Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/79931b83-9888-42c4-8cab-49d3b3177907.roa
File:                     79931b83-9888-42c4-8cab-49d3b3177907.roa (raw, json)
Hash identifier:          EvXDEeb9kPIyuPDLevUY+GOjyN9KDcqoSsT5oho12lE=
Subject key identifier:   78:68:31:00:A6:AA:0A:31:70:42:A8:99:F9:6D:AA:BB:21:9E:62:FC
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       21F4CF3FBB00A74BFD30C41E54736AC90B73E990
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/79931b83-9888-42c4-8cab-49d3b3177907.roa
Signing time:             Tue 28 Oct 2025 01:00:08 +0000
ROA not before:           Tue 28 Oct 2025 01:00:08 +0000
ROA not after:            Tue 02 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        64.252.103.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:f4:cf:3f:bb:00:a7:4b:fd:30:c4:1e:54:73:6a:c9:0b:73:e9:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 28 01:00:08 2025 GMT
            Not After : Dec  2 23:59:59 2025 GMT
        Subject: serialNumber=c5edc7792d8291e7f9a4794a363772a6c009f29575089ff416308bce2aa1ffba, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:94:80:f8:5b:6b:f0:08:c9:f5:e7:93:63:76:
                    2f:14:a3:56:dc:2a:c8:f3:d4:ec:5f:15:fd:20:a1:
                    7f:82:a8:91:ef:14:3e:b2:f3:cd:35:47:e7:9d:72:
                    59:e0:37:12:b6:cc:37:de:44:10:40:f5:a3:33:9f:
                    5c:28:c1:36:a5:eb:a3:77:f7:12:3c:c3:38:c1:15:
                    93:06:e1:7f:8f:be:98:d5:53:0d:1f:b0:40:c6:d1:
                    e2:f3:76:7c:eb:01:ae:fd:a8:6d:46:59:95:b3:1e:
                    09:9d:8c:13:d5:f5:12:e7:17:c1:41:03:67:4d:49:
                    f8:5a:8b:4f:d1:94:b8:35:68:87:cf:4a:d6:9c:87:
                    31:54:87:ae:38:5a:7a:55:61:5d:f0:3d:7a:ca:80:
                    c7:97:1c:ea:88:21:43:cf:05:09:90:27:62:1e:0f:
                    47:52:a6:db:2a:81:da:a7:8a:ff:49:19:ef:87:a7:
                    7f:96:fe:6d:9f:fe:8b:4c:d1:b7:ac:e0:7e:6d:3e:
                    3f:8d:60:3f:cf:b9:a2:68:fb:78:22:f2:e5:ab:73:
                    94:ab:97:53:69:c1:ac:15:3e:74:3c:04:2c:06:c9:
                    3b:c4:01:e1:17:06:fb:01:b4:0d:db:ef:f8:d1:e2:
                    68:aa:7f:88:f4:b6:25:dc:1d:94:1f:66:bf:bc:1c:
                    80:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:68:31:00:A6:AA:0A:31:70:42:A8:99:F9:6D:AA:BB:21:9E:62:FC
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/79931b83-9888-42c4-8cab-49d3b3177907.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.252.103.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a0:20:16:c0:15:34:dc:c9:9b:b8:72:7c:10:f8:c9:be:6a:7f:
         bf:fc:e4:95:49:7a:9a:d3:79:5a:27:af:ec:fc:8c:87:dc:56:
         86:ae:07:38:2c:1d:0f:0f:99:25:0a:bc:81:a7:85:58:56:73:
         16:88:7d:c9:31:09:4f:7e:e1:11:b9:1e:97:da:6e:8b:c8:1b:
         67:84:78:b3:14:77:42:55:70:92:20:10:f8:26:9d:d3:1a:93:
         c8:64:51:2d:96:f1:1a:9c:30:aa:c7:d6:98:47:f4:f9:ef:eb:
         4f:35:0b:44:34:c2:1e:5b:8c:f3:71:e2:02:5f:d7:ee:a4:07:
         50:42:44:a6:0d:27:58:e9:b2:26:d4:06:7f:b5:ae:15:e6:56:
         d0:85:1b:8f:9e:b6:ed:08:7e:84:22:14:74:23:5d:39:15:39:
         69:7b:01:ba:66:68:a6:1c:5f:f3:a3:eb:34:d9:81:78:65:d3:
         39:35:c3:36:75:7d:22:e3:62:41:ec:36:4d:97:21:6e:92:27:
         4b:3d:7d:3f:c1:1b:61:41:af:1b:cf:23:02:c9:89:c3:f5:58:
         1d:9c:2e:24:06:c8:7f:57:03:2c:b0:d3:f2:c2:f7:50:af:9d:
         ea:d0:87:1a:f9:81:11:45:4e:28:ae:3b:f7:53:d1:60:96:cc:
         83:60:5a:df
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIfTPP7sAp0v9MMQeVHNqyQtz6ZAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI4MDEwMDA4WhcNMjUxMjAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BjNWVkYzc3OTJkODI5MWU3ZjlhNDc5NGEzNjM3NzJhNmMw
MDlmMjk1NzUwODlmZjQxNjMwOGJjZTJhYTFmZmJhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCclID4W2vwCMn155Njdi8Uo1bcKsjz1OxfFf0goX+CqJHv
FD6y8801R+edclngNxK2zDfeRBBA9aMzn1wowTal66N39xI8wzjBFZMG4X+PvpjV
Uw0fsEDG0eLzdnzrAa79qG1GWZWzHgmdjBPV9RLnF8FBA2dNSfhai0/RlLg1aIfP
StachzFUh644WnpVYV3wPXrKgMeXHOqIIUPPBQmQJ2IeD0dSptsqgdqniv9JGe+H
p3+W/m2f/otM0bes4H5tPj+NYD/PuaJo+3gi8uWrc5Srl1NpwawVPnQ8BCwGyTvE
AeEXBvsBtA3b7/jR4miqf4j0tiXcHZQfZr+8HID1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUeGgxAKaqCjFwQqiZ+W2quyGeYvwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc5OTMxYjgzLTk4ODgtNDJjNC04Y2FiLTQ5ZDNiMzE3NzkwNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABA/GcwDQYJKoZIhvcNAQELBQADggEBAKAgFsAVNNzJm7hyfBD4yb5qf7/8
5JVJeprTeVonr+z8jIfcVoauBzgsHQ8PmSUKvIGnhVhWcxaIfckxCU9+4RG5Hpfa
bovIG2eEeLMUd0JVcJIgEPgmndMak8hkUS2W8RqcMKrH1phH9Pnv6081C0Q0wh5b
jPNx4gJf1+6kB1BCRKYNJ1jpsibUBn+1rhXmVtCFG4+etu0IfoQiFHQjXTkVOWl7
AbpmaKYcX/Oj6zTZgXhl0zk1wzZ1fSLjYkHsNk2XIW6SJ0s9fT/BG2FBrxvPIwLJ
icP1WB2cLiQGyH9XAyyw0/LC91CvnerQhxr5gRFFTiiuO/dT0WCWzINgWt8=
-----END CERTIFICATE-----