Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d3ac9ca8-0963-4f1d-bfa5-5b4e3bc63606.roa
File:                     d3ac9ca8-0963-4f1d-bfa5-5b4e3bc63606.roa (raw, json)
Hash identifier:          sHFmux5ucM15venIMfLqWlRDY8BMk3VT1udTbo5ybzU=
Subject key identifier:   2D:DE:A2:AF:10:18:DD:FB:F3:90:40:27:43:0C:2D:61:A6:46:F3:8D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       03A78F0392370571ED55F1AAB6BBCEF3E25D304C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d3ac9ca8-0963-4f1d-bfa5-5b4e3bc63606.roa
Signing time:             Fri 31 Oct 2025 21:24:51 +0000
ROA not before:           Fri 31 Oct 2025 21:24:51 +0000
ROA not after:            Fri 05 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.82.158.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:a7:8f:03:92:37:05:71:ed:55:f1:aa:b6:bb:ce:f3:e2:5d:30:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 31 21:24:51 2025 GMT
            Not After : Dec  5 23:59:59 2025 GMT
        Subject: serialNumber=ee1e5929b6a43ebc4e23731ed377bdc1b84ba4f44a93266196e71810ecd9b6df, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:18:37:c2:b1:1a:b4:bf:f6:1b:3b:fd:cf:d0:
                    89:bb:ee:62:51:f8:a8:85:f4:9d:f3:52:a2:59:8b:
                    00:32:dd:57:76:3b:2f:63:6b:c1:81:0f:0e:e1:ec:
                    6a:fd:bf:dd:f5:6b:ac:07:e1:d6:d4:fe:e1:cb:e4:
                    86:f8:a0:6e:a0:0b:1c:ad:3a:e0:7b:6f:f3:00:bd:
                    93:87:28:56:19:8c:4e:7c:25:8d:47:bb:0a:f4:fa:
                    08:c0:a5:0b:9a:46:36:a5:2a:e1:21:63:27:23:50:
                    f2:c7:1e:bb:20:74:97:04:e7:74:87:e9:3b:57:0a:
                    20:b1:85:30:f0:bf:53:26:96:93:01:40:ad:f9:70:
                    26:d3:30:f8:6a:ce:ec:53:bb:55:23:86:a3:1b:b3:
                    fc:3c:20:46:fa:74:22:9c:b2:6a:01:e5:2c:31:f4:
                    18:d6:dd:75:ef:f7:90:f4:3e:1e:4a:8a:02:fe:38:
                    f4:fd:99:3c:4d:25:ba:9b:6d:8c:27:9e:86:28:18:
                    06:4b:65:56:cb:82:59:d4:50:17:ad:23:d0:75:00:
                    60:93:cf:b1:41:04:a4:2f:5b:1d:35:df:00:8b:ed:
                    a6:da:6a:1d:db:dd:71:39:f4:03:5b:49:71:df:5d:
                    4b:76:94:ed:6c:7a:bf:e3:5f:56:54:85:45:c1:af:
                    12:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:DE:A2:AF:10:18:DD:FB:F3:90:40:27:43:0C:2D:61:A6:46:F3:8D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d3ac9ca8-0963-4f1d-bfa5-5b4e3bc63606.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.82.158.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:3e:4b:c4:0a:92:cf:fa:d8:8e:33:9a:11:de:1b:a3:5b:70:
         bb:d8:c0:d8:ec:ac:b8:e2:62:04:1e:b4:62:1b:a1:25:ea:90:
         b6:eb:f2:0d:24:b4:2c:29:07:18:bc:77:19:d6:7f:1a:20:8f:
         52:2c:65:48:35:36:77:89:ae:fc:ec:1b:8f:4e:89:81:bc:41:
         ca:70:cf:fa:fc:1e:66:6c:ac:70:4d:01:6c:65:1b:1e:1e:07:
         ea:c5:b0:c2:92:61:12:e6:45:f4:ba:be:ab:2f:07:c7:26:37:
         48:c6:97:9b:98:b5:3a:ba:36:00:5b:06:53:61:15:b7:99:41:
         27:d7:6c:80:db:f5:f6:7c:9c:67:39:d0:e2:fb:ca:d3:c8:b1:
         f6:76:fa:75:c9:8c:3d:0b:0c:2d:d9:4c:f6:e8:6f:3b:02:7a:
         67:42:28:a9:8b:16:a0:a9:d9:2a:35:41:09:af:7d:26:5e:ef:
         52:d9:92:89:38:78:3e:82:74:bd:b6:77:2d:38:f2:16:8e:15:
         fd:ca:3a:c3:a6:4a:dc:2b:d8:0e:4d:c4:cd:b3:69:33:ae:61:
         ec:80:94:43:f5:4e:a0:17:90:e8:57:00:31:ea:53:ef:ba:f4:
         f6:9c:20:7e:31:ab:b2:18:69:ed:f8:7c:73:60:d9:30:32:50:
         03:76:81:70
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUA6ePA5I3BXHtVfGqtrvO8+JdMEwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDMxMjEyNDUxWhcNMjUxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BlZTFlNTkyOWI2YTQzZWJjNGUyMzczMWVkMzc3YmRjMWI4
NGJhNGY0NGE5MzI2NjE5NmU3MTgxMGVjZDliNmRmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDOGDfCsRq0v/YbO/3P0Im77mJR+KiF9J3zUqJZiwAy3Vd2
Oy9ja8GBDw7h7Gr9v931a6wH4dbU/uHL5Ib4oG6gCxytOuB7b/MAvZOHKFYZjE58
JY1Huwr0+gjApQuaRjalKuEhYycjUPLHHrsgdJcE53SH6TtXCiCxhTDwv1MmlpMB
QK35cCbTMPhqzuxTu1UjhqMbs/w8IEb6dCKcsmoB5Swx9BjW3XXv95D0Ph5KigL+
OPT9mTxNJbqbbYwnnoYoGAZLZVbLglnUUBetI9B1AGCTz7FBBKQvWx013wCL7aba
ah3b3XE59ANbSXHfXUt2lO1ser/jX1ZUhUXBrxIpAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQULd6irxAY3fvzkEAnQwwtYaZG840wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2QzYWM5Y2E4LTA5NjMtNGYxZC1iZmE1LTViNGUzYmM2MzYwNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjUp4wDQYJKoZIhvcNAQELBQADggEBAFE+S8QKks/62I4zmhHeG6NbcLvY
wNjsrLjiYgQetGIboSXqkLbr8g0ktCwpBxi8dxnWfxogj1IsZUg1NneJrvzsG49O
iYG8Qcpwz/r8HmZsrHBNAWxlGx4eB+rFsMKSYRLmRfS6vqsvB8cmN0jGl5uYtTq6
NgBbBlNhFbeZQSfXbIDb9fZ8nGc50OL7ytPIsfZ2+nXJjD0LDC3ZTPbobzsCemdC
KKmLFqCp2So1QQmvfSZe71LZkok4eD6CdL22dy048haOFf3KOsOmStwr2A5NxM2z
aTOuYeyAlEP1TqAXkOhXADHqU++69PacIH4xq7IYae34fHNg2TAyUAN2gXA=
-----END CERTIFICATE-----