Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c7066401-6e27-443a-a174-bf22e8ce1b76.roa
File:                     c7066401-6e27-443a-a174-bf22e8ce1b76.roa (raw, json)
Hash identifier:          tFSQXv9XWnYex1vLC9mBvGnJ5zd13MzRmqJ1hWVPaG4=
Subject key identifier:   92:B1:58:89:00:95:E8:C1:E9:30:BB:C6:26:15:65:03:51:46:16:A6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       63524C0A1D0FA5C9C29F6423C54822023C7FC5BB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c7066401-6e27-443a-a174-bf22e8ce1b76.roa
Signing time:             Sat 01 Nov 2025 00:30:52 +0000
ROA not before:           Sat 01 Nov 2025 00:30:52 +0000
ROA not after:            Sat 06 Dec 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        184.72.80.0/21 maxlen: 21
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:52:4c:0a:1d:0f:a5:c9:c2:9f:64:23:c5:48:22:02:3c:7f:c5:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  1 00:30:52 2025 GMT
            Not After : Dec  6 23:59:59 2025 GMT
        Subject: serialNumber=a14b2dc03c95353d4f0d7caa8e8aee164ab3dc9d5fc1ce1bcfbbe96a1ebbc770, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:5a:3f:52:58:ad:83:b8:fd:76:69:b7:57:d5:
                    dd:5b:0a:8e:60:3b:ea:58:a2:11:95:bb:76:1a:ce:
                    34:17:88:0b:16:70:61:f8:ef:3a:dd:5a:7e:cb:16:
                    a6:10:6b:ff:d1:7a:75:06:a0:b6:18:a2:7f:0f:36:
                    1c:d6:d2:bb:f0:72:cc:57:c7:d1:81:ec:27:7b:29:
                    53:9c:48:a3:ad:46:6a:95:b5:fb:b2:46:ae:2c:25:
                    9e:21:db:78:ab:18:50:d2:f1:a5:18:70:65:eb:ca:
                    f1:37:fe:1a:f2:ab:30:ca:55:1e:57:59:2f:ba:a9:
                    19:45:3b:5e:9a:4c:fb:da:f9:3a:1c:c8:10:24:54:
                    f8:fd:b9:34:71:d1:a3:de:0e:cb:81:e8:ff:46:ab:
                    bf:6c:b0:bc:78:ff:bd:e2:b8:16:28:fb:f2:3f:f7:
                    e2:83:f1:cc:84:72:ea:8f:d9:7b:76:d9:aa:7c:98:
                    31:1e:f2:e5:b8:b6:1c:fd:ac:dd:78:0c:cd:9b:f6:
                    04:e2:08:56:1f:0e:73:c5:68:b6:02:37:77:cc:9f:
                    08:02:da:2f:c7:0b:87:25:b5:5a:e2:5a:ce:a3:f6:
                    59:61:46:0c:f6:42:2a:2c:23:d2:54:35:61:45:4d:
                    fb:8a:31:62:17:7f:b6:cc:87:a7:5f:59:33:b0:02:
                    39:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:B1:58:89:00:95:E8:C1:E9:30:BB:C6:26:15:65:03:51:46:16:A6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c7066401-6e27-443a-a174-bf22e8ce1b76.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  184.72.80.0/21

    Signature Algorithm: sha256WithRSAEncryption
         65:2a:b5:00:43:13:97:bb:90:ae:30:e1:31:b7:dc:f2:2e:a9:
         3b:1e:1b:98:47:0b:25:f0:54:85:d7:bd:57:7a:71:1c:aa:b0:
         f5:59:68:69:ff:53:eb:40:f6:e6:2c:a2:39:77:62:f6:28:38:
         7b:96:6e:aa:68:a8:27:dd:38:60:4b:9d:38:fc:55:a4:a0:94:
         79:37:22:14:36:7f:03:e2:cd:57:9e:ee:56:17:de:b6:ea:fe:
         1e:fa:7d:9e:01:64:3d:6d:13:12:85:08:3c:85:e6:82:62:f9:
         d1:0a:dc:a7:68:e1:d0:f6:ec:51:00:b4:a8:2a:85:9a:2e:b4:
         4b:98:74:e1:b2:a4:e2:7e:77:b5:63:65:11:a0:86:f4:6a:f5:
         6c:0a:86:03:4a:e3:c0:b3:73:80:b7:5a:1d:67:28:79:c0:44:
         56:45:e8:ad:fe:6e:29:b2:0c:78:78:b7:e6:45:10:af:bd:93:
         10:10:9e:00:9a:78:d6:68:a3:1e:a9:be:2c:69:89:f8:2c:2e:
         73:dd:22:79:27:51:dc:1a:5b:f7:29:8e:7e:ef:34:a5:a8:e5:
         aa:01:d2:1e:fb:ed:d2:98:a6:4f:a4:cb:4d:70:65:3e:03:0d:
         b8:64:f7:f7:2d:27:13:ac:9d:5f:a4:6f:4a:a3:c6:8c:ff:31:
         15:c5:72:66
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUY1JMCh0PpcnCn2QjxUgiAjx/xbswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTAxMDAzMDUyWhcNMjUxMjA2MjM1OTU5
WjB6MUkwRwYDVQQFE0BhMTRiMmRjMDNjOTUzNTNkNGYwZDdjYWE4ZThhZWUxNjRh
YjNkYzlkNWZjMWNlMWJjZmJiZTk2YTFlYmJjNzcwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCaWj9SWK2DuP12abdX1d1bCo5gO+pYohGVu3YazjQXiAsW
cGH47zrdWn7LFqYQa//RenUGoLYYon8PNhzW0rvwcsxXx9GB7Cd7KVOcSKOtRmqV
tfuyRq4sJZ4h23irGFDS8aUYcGXryvE3/hryqzDKVR5XWS+6qRlFO16aTPva+Toc
yBAkVPj9uTRx0aPeDsuB6P9Gq79ssLx4/73iuBYo+/I/9+KD8cyEcuqP2Xt22ap8
mDEe8uW4thz9rN14DM2b9gTiCFYfDnPFaLYCN3fMnwgC2i/HC4cltVriWs6j9llh
Rgz2QiosI9JUNWFFTfuKMWIXf7bMh6dfWTOwAjnXAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUkrFYiQCV6MHpMLvGJhVlA1FGFqYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M3MDY2NDAxLTZlMjctNDQzYS1hMTc0LWJmMjJlOGNlMWI3Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAO4SFAwDQYJKoZIhvcNAQELBQADggEBAGUqtQBDE5e7kK4w4TG33PIuqTse
G5hHCyXwVIXXvVd6cRyqsPVZaGn/U+tA9uYsojl3YvYoOHuWbqpoqCfdOGBLnTj8
VaSglHk3IhQ2fwPizVee7lYX3rbq/h76fZ4BZD1tExKFCDyF5oJi+dEK3Kdo4dD2
7FEAtKgqhZoutEuYdOGypOJ+d7VjZRGghvRq9WwKhgNK48Czc4C3Wh1nKHnARFZF
6K3+bimyDHh4t+ZFEK+9kxAQngCaeNZoox6pvixpifgsLnPdInknUdwaW/cpjn7v
NKWo5aoB0h777dKYpk+ky01wZT4DDbhk9/ctJxOsnV+kb0qjxoz/MRXFcmY=
-----END CERTIFICATE-----