Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d556d4ad-3617-4c1e-8e59-ecf8fec0873e.roa
File:                     d556d4ad-3617-4c1e-8e59-ecf8fec0873e.roa (raw, json)
Hash identifier:          xR1zTwtPQejCP8LTar+09CVVx0GD7NgHaCeZCGr1Bbk=
Subject key identifier:   A8:EA:54:95:81:BE:DC:AD:50:D8:02:14:A6:77:AA:BE:62:B0:0B:AB
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       315D3DBD2A05ED730E194FCD4DBBAB860C62037A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d556d4ad-3617-4c1e-8e59-ecf8fec0873e.roa
Signing time:             Sat 01 Nov 2025 00:20:51 +0000
ROA not before:           Sat 01 Nov 2025 00:20:51 +0000
ROA not after:            Sat 06 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        184.72.93.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:5d:3d:bd:2a:05:ed:73:0e:19:4f:cd:4d:bb:ab:86:0c:62:03:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  1 00:20:51 2025 GMT
            Not After : Dec  6 23:59:59 2025 GMT
        Subject: serialNumber=b361ef0d04b25770101955bb71ebe412a4532e8c326160f30663568d1d308979, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:ef:44:5c:9e:ab:37:e2:86:f2:b6:30:a7:e3:
                    58:69:b6:7b:fe:dc:aa:6e:ab:71:77:47:11:b5:5c:
                    dd:bb:4a:54:a0:3b:1c:5b:c5:67:4e:60:39:62:f7:
                    d2:47:24:ba:72:5b:4d:a4:f7:f8:1c:21:8f:b2:34:
                    ef:96:85:ed:12:da:85:52:9a:80:50:ea:f2:5e:4f:
                    c2:96:19:ec:09:fb:23:d2:ad:5e:6c:36:7e:78:7b:
                    a9:67:97:17:d2:5b:87:7d:b3:f7:ee:07:cd:71:c7:
                    26:ea:c9:85:38:c0:49:76:a9:d7:ff:be:f6:52:3c:
                    af:5f:50:df:93:70:51:9d:dd:15:8d:f0:01:f4:9f:
                    46:90:d9:df:d0:f5:13:c7:13:37:1b:bd:28:11:e5:
                    66:cc:b0:ed:3a:2a:6a:45:04:eb:29:e5:bc:34:eb:
                    04:db:e4:bd:84:2f:5e:2d:5c:b6:53:20:77:35:ac:
                    59:13:68:3d:c1:cb:db:47:a4:24:c5:89:3f:4d:d9:
                    30:8c:d5:b8:1e:56:93:8b:1a:f9:f7:44:7d:5c:17:
                    36:38:19:b9:f7:b9:0e:ba:3c:a1:36:63:d9:d8:01:
                    3d:a5:91:38:4d:f3:06:68:e7:01:0a:41:a9:f2:d6:
                    d3:2e:ff:74:be:d9:12:e8:a2:07:b9:84:7e:6b:74:
                    b0:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:EA:54:95:81:BE:DC:AD:50:D8:02:14:A6:77:AA:BE:62:B0:0B:AB
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d556d4ad-3617-4c1e-8e59-ecf8fec0873e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  184.72.93.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:bf:18:b6:27:5a:d8:2e:0d:cd:43:cd:b8:ba:e1:ba:8c:61:
         9d:fb:43:da:b8:3b:bd:f0:e7:6a:77:ff:a0:c2:fe:56:d2:b6:
         cf:2f:36:3e:99:b3:b7:c1:ba:e4:0f:a0:bc:53:c1:aa:81:29:
         cd:ff:28:66:fd:a3:c9:94:e0:0c:1f:c4:8b:54:55:bb:4e:cf:
         0d:37:a4:9d:9a:09:2d:d5:1c:89:ab:c6:4a:62:72:82:65:a4:
         ff:c3:0a:60:34:a7:b8:cf:51:8e:b6:10:0a:e5:3f:fd:e3:eb:
         26:e6:de:c7:3a:c8:74:d7:18:19:fe:0d:74:75:e1:a3:fc:87:
         b7:47:c9:7d:31:62:33:22:c7:62:3d:98:7b:bc:3e:2e:8b:78:
         71:f7:22:f0:5b:cc:35:2d:d9:34:ca:79:96:af:d0:21:cd:90:
         b8:23:5d:7f:d8:17:7f:05:d3:27:1e:7d:6d:00:44:c0:f8:ca:
         4e:66:97:6a:18:e4:a0:fa:a3:af:d1:7c:85:6a:5d:9b:60:ee:
         47:3e:b6:fe:a7:6d:0a:48:81:fe:8b:63:eb:76:93:03:3a:5c:
         23:34:7a:d6:29:27:b7:22:c7:2a:94:ff:9f:8c:a9:85:5a:c3:
         b5:72:9b:99:8c:7a:ea:95:7e:75:db:ea:85:39:df:7c:0d:22:
         4d:c6:cb:be
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMV09vSoF7XMOGU/NTburhgxiA3owDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTAxMDAyMDUxWhcNMjUxMjA2MjM1OTU5
WjB6MUkwRwYDVQQFE0BiMzYxZWYwZDA0YjI1NzcwMTAxOTU1YmI3MWViZTQxMmE0
NTMyZThjMzI2MTYwZjMwNjYzNTY4ZDFkMzA4OTc5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC170Rcnqs34obytjCn41hptnv+3Kpuq3F3RxG1XN27SlSg
OxxbxWdOYDli99JHJLpyW02k9/gcIY+yNO+Whe0S2oVSmoBQ6vJeT8KWGewJ+yPS
rV5sNn54e6lnlxfSW4d9s/fuB81xxybqyYU4wEl2qdf/vvZSPK9fUN+TcFGd3RWN
8AH0n0aQ2d/Q9RPHEzcbvSgR5WbMsO06KmpFBOsp5bw06wTb5L2EL14tXLZTIHc1
rFkTaD3By9tHpCTFiT9N2TCM1bgeVpOLGvn3RH1cFzY4Gbn3uQ66PKE2Y9nYAT2l
kThN8wZo5wEKQany1tMu/3S+2RLooge5hH5rdLB9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUqOpUlYG+3K1Q2AIUpneqvmKwC6swHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Q1NTZkNGFkLTM2MTctNGMxZS04ZTU5LWVjZjhmZWMwODczZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAC4SF0wDQYJKoZIhvcNAQELBQADggEBAHG/GLYnWtguDc1Dzbi64bqMYZ37
Q9q4O73w52p3/6DC/lbSts8vNj6Zs7fBuuQPoLxTwaqBKc3/KGb9o8mU4AwfxItU
VbtOzw03pJ2aCS3VHImrxkpicoJlpP/DCmA0p7jPUY62EArlP/3j6ybm3sc6yHTX
GBn+DXR14aP8h7dHyX0xYjMix2I9mHu8Pi6LeHH3IvBbzDUt2TTKeZav0CHNkLgj
XX/YF38F0ycefW0ARMD4yk5ml2oY5KD6o6/RfIVqXZtg7kc+tv6nbQpIgf6LY+t2
kwM6XCM0etYpJ7cixyqU/5+MqYVaw7Vym5mMeuqVfnXb6oU533wNIk3Gy74=
-----END CERTIFICATE-----