Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d52a2426-22bb-4acf-ba82-9cc75ad6512e.roa
File:                     d52a2426-22bb-4acf-ba82-9cc75ad6512e.roa (raw, json)
Hash identifier:          roOke0ZGGrnmS5CZlZpxnUsAXLc1PMleJMbQAr4F5Ms=
Subject key identifier:   1E:ED:AB:6E:32:0D:0E:A5:9A:BE:CC:B2:CC:54:80:8C:BF:1A:4F:65
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       45E7672F3597F7226CDA25D68640CB19C33AB2C2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d52a2426-22bb-4acf-ba82-9cc75ad6512e.roa
Signing time:             Tue 28 Oct 2025 00:10:11 +0000
ROA not before:           Tue 28 Oct 2025 00:10:11 +0000
ROA not after:            Tue 02 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.247.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:e7:67:2f:35:97:f7:22:6c:da:25:d6:86:40:cb:19:c3:3a:b2:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 28 00:10:11 2025 GMT
            Not After : Dec  2 23:59:59 2025 GMT
        Subject: serialNumber=b8f3231a59a9994bd9616e4ec36bda292b14091d4b516801622b34892f0bfee3, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:1b:b6:79:de:cb:f7:b7:cd:a0:74:18:76:67:
                    f1:d6:c5:53:af:0a:c5:45:d5:34:bf:37:b1:ab:57:
                    be:36:cd:f4:63:b3:2d:b7:9a:97:2d:e6:74:6d:dc:
                    58:81:43:6f:ed:73:38:56:42:f3:b7:6b:75:f8:12:
                    19:55:b4:1c:c8:a1:cc:89:9f:c8:e3:d4:56:e7:8b:
                    8c:6f:5f:5c:4f:66:ae:5f:5e:2f:a9:01:6e:32:2a:
                    9d:3c:1e:46:67:2b:b6:2b:81:c8:40:91:08:7b:b0:
                    ec:d9:26:67:e4:6a:c4:79:a5:60:7d:8d:d7:1a:f1:
                    9a:0a:4a:84:b2:fc:48:18:9b:6d:64:3c:84:0a:46:
                    56:a5:85:bb:30:43:5c:9b:32:77:b9:a1:2b:45:2f:
                    60:ca:24:97:04:bd:93:34:0b:7a:19:00:41:44:e1:
                    63:77:54:72:1b:a0:e0:6a:fa:e4:a1:43:e6:d5:11:
                    dd:51:d4:28:16:2a:d9:07:47:a7:5f:12:e4:94:57:
                    eb:6d:df:34:52:34:40:0c:6a:94:12:5e:21:66:3d:
                    1e:18:42:4b:3e:c9:25:61:52:d8:b7:27:02:1f:56:
                    21:61:a6:0c:3f:4a:4f:9e:f2:2c:4f:a7:9d:7b:78:
                    b5:17:19:e4:05:07:53:ca:bb:38:9b:ce:28:4b:75:
                    39:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:ED:AB:6E:32:0D:0E:A5:9A:BE:CC:B2:CC:54:80:8C:BF:1A:4F:65
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d52a2426-22bb-4acf-ba82-9cc75ad6512e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.247.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:ff:47:0d:84:20:80:31:7d:0d:07:c7:2f:e4:59:28:d3:c8:
         f0:ad:69:53:1d:8f:df:14:0d:51:4c:37:07:41:c9:61:0c:52:
         83:9b:89:49:5f:0d:de:26:8f:75:c4:e4:59:14:9b:7b:95:e9:
         e2:de:88:0e:6c:46:6b:ac:68:6a:32:4a:bc:a4:cc:6e:4a:84:
         96:a3:81:12:4e:90:a0:c7:7f:bc:a0:c9:78:25:31:d9:02:0e:
         9b:15:7a:38:fc:07:84:ea:f3:2b:e2:db:c7:c2:c2:d1:f7:7d:
         4b:de:92:c2:da:a1:d9:f2:60:91:a2:a3:32:09:04:1f:a4:7f:
         59:05:43:81:18:4c:28:ac:f2:43:20:1d:3d:66:c2:5f:02:05:
         60:5c:f1:e5:b8:4b:5c:97:df:4c:f2:75:d5:0c:09:5b:66:60:
         34:d6:b4:04:b3:22:f1:00:e7:09:59:06:85:2d:64:ac:6c:09:
         32:1c:2b:b2:9d:a2:d0:20:48:81:4d:60:b9:03:cc:8e:f1:4b:
         81:f1:7c:f2:8b:fb:dc:b5:96:6f:80:2c:96:62:cf:ec:05:e9:
         61:00:e0:db:ad:c1:64:2e:96:54:dd:e4:1e:8a:b1:43:10:b3:
         1a:9c:26:d2:69:5f:4f:47:fe:a2:4f:10:6a:49:25:6b:5b:0e:
         66:56:8a:c4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURednLzWX9yJs2iXWhkDLGcM6ssIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI4MDAxMDExWhcNMjUxMjAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BiOGYzMjMxYTU5YTk5OTRiZDk2MTZlNGVjMzZiZGEyOTJi
MTQwOTFkNGI1MTY4MDE2MjJiMzQ4OTJmMGJmZWUzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7G7Z53sv3t82gdBh2Z/HWxVOvCsVF1TS/N7GrV742zfRj
sy23mpct5nRt3FiBQ2/tczhWQvO3a3X4EhlVtBzIocyJn8jj1Fbni4xvX1xPZq5f
Xi+pAW4yKp08HkZnK7YrgchAkQh7sOzZJmfkasR5pWB9jdca8ZoKSoSy/EgYm21k
PIQKRlalhbswQ1ybMne5oStFL2DKJJcEvZM0C3oZAEFE4WN3VHIboOBq+uShQ+bV
Ed1R1CgWKtkHR6dfEuSUV+tt3zRSNEAMapQSXiFmPR4YQks+ySVhUti3JwIfViFh
pgw/Sk+e8ixPp517eLUXGeQFB1PKuzibzihLdTkdAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUHu2rbjINDqWavsyyzFSAjL8aT2UwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Q1MmEyNDI2LTIyYmItNGFjZi1iYTgyLTljYzc1YWQ2NTEyZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTfcwDQYJKoZIhvcNAQELBQADggEBABf/Rw2EIIAxfQ0Hxy/kWSjTyPCt
aVMdj98UDVFMNwdByWEMUoObiUlfDd4mj3XE5FkUm3uV6eLeiA5sRmusaGoySryk
zG5KhJajgRJOkKDHf7ygyXglMdkCDpsVejj8B4Tq8yvi28fCwtH3fUveksLaodny
YJGiozIJBB+kf1kFQ4EYTCis8kMgHT1mwl8CBWBc8eW4S1yX30zyddUMCVtmYDTW
tASzIvEA5wlZBoUtZKxsCTIcK7KdotAgSIFNYLkDzI7xS4HxfPKL+9y1lm+ALJZi
z+wF6WEA4NutwWQullTd5B6KsUMQsxqcJtJpX09H/qJPEGpJJWtbDmZWisQ=
-----END CERTIFICATE-----