Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/aedf8f32-b690-4e4c-9ce7-bfae770f020d.roa
File:                     aedf8f32-b690-4e4c-9ce7-bfae770f020d.roa (raw, json)
Hash identifier:          8MyuOjVyHA2IkrKByYtHeolSRZqoNMzQR86gC+jVk10=
Subject key identifier:   52:F9:2E:5A:6E:BE:03:9D:E0:FD:4D:18:4E:D7:24:92:3D:8F:03:63
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       778111F115F32C9CAF927639A3420D811BF7A517
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/aedf8f32-b690-4e4c-9ce7-bfae770f020d.roa
Signing time:             Fri 31 Oct 2025 21:24:52 +0000
ROA not before:           Fri 31 Oct 2025 21:24:52 +0000
ROA not after:            Fri 05 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.82.159.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:81:11:f1:15:f3:2c:9c:af:92:76:39:a3:42:0d:81:1b:f7:a5:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 31 21:24:52 2025 GMT
            Not After : Dec  5 23:59:59 2025 GMT
        Subject: serialNumber=eee31fb4b3f70ff6273e57f4a22806f49a85a572cad87040b815288413ec5ac8, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:ab:36:01:eb:e7:0c:f6:2c:8d:96:23:d0:30:
                    55:5a:a1:3c:f6:2f:7a:e7:cb:67:04:e4:7c:b4:de:
                    2a:17:ed:5c:90:cc:1d:32:2f:58:93:9a:84:0a:e0:
                    c1:cb:f5:af:2a:ac:5c:f0:91:6b:a7:93:e0:e7:16:
                    e0:e4:47:03:ae:df:9b:8a:37:88:85:a5:75:ef:b6:
                    b2:9f:6d:e7:53:ed:41:6b:e5:af:6e:6d:35:46:10:
                    3f:50:25:d1:b5:76:95:c0:8a:4f:7b:f2:83:ca:49:
                    30:2b:cf:23:a7:b8:cf:9c:eb:5d:77:14:5f:75:6e:
                    76:ff:60:b2:72:22:ef:3d:c2:fc:64:de:12:65:3c:
                    13:ea:1d:dd:df:5b:74:74:8a:ab:99:e8:a0:c1:47:
                    02:bc:fd:19:4d:58:25:ac:fc:aa:b4:a7:e1:a0:26:
                    af:4e:59:15:db:e5:df:68:03:8f:ae:1f:f5:4c:a5:
                    02:7b:f0:fd:b4:ae:cd:4f:e9:1e:97:47:15:e0:49:
                    18:4d:98:3d:ed:6c:5d:6f:65:38:59:40:51:6a:80:
                    e0:47:fe:37:70:ce:b5:a3:dd:49:60:d6:ab:4e:3e:
                    07:9c:f3:1e:36:8a:06:b0:e0:a0:a8:0e:d1:1f:77:
                    ce:77:c2:4f:f1:aa:33:da:d5:95:4a:82:28:48:62:
                    7d:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:F9:2E:5A:6E:BE:03:9D:E0:FD:4D:18:4E:D7:24:92:3D:8F:03:63
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/aedf8f32-b690-4e4c-9ce7-bfae770f020d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.82.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a0:8c:73:88:dc:5e:1a:37:b8:c5:fb:fe:f4:a2:24:de:90:67:
         da:32:47:8b:7a:43:d3:a6:a5:4d:28:00:2d:b3:0e:d1:88:cb:
         8e:74:d4:d2:44:59:f0:a4:49:d7:d4:3d:6c:91:cf:1f:e3:7e:
         3e:20:ef:8a:fb:e4:59:e7:03:43:c8:4f:20:d2:fc:9b:f7:c8:
         8e:39:c6:6a:10:b2:cd:94:98:62:a3:96:52:48:fc:e5:c4:53:
         52:2a:5b:48:ed:d2:1f:5a:a8:4f:c5:62:b4:e9:e9:59:76:6a:
         da:f1:0a:c0:57:46:89:48:81:ec:d6:7d:6c:bc:db:5f:31:41:
         86:ba:7d:0c:5d:de:4e:64:ec:31:22:5e:13:ad:b4:62:e7:13:
         e3:f2:b3:d6:ed:b3:8b:18:7d:64:e1:b5:84:3b:c1:46:1a:d4:
         e7:9b:df:e2:7a:f5:d8:aa:f4:b2:38:20:32:87:5c:f2:f9:90:
         5b:bd:6b:40:e8:64:00:4c:66:7d:41:c8:5c:4d:57:51:c6:e5:
         ed:6c:83:76:c2:92:2c:6a:6b:60:f2:48:20:61:1a:bb:ff:c1:
         ae:a5:83:1c:90:61:f4:d9:f1:0e:1b:d2:b0:7c:a1:cc:79:ab:
         eb:23:51:df:b5:50:5a:8b:b9:1f:9a:d6:7f:4f:4d:b6:56:d4:
         f7:a5:ae:ce
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUd4ER8RXzLJyvknY5o0INgRv3pRcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDMxMjEyNDUyWhcNMjUxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BlZWUzMWZiNGIzZjcwZmY2MjczZTU3ZjRhMjI4MDZmNDlh
ODVhNTcyY2FkODcwNDBiODE1Mjg4NDEzZWM1YWM4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/qzYB6+cM9iyNliPQMFVaoTz2L3rny2cE5Hy03ioX7VyQ
zB0yL1iTmoQK4MHL9a8qrFzwkWunk+DnFuDkRwOu35uKN4iFpXXvtrKfbedT7UFr
5a9ubTVGED9QJdG1dpXAik978oPKSTArzyOnuM+c6113FF91bnb/YLJyIu89wvxk
3hJlPBPqHd3fW3R0iquZ6KDBRwK8/RlNWCWs/Kq0p+GgJq9OWRXb5d9oA4+uH/VM
pQJ78P20rs1P6R6XRxXgSRhNmD3tbF1vZThZQFFqgOBH/jdwzrWj3Ulg1qtOPgec
8x42igaw4KCoDtEfd853wk/xqjPa1ZVKgihIYn3hAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUUvkuWm6+A53g/U0YTtckkj2PA2MwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FlZGY4ZjMyLWI2OTAtNGU0Yy05Y2U3LWJmYWU3NzBmMDIwZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjUp8wDQYJKoZIhvcNAQELBQADggEBAKCMc4jcXho3uMX7/vSiJN6QZ9oy
R4t6Q9OmpU0oAC2zDtGIy4501NJEWfCkSdfUPWyRzx/jfj4g74r75FnnA0PITyDS
/Jv3yI45xmoQss2UmGKjllJI/OXEU1IqW0jt0h9aqE/FYrTp6Vl2atrxCsBXRolI
gezWfWy8218xQYa6fQxd3k5k7DEiXhOttGLnE+Pys9bts4sYfWThtYQ7wUYa1Oeb
3+J69diq9LI4IDKHXPL5kFu9a0DoZABMZn1ByFxNV1HG5e1sg3bCkixqa2DySCBh
Grv/wa6lgxyQYfTZ8Q4b0rB8ocx5q+sjUd+1UFqLuR+a1n9PTbZW1Pelrs4=
-----END CERTIFICATE-----