Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dea262d0-e7e3-4be4-9f3d-e12e1bbcd873.roa
File:                     dea262d0-e7e3-4be4-9f3d-e12e1bbcd873.roa (raw, json)
Hash identifier:          0I5k5Fbt9c70/ck5HfgEXE0MBw7kKDihHyjrDUWXUCk=
Subject key identifier:   F6:08:81:E9:D8:B0:C8:B3:AE:2B:F6:73:4A:A8:63:1F:41:82:CA:F5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3BA690063C2BF9F7557FF3D38A84787021BFAD63
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dea262d0-e7e3-4be4-9f3d-e12e1bbcd873.roa
Signing time:             Sun 26 Oct 2025 00:11:31 +0000
ROA not before:           Sun 26 Oct 2025 00:11:31 +0000
ROA not after:            Sun 30 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        70.232.80.0/21 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:a6:90:06:3c:2b:f9:f7:55:7f:f3:d3:8a:84:78:70:21:bf:ad:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 26 00:11:31 2025 GMT
            Not After : Nov 30 23:59:59 2025 GMT
        Subject: serialNumber=c5f2e355e4c6f914d128b87f493bf694d5006426acebdb558cea932997175982, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:a9:77:aa:75:0c:fb:31:f3:68:63:29:c7:48:
                    31:85:c3:66:81:ac:0e:e3:fe:21:65:17:df:3c:d1:
                    7f:fb:06:45:07:38:63:6e:72:7e:77:2a:7a:97:eb:
                    00:b4:1a:e6:0c:1f:de:09:be:de:b0:08:a5:2d:af:
                    94:ef:b1:8c:f8:da:92:81:b7:66:c0:dc:ca:d8:5e:
                    be:b5:55:d4:c3:08:3e:62:bf:40:26:5a:e0:de:da:
                    a7:19:86:c7:b4:c1:30:1d:bf:18:40:93:3f:1c:b8:
                    ae:2a:67:cf:dc:91:a7:90:a9:29:f9:cc:34:ec:5a:
                    52:e4:13:eb:0e:5f:7e:f6:04:f6:87:aa:73:2f:4b:
                    26:86:e7:6f:4d:aa:67:a9:62:23:d6:7c:a3:4b:3c:
                    b0:8e:1d:ba:63:8a:04:69:df:7a:c3:23:c7:4e:6e:
                    ce:af:d7:34:e1:9e:ad:8a:12:be:ea:b8:16:1e:34:
                    47:65:67:1c:e0:25:36:a9:2c:43:99:13:01:a4:8c:
                    d4:5d:6f:d8:02:cd:13:06:50:11:ff:42:10:75:26:
                    eb:23:58:a4:19:52:af:73:1c:95:92:58:52:00:ef:
                    ae:ba:ce:ba:64:e9:71:77:71:1e:20:b5:92:2b:92:
                    79:ec:bc:ac:27:cd:41:95:58:29:4e:2d:d9:d3:de:
                    e0:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:08:81:E9:D8:B0:C8:B3:AE:2B:F6:73:4A:A8:63:1F:41:82:CA:F5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dea262d0-e7e3-4be4-9f3d-e12e1bbcd873.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  70.232.80.0/21

    Signature Algorithm: sha256WithRSAEncryption
         5f:84:83:d1:e3:f6:c4:fb:19:9f:1a:5b:2b:0d:31:51:b1:c1:
         05:63:58:03:79:2e:57:e8:21:c2:6b:4f:75:05:ab:30:a8:88:
         80:9e:58:68:30:bd:47:70:e3:46:90:4b:d6:fc:3f:63:00:fb:
         14:ce:33:ca:58:2f:77:56:c0:28:e9:8b:32:0c:9f:3d:93:28:
         6c:dc:8a:c6:2f:b8:4a:22:0d:9a:aa:a9:fd:4f:e8:5a:82:90:
         c2:21:04:cd:3e:21:4e:8d:d1:a5:d5:4d:e2:73:99:03:03:2e:
         32:e7:01:36:8d:6e:6d:e9:21:fc:45:9e:6d:59:02:a6:a4:12:
         2a:bf:7d:1e:71:4b:71:b4:be:65:9f:e1:bf:29:e8:b2:13:26:
         7a:a6:2f:60:39:2f:87:2b:b2:1d:c7:35:36:a4:85:47:50:1e:
         d8:4a:f0:1c:2f:b8:6e:ff:51:67:ff:3c:ef:6c:e8:79:c7:91:
         ce:f5:1c:00:bb:6a:a5:44:81:d6:f9:8a:d1:9a:26:6d:96:04:
         7c:b7:a3:12:e4:1e:eb:c0:a1:ad:e9:35:49:b0:d5:f8:ac:45:
         65:39:b1:07:9f:ae:2e:d0:77:7a:80:a2:68:78:0c:9e:e6:7f:
         fc:f0:ba:7c:f3:fb:48:98:00:7a:f7:9c:93:8b:fc:7f:f2:75:
         f2:fd:59:2d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUO6aQBjwr+fdVf/PTioR4cCG/rWMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI2MDAxMTMxWhcNMjUxMTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BjNWYyZTM1NWU0YzZmOTE0ZDEyOGI4N2Y0OTNiZjY5NGQ1
MDA2NDI2YWNlYmRiNTU4Y2VhOTMyOTk3MTc1OTgyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDIqXeqdQz7MfNoYynHSDGFw2aBrA7j/iFlF9880X/7BkUH
OGNucn53KnqX6wC0GuYMH94Jvt6wCKUtr5TvsYz42pKBt2bA3MrYXr61VdTDCD5i
v0AmWuDe2qcZhse0wTAdvxhAkz8cuK4qZ8/ckaeQqSn5zDTsWlLkE+sOX372BPaH
qnMvSyaG529NqmepYiPWfKNLPLCOHbpjigRp33rDI8dObs6v1zThnq2KEr7quBYe
NEdlZxzgJTapLEOZEwGkjNRdb9gCzRMGUBH/QhB1JusjWKQZUq9zHJWSWFIA7666
zrpk6XF3cR4gtZIrknnsvKwnzUGVWClOLdnT3uCJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU9giB6diwyLOuK/ZzSqhjH0GCyvUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2RlYTI2MmQwLWU3ZTMtNGJlNC05ZjNkLWUxMmUxYmJjZDg3My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANG6FAwDQYJKoZIhvcNAQELBQADggEBAF+Eg9Hj9sT7GZ8aWysNMVGxwQVj
WAN5LlfoIcJrT3UFqzCoiICeWGgwvUdw40aQS9b8P2MA+xTOM8pYL3dWwCjpizIM
nz2TKGzcisYvuEoiDZqqqf1P6FqCkMIhBM0+IU6N0aXVTeJzmQMDLjLnATaNbm3p
IfxFnm1ZAqakEiq/fR5xS3G0vmWf4b8p6LITJnqmL2A5L4crsh3HNTakhUdQHthK
8BwvuG7/UWf/PO9s6HnHkc71HAC7aqVEgdb5itGaJm2WBHy3oxLkHuvAoa3pNUmw
1fisRWU5sQefri7Qd3qAomh4DJ7mf/zwunzz+0iYAHr3nJOL/H/ydfL9WS0=
-----END CERTIFICATE-----