Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2d163000-da92-4a82-87fe-0bc2263033d1.roa
File:                     2d163000-da92-4a82-87fe-0bc2263033d1.roa (raw, json)
Hash identifier:          ErKcnIFrwQ0gSCqRFnd9VIoJ2BcsddfgBJxhD4lT0vw=
Subject key identifier:   51:C0:95:53:0D:31:1D:CB:0E:84:1F:70:1A:FA:A8:7D:91:CD:B4:51
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3E1A4CD441369721F2E325028B4FCECF8DB138C4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2d163000-da92-4a82-87fe-0bc2263033d1.roa
Signing time:             Tue 04 Nov 2025 00:10:39 +0000
ROA not before:           Tue 04 Nov 2025 00:10:39 +0000
ROA not after:            Tue 09 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        78.12.64.0/23 maxlen: 23
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:1a:4c:d4:41:36:97:21:f2:e3:25:02:8b:4f:ce:cf:8d:b1:38:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  4 00:10:39 2025 GMT
            Not After : Dec  9 23:59:59 2025 GMT
        Subject: serialNumber=5115bf1b55ce687c74d270a3bb3d904444fda15f4bd53c091c882d1100afb415, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:75:48:75:ed:da:28:66:e5:f0:a5:ea:75:06:
                    22:f0:2a:26:2b:7e:73:af:6c:65:60:57:c0:a0:dc:
                    f9:36:01:18:1e:7f:c7:00:c0:df:cf:a5:27:de:51:
                    a5:89:27:ff:39:02:e8:03:5d:39:dd:a2:1d:32:97:
                    b7:72:44:02:51:79:2f:80:e6:55:34:be:fa:82:40:
                    2b:cb:d5:35:61:46:59:fe:f3:29:0b:80:50:71:93:
                    1c:4f:02:ea:8c:db:dd:96:f5:12:50:4e:84:bd:d6:
                    f5:79:a3:9d:8a:a0:76:f1:54:99:e6:48:c7:de:58:
                    08:4f:7b:33:64:c5:20:1f:27:bb:bd:21:fd:c4:dd:
                    dc:ae:43:d5:1f:98:96:16:f2:6f:ca:76:17:e6:0b:
                    a4:07:f6:a8:a9:80:cd:8a:c8:ea:a4:04:40:11:a7:
                    1f:a4:c2:c0:39:6a:eb:57:f8:08:5e:68:98:1a:45:
                    68:0e:d8:7a:cf:46:47:c8:43:30:9b:3d:b4:69:06:
                    a9:1a:7b:8a:65:7f:6c:93:87:61:93:d5:c6:f0:12:
                    57:d2:16:67:32:55:7a:34:3f:17:c2:4e:e8:a6:c1:
                    3e:75:df:8d:e0:5c:d5:44:6b:f5:c1:67:1a:9e:b1:
                    49:8b:72:2e:22:40:90:5b:23:ca:cb:87:26:91:51:
                    5c:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:C0:95:53:0D:31:1D:CB:0E:84:1F:70:1A:FA:A8:7D:91:CD:B4:51
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2d163000-da92-4a82-87fe-0bc2263033d1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.12.64.0/23

    Signature Algorithm: sha256WithRSAEncryption
         88:f7:48:89:60:53:e3:a7:a0:08:c8:8b:9e:8d:ec:4b:76:82:
         07:87:e1:93:a6:43:67:0a:5d:68:ae:1e:1e:a9:18:48:76:eb:
         2a:bb:b3:2b:f5:cf:97:62:cd:83:43:71:b9:84:39:d1:44:bd:
         b6:35:2d:09:11:f3:38:07:f4:e8:93:2d:62:f3:03:4f:3f:c7:
         68:b8:f2:44:3f:8e:cd:03:1b:71:02:12:73:37:3f:d4:03:6e:
         70:24:45:73:9d:e0:43:ac:12:5f:2b:f5:94:79:36:93:58:ad:
         56:09:c8:3f:e2:26:13:64:8d:a7:52:c2:50:80:6a:28:a4:54:
         45:86:a9:7b:65:d2:46:7a:f5:82:7b:e3:50:f4:04:f0:3b:b7:
         ba:90:73:10:1b:6c:40:87:76:73:bb:95:bc:6b:33:87:2a:80:
         08:40:88:ba:4c:81:39:b6:9b:ba:30:37:d4:8a:57:11:8b:1b:
         1c:c3:38:90:70:49:32:5b:33:3d:77:46:cf:5f:43:bb:9c:70:
         6d:12:e4:10:66:87:a8:77:d6:bf:21:5b:16:82:2c:7b:03:ac:
         37:c7:4d:7c:02:80:ce:18:e6:66:72:3e:e6:09:f4:f8:54:d3:
         1e:0e:11:13:67:48:3d:b3:c0:32:c2:cd:a9:43:65:84:d6:dd:
         4a:e3:19:a5
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUPhpM1EE2lyHy4yUCi0/Oz42xOMQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTA0MDAxMDM5WhcNMjUxMjA5MjM1OTU5
WjB6MUkwRwYDVQQFE0A1MTE1YmYxYjU1Y2U2ODdjNzRkMjcwYTNiYjNkOTA0NDQ0
ZmRhMTVmNGJkNTNjMDkxYzg4MmQxMTAwYWZiNDE1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzdUh17dooZuXwpep1BiLwKiYrfnOvbGVgV8Cg3Pk2ARge
f8cAwN/PpSfeUaWJJ/85AugDXTndoh0yl7dyRAJReS+A5lU0vvqCQCvL1TVhRln+
8ykLgFBxkxxPAuqM292W9RJQToS91vV5o52KoHbxVJnmSMfeWAhPezNkxSAfJ7u9
If3E3dyuQ9UfmJYW8m/KdhfmC6QH9qipgM2KyOqkBEARpx+kwsA5autX+AheaJga
RWgO2HrPRkfIQzCbPbRpBqkae4plf2yTh2GT1cbwElfSFmcyVXo0PxfCTuimwT51
343gXNVEa/XBZxqesUmLci4iQJBbI8rLhyaRUVzzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUUcCVUw0xHcsOhB9wGvqofZHNtFEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJkMTYzMDAwLWRhOTItNGE4Mi04N2ZlLTBiYzIyNjMwMzNkMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFODEAwDQYJKoZIhvcNAQELBQADggEBAIj3SIlgU+OnoAjIi56N7Et2ggeH
4ZOmQ2cKXWiuHh6pGEh26yq7syv1z5dizYNDcbmEOdFEvbY1LQkR8zgH9OiTLWLz
A08/x2i48kQ/js0DG3ECEnM3P9QDbnAkRXOd4EOsEl8r9ZR5NpNYrVYJyD/iJhNk
jadSwlCAaiikVEWGqXtl0kZ69YJ741D0BPA7t7qQcxAbbECHdnO7lbxrM4cqgAhA
iLpMgTm2m7owN9SKVxGLGxzDOJBwSTJbMz13Rs9fQ7uccG0S5BBmh6h31r8hWxaC
LHsDrDfHTXwCgM4Y5mZyPuYJ9PhU0x4OERNnSD2zwDLCzalDZYTW3UrjGaU=
-----END CERTIFICATE-----