Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a1f4fe2a-7fae-4e52-a929-216d3cdb96ee.roa
File:                     a1f4fe2a-7fae-4e52-a929-216d3cdb96ee.roa (raw, json)
Hash identifier:          VxNjQKxDfYVwImCNAMyxNWhNdRshQ0hE+tmUdWpHBng=
Subject key identifier:   68:95:89:06:E5:35:21:73:C1:1E:A9:9C:A3:DC:8F:52:30:57:37:46
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       07691592EE20910A6AF88ED09DBE4EB58AC4A836
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a1f4fe2a-7fae-4e52-a929-216d3cdb96ee.roa
Signing time:             Tue 21 Oct 2025 00:10:08 +0000
ROA not before:           Tue 21 Oct 2025 00:10:08 +0000
ROA not after:            Tue 25 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        182.24.0.0/14 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:69:15:92:ee:20:91:0a:6a:f8:8e:d0:9d:be:4e:b5:8a:c4:a8:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 21 00:10:08 2025 GMT
            Not After : Nov 25 23:59:59 2025 GMT
        Subject: serialNumber=db4fa3a5a9305c502003e5f670e9b694ce24815dcb5bc28425757ddd51c6463b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:26:0f:62:3a:fa:5b:8a:d1:7c:e0:f2:7f:47:
                    a4:84:e0:8d:d1:81:9b:a7:3a:5b:09:2c:ba:da:58:
                    66:9f:da:e3:9b:54:db:c0:e8:fe:60:c0:e0:b2:a0:
                    36:57:38:e8:33:d6:51:9d:69:2d:46:2e:bb:c4:11:
                    76:e8:2b:4b:68:d3:cd:32:7e:fc:9d:e8:f6:07:ac:
                    99:d6:05:4e:63:04:95:41:e2:b8:9f:76:d1:9f:b9:
                    4e:1c:4a:bc:bf:c2:bc:3f:e4:65:b2:78:b0:f8:80:
                    d7:d6:dc:5f:2e:6c:72:37:6d:ec:80:e6:5d:72:60:
                    8e:17:4f:6b:4f:c5:7c:e7:20:76:59:37:85:d3:f9:
                    1b:57:b1:4e:ab:f8:c8:7d:e6:7d:04:7b:7c:67:61:
                    86:44:89:7b:a7:05:19:6e:6a:f8:94:0e:32:72:2b:
                    d4:44:d0:8e:88:44:1a:5a:36:5c:b1:f0:ed:91:d7:
                    1d:08:7a:c2:f6:a4:2a:18:95:bd:dd:d0:34:8f:51:
                    e5:e9:83:dc:55:c9:7c:0c:cf:c3:0c:88:c8:6b:5e:
                    74:51:4f:e0:98:3d:dd:93:0b:04:ac:2c:db:e4:96:
                    fb:fe:19:99:1b:44:05:02:95:18:58:60:ef:61:ce:
                    d0:11:14:b7:5e:d6:45:39:ac:3d:08:4d:bc:c5:08:
                    1a:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:95:89:06:E5:35:21:73:C1:1E:A9:9C:A3:DC:8F:52:30:57:37:46
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a1f4fe2a-7fae-4e52-a929-216d3cdb96ee.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.24.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         88:f7:ec:8c:50:cc:29:e4:33:72:7d:4d:99:49:de:43:e8:b3:
         b6:20:53:72:c3:f8:27:9f:f4:d8:26:41:20:b6:63:4a:13:67:
         b6:47:5d:74:35:3c:60:fc:53:0c:29:79:01:f6:29:27:c9:62:
         c4:63:b7:a5:2a:7e:6d:dd:52:e6:2d:2b:94:ca:0c:62:f4:5e:
         53:f9:f4:5a:9b:74:6e:11:dd:a0:53:c7:8c:7e:0f:28:98:2c:
         10:ea:8b:51:fb:8e:7b:6d:b6:4a:0a:19:22:83:5e:03:bd:8c:
         b9:aa:74:9c:93:58:62:cc:82:ee:cc:d8:29:ef:76:c9:26:6b:
         35:64:17:67:10:2b:8e:88:42:87:f3:23:48:24:02:eb:19:e4:
         c9:ec:3f:b9:1b:27:a0:82:40:10:19:c8:91:63:27:5d:ca:f4:
         84:4d:f1:a7:40:d8:a7:2c:ed:7e:d0:da:70:e4:91:63:6f:e0:
         43:95:64:7a:04:ab:b6:d0:2d:4d:61:8b:9d:aa:28:ed:c8:a3:
         43:41:14:5a:7f:fc:7f:fa:f3:3f:bf:83:7d:7d:b3:5c:3f:38:
         24:b0:22:af:67:93:93:24:24:40:f9:78:00:b7:9e:66:32:39:
         d4:ee:a4:fb:ff:24:2f:2a:d1:8a:ee:8c:fc:64:17:c7:76:8e:
         c3:35:e4:47
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUB2kVku4gkQpq+I7Qnb5OtYrEqDYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIxMDAxMDA4WhcNMjUxMTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0BkYjRmYTNhNWE5MzA1YzUwMjAwM2U1ZjY3MGU5YjY5NGNl
MjQ4MTVkY2I1YmMyODQyNTc1N2RkZDUxYzY0NjNiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpJg9iOvpbitF84PJ/R6SE4I3RgZunOlsJLLraWGaf2uOb
VNvA6P5gwOCyoDZXOOgz1lGdaS1GLrvEEXboK0to080yfvyd6PYHrJnWBU5jBJVB
4rifdtGfuU4cSry/wrw/5GWyeLD4gNfW3F8ubHI3beyA5l1yYI4XT2tPxXznIHZZ
N4XT+RtXsU6r+Mh95n0Ee3xnYYZEiXunBRluaviUDjJyK9RE0I6IRBpaNlyx8O2R
1x0IesL2pCoYlb3d0DSPUeXpg9xVyXwMz8MMiMhrXnRRT+CYPd2TCwSsLNvklvv+
GZkbRAUClRhYYO9hztARFLde1kU5rD0ITbzFCBqHAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUaJWJBuU1IXPBHqmco9yPUjBXN0YwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ExZjRmZTJhLTdmYWUtNGU1Mi1hOTI5LTIxNmQzY2RiOTZlZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwK2GDANBgkqhkiG9w0BAQsFAAOCAQEAiPfsjFDMKeQzcn1NmUneQ+iztiBT
csP4J5/02CZBILZjShNntkdddDU8YPxTDCl5AfYpJ8lixGO3pSp+bd1S5i0rlMoM
YvReU/n0Wpt0bhHdoFPHjH4PKJgsEOqLUfuOe222SgoZIoNeA72Muap0nJNYYsyC
7szYKe92ySZrNWQXZxArjohCh/MjSCQC6xnkyew/uRsnoIJAEBnIkWMnXcr0hE3x
p0DYpyztftDacOSRY2/gQ5VkegSrttAtTWGLnaoo7cijQ0EUWn/8f/rzP7+DfX2z
XD84JLAir2eTkyQkQPl4ALeeZjI51O6k+/8kLyrRiu6M/GQXx3aOwzXkRw==
-----END CERTIFICATE-----