Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7ba02025-0c4b-49eb-a560-246362b48585.roa
File:                     7ba02025-0c4b-49eb-a560-246362b48585.roa (raw, json)
Hash identifier:          NoNMhT4uPkme0/XHBoc873Ww4RbATEKJ9ZpgN9nnzWQ=
Subject key identifier:   10:07:15:79:34:93:62:88:C6:6D:A3:B8:CE:1A:FA:9D:EC:3C:DC:C5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7C3509F4D37EBF952B9A6D58B620E0312EC370AC
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7ba02025-0c4b-49eb-a560-246362b48585.roa
Signing time:             Fri 31 Oct 2025 00:20:04 +0000
ROA not before:           Fri 31 Oct 2025 00:20:04 +0000
ROA not after:            Fri 05 Dec 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        24.110.11.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:35:09:f4:d3:7e:bf:95:2b:9a:6d:58:b6:20:e0:31:2e:c3:70:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 31 00:20:04 2025 GMT
            Not After : Dec  5 23:59:59 2025 GMT
        Subject: serialNumber=138e1aa765a61aa9e67e1673ef70a6a7ce6925d9b8d92d45000e94fd54eb91cf, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:d0:d8:d4:7d:ec:bc:c3:51:7c:a1:7d:98:a7:
                    88:bc:f8:69:43:a8:ed:40:b9:d5:ad:18:4b:df:2f:
                    d1:18:88:35:db:3a:ea:dd:fa:7d:64:cd:55:43:42:
                    c9:e3:c2:98:c0:9f:16:53:b9:63:56:4b:15:57:50:
                    36:56:07:48:5c:c1:95:3c:3b:34:7f:f6:45:52:91:
                    5a:2d:ce:9b:17:0e:b4:9e:71:84:1d:e7:af:d7:01:
                    ab:33:ec:d8:2b:fb:88:78:f3:91:a7:24:45:86:9e:
                    da:02:af:54:16:d6:bb:58:53:69:ad:62:4f:81:5a:
                    b1:9b:5d:1c:68:0f:71:59:52:1b:f3:78:79:4c:1e:
                    42:ea:03:8d:57:78:dd:04:e2:7e:8f:13:20:34:04:
                    5d:8a:52:84:72:b8:16:52:b0:58:cb:74:51:f6:0e:
                    c1:e1:77:da:71:2b:ff:6f:bf:c7:de:ab:ba:b5:bf:
                    ad:ae:08:01:f7:32:1e:f8:ad:7e:3e:55:be:8a:39:
                    50:09:ae:20:6f:6f:00:8f:3a:94:f2:d7:c8:48:34:
                    fa:5e:b0:8b:a8:2f:cc:77:e8:e2:e5:35:1d:89:f4:
                    d9:5b:11:0c:b7:11:41:32:52:b0:f2:52:a3:af:c6:
                    1b:c7:36:63:49:cc:f0:b6:7c:3a:29:57:6d:7b:ca:
                    cd:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:07:15:79:34:93:62:88:C6:6D:A3:B8:CE:1A:FA:9D:EC:3C:DC:C5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7ba02025-0c4b-49eb-a560-246362b48585.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  24.110.11.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d0:bf:aa:c4:ad:89:f2:33:6e:f1:e1:c1:1c:17:b5:02:41:42:
         ba:f0:08:9b:4e:a8:da:5f:13:9f:63:47:75:24:c5:7c:af:91:
         4e:08:07:78:3f:c7:96:5b:a5:fe:ed:26:b3:bf:3e:e2:a9:9f:
         ab:90:f8:57:a5:4d:a0:c7:b2:19:12:c7:37:43:f6:b8:7e:38:
         28:63:35:19:62:2c:80:01:e9:68:4c:63:91:54:bb:44:1f:53:
         6c:cb:69:4f:f0:39:27:71:22:17:10:b3:36:d2:38:51:be:a7:
         e1:e9:30:ef:8e:b2:99:d3:19:6a:66:f9:bc:cb:84:15:e1:89:
         cc:ee:15:82:1f:4a:14:0a:bf:74:9c:17:e2:a9:72:53:a2:71:
         08:b3:5c:69:f2:61:cf:fc:8e:8b:d8:2e:7b:e9:92:9b:39:19:
         a6:50:8a:ec:58:8c:96:82:41:1e:98:e3:dc:b1:fb:36:0c:69:
         ca:02:b9:50:64:80:4a:2e:8a:4f:48:82:80:4c:cc:27:42:64:
         c3:9e:17:1d:6e:ab:19:2b:e9:57:d7:0c:d0:0d:5c:4e:a0:3a:
         25:45:37:da:d6:e4:97:8a:a1:4e:d7:2a:20:4f:e0:89:3b:61:
         8e:89:ab:d3:9b:e2:9d:83:cf:e6:3a:e4:a2:8c:c5:20:50:ce:
         ec:fd:ed:1e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfDUJ9NN+v5Urmm1YtiDgMS7DcKwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDMxMDAyMDA0WhcNMjUxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0AxMzhlMWFhNzY1YTYxYWE5ZTY3ZTE2NzNlZjcwYTZhN2Nl
NjkyNWQ5YjhkOTJkNDUwMDBlOTRmZDU0ZWI5MWNmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDj0NjUfey8w1F8oX2Yp4i8+GlDqO1AudWtGEvfL9EYiDXb
Ourd+n1kzVVDQsnjwpjAnxZTuWNWSxVXUDZWB0hcwZU8OzR/9kVSkVotzpsXDrSe
cYQd56/XAasz7Ngr+4h485GnJEWGntoCr1QW1rtYU2mtYk+BWrGbXRxoD3FZUhvz
eHlMHkLqA41XeN0E4n6PEyA0BF2KUoRyuBZSsFjLdFH2DsHhd9pxK/9vv8feq7q1
v62uCAH3Mh74rX4+Vb6KOVAJriBvbwCPOpTy18hINPpesIuoL8x36OLlNR2J9Nlb
EQy3EUEyUrDyUqOvxhvHNmNJzPC2fDopV217ys3FAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUEAcVeTSTYojGbaO4zhr6new83MUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdiYTAyMDI1LTBjNGItNDllYi1hNTYwLTI0NjM2MmI0ODU4NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAYbgswDQYJKoZIhvcNAQELBQADggEBANC/qsStifIzbvHhwRwXtQJBQrrw
CJtOqNpfE59jR3UkxXyvkU4IB3g/x5Zbpf7tJrO/PuKpn6uQ+FelTaDHshkSxzdD
9rh+OChjNRliLIAB6WhMY5FUu0QfU2zLaU/wOSdxIhcQszbSOFG+p+HpMO+OspnT
GWpm+bzLhBXhiczuFYIfShQKv3ScF+KpclOicQizXGnyYc/8jovYLnvpkps5GaZQ
iuxYjJaCQR6Y49yx+zYMacoCuVBkgEouik9IgoBMzCdCZMOeFx1uqxkr6VfXDNAN
XE6gOiVFN9rW5JeKoU7XKiBP4Ik7YY6Jq9Ob4p2Dz+Y65KKMxSBQzuz97R4=
-----END CERTIFICATE-----