Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f189fe35-f464-4842-bd64-d80fe1cd1e2a.roa
File:                     f189fe35-f464-4842-bd64-d80fe1cd1e2a.roa (raw, json)
Hash identifier:          rGgqyzvhdCWFTwqKuU3N9TSccRC/VwByNWuWmWPXd1g=
Subject key identifier:   B6:1F:65:4E:71:57:47:47:2B:B3:D1:CD:93:16:19:75:A4:E0:F4:F6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7648D8BBF5C32F22959B04DD0B30BBFFFF8A265A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f189fe35-f464-4842-bd64-d80fe1cd1e2a.roa
Signing time:             Tue 28 Oct 2025 00:01:07 +0000
ROA not before:           Tue 28 Oct 2025 00:01:07 +0000
ROA not after:            Tue 02 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.254.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:48:d8:bb:f5:c3:2f:22:95:9b:04:dd:0b:30:bb:ff:ff:8a:26:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 28 00:01:07 2025 GMT
            Not After : Dec  2 23:59:59 2025 GMT
        Subject: serialNumber=deeef3f4f1d9cbbe7f0f25879fb0706229fdca6d9a4826f9c03e885cc6914029, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:b7:9c:52:e6:e9:6e:c0:a8:da:7c:fc:a8:43:
                    83:10:1c:5b:bb:ee:c6:91:0d:38:54:dc:d6:ac:67:
                    0b:73:79:04:32:c4:40:94:1e:be:66:0a:da:d9:bd:
                    0f:e8:c5:e2:76:fd:66:85:ab:ef:91:21:ff:fe:f6:
                    89:18:0a:b0:16:b4:e7:db:42:13:c2:01:9b:f0:df:
                    53:19:a2:d3:ef:70:a2:ad:9a:54:2b:3a:68:cc:26:
                    bb:c8:2b:75:c9:9a:87:93:7f:06:56:58:1d:04:e7:
                    34:1f:d7:b4:d9:36:f4:87:2f:8d:11:f5:92:bb:a0:
                    0f:fc:8f:88:34:34:c4:2e:d4:e2:a6:87:7e:4a:c8:
                    58:8e:88:a1:45:7e:a0:4a:b4:e1:a6:5d:0e:c7:9f:
                    cd:02:84:0f:63:68:fd:28:10:50:f5:8f:68:80:68:
                    a7:5c:18:88:32:e0:bf:3f:a9:da:ce:5e:eb:89:72:
                    a4:16:7b:94:33:8e:15:83:6d:a3:13:0b:76:64:c8:
                    8a:0e:f0:bc:4c:fc:84:aa:f6:c5:dd:6c:64:8c:b7:
                    1b:a2:3d:43:39:c7:a4:2b:8f:a0:5d:7d:e5:7a:14:
                    e6:af:08:cc:1d:f7:1a:0f:70:92:f3:f6:22:80:91:
                    0a:6c:1a:4b:12:67:01:cd:e7:6f:56:4c:3a:f3:2b:
                    26:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:1F:65:4E:71:57:47:47:2B:B3:D1:CD:93:16:19:75:A4:E0:F4:F6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f189fe35-f464-4842-bd64-d80fe1cd1e2a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.254.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:9a:92:39:37:99:0e:f7:ee:ec:a0:be:a7:06:3e:1d:89:5f:
         70:7f:42:47:da:b4:21:56:43:9f:7b:58:b6:74:0a:21:c3:19:
         ac:45:18:ba:2f:2f:b5:bf:3b:da:8a:4a:84:50:b8:0a:8d:bb:
         d5:17:08:b9:96:5a:9b:db:bf:d2:ed:9e:a7:2c:ff:4b:99:90:
         7f:62:99:3a:a0:9c:c7:b9:51:97:8c:9c:ed:e0:1c:9b:4a:03:
         ad:14:5c:7c:e7:32:cd:af:29:82:19:6a:15:97:b3:66:89:90:
         a8:b3:50:64:d8:36:d5:41:0f:fa:70:13:89:f4:ac:a1:1b:84:
         c1:55:0f:40:c6:28:e4:ac:26:aa:42:04:10:99:fc:7d:6e:db:
         7d:10:cb:d4:90:61:16:e3:e1:c7:90:90:48:8a:ec:ae:f6:c0:
         58:02:32:d2:14:90:35:13:af:21:02:84:c1:52:e1:5f:0c:ca:
         26:28:36:99:cc:1e:2c:5c:98:28:71:ea:d1:2b:2d:32:06:08:
         7f:3c:33:72:13:bc:f4:58:7a:e3:d9:fc:9c:52:54:b6:ef:39:
         34:cf:6d:c1:10:ab:6e:4c:65:78:f7:34:c3:5c:bd:f4:ec:e3:
         7c:ae:8c:d0:36:76:66:82:17:61:a4:24:07:fa:f4:1c:0c:8e:
         bc:73:49:0f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdkjYu/XDLyKVmwTdCzC7//+KJlowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI4MDAwMTA3WhcNMjUxMjAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BkZWVlZjNmNGYxZDljYmJlN2YwZjI1ODc5ZmIwNzA2MjI5
ZmRjYTZkOWE0ODI2ZjljMDNlODg1Y2M2OTE0MDI5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCJt5xS5uluwKjafPyoQ4MQHFu77saRDThU3NasZwtzeQQy
xECUHr5mCtrZvQ/oxeJ2/WaFq++RIf/+9okYCrAWtOfbQhPCAZvw31MZotPvcKKt
mlQrOmjMJrvIK3XJmoeTfwZWWB0E5zQf17TZNvSHL40R9ZK7oA/8j4g0NMQu1OKm
h35KyFiOiKFFfqBKtOGmXQ7Hn80ChA9jaP0oEFD1j2iAaKdcGIgy4L8/qdrOXuuJ
cqQWe5QzjhWDbaMTC3ZkyIoO8LxM/ISq9sXdbGSMtxuiPUM5x6Qrj6BdfeV6FOav
CMwd9xoPcJLz9iKAkQpsGksSZwHN529WTDrzKyZ3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUth9lTnFXR0crs9HNkxYZdaTg9PYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2YxODlmZTM1LWY0NjQtNDg0Mi1iZDY0LWQ4MGZlMWNkMWUyYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTf4wDQYJKoZIhvcNAQELBQADggEBAGuakjk3mQ737uygvqcGPh2JX3B/
QkfatCFWQ597WLZ0CiHDGaxFGLovL7W/O9qKSoRQuAqNu9UXCLmWWpvbv9Ltnqcs
/0uZkH9imTqgnMe5UZeMnO3gHJtKA60UXHznMs2vKYIZahWXs2aJkKizUGTYNtVB
D/pwE4n0rKEbhMFVD0DGKOSsJqpCBBCZ/H1u230Qy9SQYRbj4ceQkEiK7K72wFgC
MtIUkDUTryEChMFS4V8MyiYoNpnMHixcmChx6tErLTIGCH88M3ITvPRYeuPZ/JxS
VLbvOTTPbcEQq25MZXj3NMNcvfTs43yujNA2dmaCF2GkJAf69BwMjrxzSQ8=
-----END CERTIFICATE-----