Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/75da3273-1141-407e-8be6-2c12ada7102b.roa
File:                     75da3273-1141-407e-8be6-2c12ada7102b.roa (raw, json)
Hash identifier:          kcxpiu+zq51k2YQ8OXh9BJKL2q5HBU2Prwh94J5FJek=
Subject key identifier:   4E:59:45:2B:8B:29:44:CE:09:99:93:02:75:FA:41:AF:40:D2:C2:B6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       46D2867EB21AA45E3D85440A143F69589B8745A4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/75da3273-1141-407e-8be6-2c12ada7102b.roa
Signing time:             Tue 21 Oct 2025 00:00:09 +0000
ROA not before:           Tue 21 Oct 2025 00:00:09 +0000
ROA not after:            Tue 25 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        82.176.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:d2:86:7e:b2:1a:a4:5e:3d:85:44:0a:14:3f:69:58:9b:87:45:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 21 00:00:09 2025 GMT
            Not After : Nov 25 23:59:59 2025 GMT
        Subject: serialNumber=d3e6cd40041c9ed118c4a7352c737b3242ae6e19a1eceeac7dbb35f430682525, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:53:e1:35:39:01:d7:49:5c:00:62:d4:2c:be:
                    ac:ee:53:a3:09:b2:51:94:c9:f6:b7:26:c1:b2:f9:
                    9d:8e:c9:e6:76:63:6e:dd:d1:2d:8c:b6:5d:ba:0f:
                    49:7f:d9:f9:40:43:89:26:8a:25:b3:1e:c7:e1:d3:
                    1a:52:7f:25:80:28:b3:51:1a:c3:66:bc:65:ff:27:
                    ad:72:ab:10:ba:ad:38:22:da:fb:53:1b:38:2b:ea:
                    bf:aa:b8:c8:99:23:e5:4a:85:6f:01:a5:fe:64:b2:
                    b1:8b:8e:2d:53:9b:2c:c2:e8:11:aa:ba:9b:62:3f:
                    34:3d:d6:d3:85:ce:6b:68:b0:86:b4:84:71:ad:fe:
                    ca:ba:2c:09:5b:2e:74:6c:b0:b7:3b:c0:c2:a5:82:
                    91:2f:70:14:c7:6b:34:b9:54:d7:69:37:65:c2:57:
                    20:85:f5:25:ff:4b:3d:a4:2e:1d:63:51:73:fb:97:
                    79:ac:93:d9:1e:bd:5b:8c:1d:29:18:25:28:0c:ec:
                    a6:5b:0d:2c:34:3b:03:5a:af:67:65:c3:65:20:45:
                    2e:8e:60:1a:97:b8:d6:1a:b8:18:db:78:ef:3d:83:
                    d7:60:1d:0d:86:c2:d0:58:bf:85:f0:ff:fb:7e:f4:
                    39:f3:54:a3:3d:a9:ee:1f:e9:62:71:cf:17:ac:d1:
                    9f:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:59:45:2B:8B:29:44:CE:09:99:93:02:75:FA:41:AF:40:D2:C2:B6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/75da3273-1141-407e-8be6-2c12ada7102b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.176.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         d0:9e:fe:12:27:96:e5:da:58:f7:a0:8f:67:e7:6b:c8:9b:5e:
         bc:cb:cd:ae:4b:2f:7e:19:72:d5:57:5f:d6:d1:8b:a0:06:24:
         cf:91:0f:73:13:b3:47:8c:3c:2e:c5:a2:91:3f:18:66:2f:1a:
         2f:c1:76:9d:eb:6e:76:63:17:8a:30:3c:4c:c8:4b:01:23:7d:
         ae:a1:ee:35:d3:33:79:4b:f7:60:dd:06:20:35:ad:ac:eb:52:
         34:49:fe:66:ce:92:bb:0b:70:7d:c1:c9:d6:5a:ea:f1:e6:fb:
         2d:2d:c6:6e:34:3e:0c:57:08:3a:b1:a7:63:6e:88:49:de:73:
         2d:dc:cd:72:3e:e7:60:4b:90:cf:a0:85:52:8a:be:1d:67:b3:
         fa:52:79:a7:f3:20:32:d2:55:40:88:ad:68:1b:f5:7c:27:f7:
         d0:d6:7d:eb:8a:2a:2a:1b:fb:c6:8a:84:67:b5:de:0c:5d:8a:
         8c:31:a0:9c:f1:c4:48:48:dd:a8:02:70:ec:93:95:64:fe:42:
         df:a6:6e:0e:2f:27:12:95:ba:9b:ed:7c:61:3c:d7:6d:82:67:
         a1:3e:b8:99:e7:c7:a4:9b:94:33:b9:f6:90:22:fd:da:51:b2:
         db:c9:52:ee:27:5b:a6:3e:55:7f:8f:af:26:17:9a:b4:88:35:
         ff:ca:2a:1c
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIURtKGfrIapF49hUQKFD9pWJuHRaQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIxMDAwMDA5WhcNMjUxMTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0BkM2U2Y2Q0MDA0MWM5ZWQxMThjNGE3MzUyYzczN2IzMjQy
YWU2ZTE5YTFlY2VlYWM3ZGJiMzVmNDMwNjgyNTI1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC6U+E1OQHXSVwAYtQsvqzuU6MJslGUyfa3JsGy+Z2OyeZ2
Y27d0S2Mtl26D0l/2flAQ4kmiiWzHsfh0xpSfyWAKLNRGsNmvGX/J61yqxC6rTgi
2vtTGzgr6r+quMiZI+VKhW8Bpf5ksrGLji1TmyzC6BGquptiPzQ91tOFzmtosIa0
hHGt/sq6LAlbLnRssLc7wMKlgpEvcBTHazS5VNdpN2XCVyCF9SX/Sz2kLh1jUXP7
l3msk9kevVuMHSkYJSgM7KZbDSw0OwNar2dlw2UgRS6OYBqXuNYauBjbeO89g9dg
HQ2GwtBYv4Xw//t+9DnzVKM9qe4f6WJxzxes0Z/tAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUTllFK4spRM4JmZMCdfpBr0DSwrYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc1ZGEzMjczLTExNDEtNDA3ZS04YmU2LTJjMTJhZGE3MTAyYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBSsDANBgkqhkiG9w0BAQsFAAOCAQEA0J7+EieW5dpY96CPZ+dryJtevMvN
rksvfhly1Vdf1tGLoAYkz5EPcxOzR4w8LsWikT8YZi8aL8F2netudmMXijA8TMhL
ASN9rqHuNdMzeUv3YN0GIDWtrOtSNEn+Zs6SuwtwfcHJ1lrq8eb7LS3GbjQ+DFcI
OrGnY26ISd5zLdzNcj7nYEuQz6CFUoq+HWez+lJ5p/MgMtJVQIitaBv1fCf30NZ9
64oqKhv7xoqEZ7XeDF2KjDGgnPHESEjdqAJw7JOVZP5C36ZuDi8nEpW6m+18YTzX
bYJnoT64mefHpJuUM7n2kCL92lGy28lS7idbpj5Vf4+vJheatIg1/8oqHA==
-----END CERTIFICATE-----