Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b48ef918-19ab-4cd1-9fbc-53cd849775c3.roa
File:                     b48ef918-19ab-4cd1-9fbc-53cd849775c3.roa (raw, json)
Hash identifier:          W8DBew7k03B9hmCM8nEKNyiahyXqZyuQV2RuyuCOrhE=
Subject key identifier:   79:ED:3F:C1:8C:C0:3D:3B:6D:67:70:80:7A:BA:BE:30:D3:37:59:82
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7BC63CE24D815FC08DD60C957114C230764612D0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b48ef918-19ab-4cd1-9fbc-53cd849775c3.roa
Signing time:             Sun 02 Nov 2025 00:21:18 +0000
ROA not before:           Sun 02 Nov 2025 00:21:18 +0000
ROA not after:            Sun 07 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.150.48.0/21 maxlen: 21
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:c6:3c:e2:4d:81:5f:c0:8d:d6:0c:95:71:14:c2:30:76:46:12:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  2 00:21:18 2025 GMT
            Not After : Dec  7 23:59:59 2025 GMT
        Subject: serialNumber=ffa3ec5c27839ed68aa5f31065b8116ae160ac58a9b7875ae3400c333b6312d7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:3a:71:0e:75:2f:26:b2:5e:5e:ba:a6:f1:f6:
                    84:58:80:23:b1:8c:10:25:a3:8a:d1:1e:c9:4f:33:
                    31:7c:81:33:6d:03:0a:1f:38:2c:e4:a9:b6:e3:d4:
                    90:5f:33:14:34:c2:95:b8:78:33:dc:a4:c2:2b:af:
                    1e:90:a4:15:d8:ac:04:61:ed:41:6b:4e:9d:f2:66:
                    1b:bd:cd:97:7a:a4:b6:31:72:b4:bd:f3:7a:08:fe:
                    d6:08:15:73:71:1f:33:e2:ab:1d:3b:c2:1d:f8:69:
                    e5:f2:16:77:4d:89:cc:4c:da:43:0a:cd:4d:de:40:
                    7c:76:59:69:77:8f:1b:b6:dd:0a:ad:9b:dc:f5:3b:
                    f6:a9:1e:79:07:df:54:f9:47:2c:bf:00:78:df:99:
                    4c:be:0b:18:25:fa:9f:ba:e3:06:b1:69:33:f5:44:
                    b5:7f:ee:2c:95:73:92:e2:8d:1b:08:64:48:ad:2a:
                    c1:52:40:1c:dd:d1:09:63:ce:db:4c:f9:0b:c4:c3:
                    35:80:2e:d1:72:bb:6c:23:75:68:75:a1:f7:06:71:
                    7a:dc:9a:11:d4:18:05:32:87:de:f9:63:21:49:0f:
                    4b:f0:f9:53:72:87:05:ea:70:b0:cd:71:fc:ee:92:
                    5b:a4:f1:61:71:1a:25:1a:29:f7:d3:72:95:34:a5:
                    0f:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:ED:3F:C1:8C:C0:3D:3B:6D:67:70:80:7A:BA:BE:30:D3:37:59:82
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b48ef918-19ab-4cd1-9fbc-53cd849775c3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.150.48.0/21

    Signature Algorithm: sha256WithRSAEncryption
         98:59:6a:82:e8:6e:11:3b:02:09:a8:a2:65:5c:61:b2:88:e9:
         05:87:9f:00:a9:30:2f:41:0a:5e:41:8d:10:bb:75:92:c7:db:
         d4:1f:0b:9c:e2:7b:51:2f:47:68:f6:af:75:13:0a:39:1b:5c:
         64:2c:6b:ca:c1:7a:2e:fa:66:b9:d8:b3:18:a5:63:1b:54:93:
         7b:75:57:f8:5b:a9:c2:64:98:de:b9:77:ec:df:eb:7a:5d:2b:
         23:29:df:3a:17:bd:7e:18:3b:03:61:fc:1e:ad:ae:a2:9a:e9:
         ce:c4:b6:d8:0c:80:63:cd:10:73:94:d5:44:94:24:09:57:d8:
         96:17:1d:79:4f:ed:2e:1f:9b:36:86:c4:0e:35:0a:a1:15:f9:
         97:36:11:24:06:99:81:d7:a2:53:b5:cc:d3:df:39:e8:ed:22:
         b9:4a:98:a2:88:fe:c9:67:08:4f:23:d5:00:b2:d2:b9:5b:8c:
         5d:43:98:82:99:1e:11:a2:fd:dc:be:d1:d6:b1:24:a0:61:c9:
         b0:c0:b0:39:14:84:80:b2:bf:98:64:6b:85:87:75:a1:ae:5f:
         37:8a:32:16:2f:a0:ad:3b:1b:96:67:b2:ac:89:b4:16:75:ea:
         d8:b0:37:4d:b5:8c:a6:c3:b5:28:0b:9a:93:b0:93:e8:a8:6c:
         4b:71:a6:7f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUe8Y84k2BX8CN1gyVcRTCMHZGEtAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTAyMDAyMTE4WhcNMjUxMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BmZmEzZWM1YzI3ODM5ZWQ2OGFhNWYzMTA2NWI4MTE2YWUx
NjBhYzU4YTliNzg3NWFlMzQwMGMzMzNiNjMxMmQ3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDgOnEOdS8msl5euqbx9oRYgCOxjBAlo4rRHslPMzF8gTNt
AwofOCzkqbbj1JBfMxQ0wpW4eDPcpMIrrx6QpBXYrARh7UFrTp3yZhu9zZd6pLYx
crS983oI/tYIFXNxHzPiqx07wh34aeXyFndNicxM2kMKzU3eQHx2WWl3jxu23Qqt
m9z1O/apHnkH31T5Ryy/AHjfmUy+Cxgl+p+64waxaTP1RLV/7iyVc5LijRsIZEit
KsFSQBzd0QljzttM+QvEwzWALtFyu2wjdWh1ofcGcXrcmhHUGAUyh975YyFJD0vw
+VNyhwXqcLDNcfzukluk8WFxGiUaKffTcpU0pQ/hAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUee0/wYzAPTttZ3CAerq+MNM3WYIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I0OGVmOTE4LTE5YWItNGNkMS05ZmJjLTUzY2Q4NDk3NzVjMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANjljAwDQYJKoZIhvcNAQELBQADggEBAJhZaoLobhE7AgmoomVcYbKI6QWH
nwCpMC9BCl5BjRC7dZLH29QfC5zie1EvR2j2r3UTCjkbXGQsa8rBei76ZrnYsxil
YxtUk3t1V/hbqcJkmN65d+zf63pdKyMp3zoXvX4YOwNh/B6trqKa6c7EttgMgGPN
EHOU1USUJAlX2JYXHXlP7S4fmzaGxA41CqEV+Zc2ESQGmYHXolO1zNPfOejtIrlK
mKKI/slnCE8j1QCy0rlbjF1DmIKZHhGi/dy+0daxJKBhybDAsDkUhICyv5hka4WH
daGuXzeKMhYvoK07G5ZnsqyJtBZ16tiwN021jKbDtSgLmpOwk+iobEtxpn8=
-----END CERTIFICATE-----