08:13:dd:59:cc:26:47:f8:56:49:5e:21:1f:6e:
                    8b:45:f3:16:fd:fc:ad:cb:42:8c:dc:c2:ff:9c:5d:
                    e2:d6:2e:b8:2f:c1:67:0b:4e:cb:d4:6b:42:cb:2d:
                    f7:4f:64:04:70:d4:02:81:88:26:7e:3f:19:1d:39:
                    e6:89:9d:5e:73:32:ae:f5:fc:7b:6d:dd:3e:b6:1c:
                    9e:5f:a8:7e:26:57:8b:83:37:83:43:aa:be:2c:0c:
                    1e:29:63:3f:18:18:81:84:eb:55:c0:11:52:30:cf:
                    5d:30:56:36:b3:95:a5:57:10:8c:30:16:26:50:82:
                    53:cc:c6:c1:4d:f4:4f:3d:c2:2f:e2:ce:3b:e7:6f:
                    56:bb:c8:16:9c:63:d8:63:6f:03:f8:33:e0:66:ce:
                    54:2d:ca:f1:87:2a:e0:f4:ec:b1:e9:86:0c:db:bc:
                    27:19:b8:24:7d:3e:e0:ec:71:75:a8:05:7c:f1:10:
                    5d:72:8d:e3:e8:97:cb:dd:d1:e9:da:b6:85:82:56:
                    a0:b8:6b:65:bd:29:2b:ff:63:bc:04:39:06:c3:aa:
                    4e:83:a9:fb:37:e5:53:7d:fa:0d:74:fd:dc:31:2d:
                    b6:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:41:CB:C6:05:98:95:DC:AC:2B:F0:C8:4E:C6:79:D8:F9:AD:FD:B0
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6f026282-f10b-4ef5-906c-37599d97fc01.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.151.160.0/21

    Signature Algorithm: sha256WithRSAEncryption
         63:e0:ee:07:7c:32:08:63:c1:e3:63:43:b8:1c:6a:a8:24:e3:
         1a:0d:27:16:27:ca:4c:c6:22:54:83:21:d3:55:58:d6:49:75:
         1f:c3:6d:82:69:9c:3e:dc:9d:dd:27:3c:46:02:e7:dc:4e:51:
         f9:0d:a4:52:c3:e2:80:6f:75:72:89:39:3a:7e:44:67:e7:0e:
         1f:62:12:0e:7b:13:9e:fc:da:ad:dc:94:a3:04:ff:01:d8:c2:
         de:38:63:db:93:fa:5c:c6:c9:06:05:eb:9c:30:2a:f1:3b:f6:
         03:72:3e:f8:4b:9d:a4:d0:1f:c6:b0:fd:fd:cb:3c:ac:77:8b:
         c2:07:24:54:4e:99:e8:32:66:6f:84:13:31:b0:f1:7e:77:77:
         83:08:05:3e:37:95:cc:0c:1d:6d:2b:89:ce:25:26:00:08:0e:
         45:01:88:47:37:46:33:d5:fc:c4:4e:67:af:96:1a:4a:1f:c3:
         bc:55:d8:f5:db:d3:f8:ce:c4:3b:fd:52:12:ca:a5:5b:58:0d:
         d2:65:46:01:aa:4d:79:ba:58:45:bb:e9:67:da:30:a3:3c:3d:
         f6:9c:00:10:ff:1f:68:ff:3e:9f:a1:ec:22:85:08:eb:48:dd:
         a7:e9:75:23:36:0a:55:3b:f7:be:df:03:e6:66:80:8b:b5:3b:
         fa:ac:fd:21
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSFbmbgP1TIYwwBhxtHI3E29FIPwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTAyMDA0MTIzWhcNMjUxMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0AyNDMzYTc4ZGViNzYyOWJiZDc0YzBmOWFmMjhkM2Q5ZjVi
MjU5OTZhOWM4YjllZTU0OWY4MjBhMjU2NmIxNmQ3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCxXhrXQwrGtRDFCis2C/RUG72W/EF7AyJkmaLqcEEIE91Z
zCZH+FZJXiEfbotF8xb9/K3LQozcwv+cXeLWLrgvwWcLTsvUa0LLLfdPZARw1AKB
iCZ+PxkdOeaJnV5zMq71/Htt3T62HJ5fqH4mV4uDN4NDqr4sDB4pYz8YGIGE61XA
EVIwz10wVjazlaVXEIwwFiZQglPMxsFN9E89wi/izjvnb1a7yBacY9hjbwP4M+Bm
zlQtyvGHKuD07LHphgzbvCcZuCR9PuDscXWoBXzxEF1yjePol8vd0enatoWCVqC4
a2W9KSv/Y7wEOQbDqk6Dqfs35VN9+g10/dwxLbafAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU6kHLxgWYldysK/DITsZ52Pmt/bAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZmMDI2MjgyLWYxMGItNGVmNS05MDZjLTM3NTk5ZDk3ZmMwMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANjl6AwDQYJKoZIhvcNAQELBQADggEBAGPg7gd8MghjweNjQ7gcaqgk4xoN
JxYnykzGIlSDIdNVWNZJdR/DbYJpnD7cnd0nPEYC59xOUfkNpFLD4oBvdXKJOTp+
RGfnDh9iEg57E5782q3clKME/wHYwt44Y9uT+lzGyQYF65wwKvE79gNyPvhLnaTQ
H8aw/f3LPKx3i8IHJFROmegyZm+EEzGw8X53d4MIBT43lcwMHW0ric4lJgAIDkUB
iEc3RjPV/MROZ6+WGkofw7xV2PXb0/jOxDv9UhLKpVtYDdJlRgGqTXm6WEW76Wfa
MKM8PfacABD/H2j/Pp+h7CKFCOtI3afpdSM2ClU7977fA+ZmgIu1O/qs/SE=
-----END CERTIFICATE-----