Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/60e798f1-2c72-4195-b34c-7c1c6171e9a3.roa
File:                     60e798f1-2c72-4195-b34c-7c1c6171e9a3.roa (raw, json)
Hash identifier:          c+W4B6fuFu1SLtkGOfCwwZG1cC2jlJU0Up8asdQYzMc=
Subject key identifier:   70:80:06:B3:68:87:E6:A1:55:4B:DD:89:80:9A:67:7A:FF:40:00:A5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       78A035445861F03BB93BBBA12D06C010FD5F0B20
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/60e798f1-2c72-4195-b34c-7c1c6171e9a3.roa
Signing time:             Sun 02 Nov 2025 00:11:13 +0000
ROA not before:           Sun 02 Nov 2025 00:11:13 +0000
ROA not after:            Sun 07 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.151.175.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:a0:35:44:58:61:f0:3b:b9:3b:bb:a1:2d:06:c0:10:fd:5f:0b:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  2 00:11:13 2025 GMT
            Not After : Dec  7 23:59:59 2025 GMT
        Subject: serialNumber=48ab9dd6a825a81d500b121b4e04528ec7656cca26a999bf0d02168a0bda044c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:66:c1:4a:06:c3:aa:ec:b6:05:d1:0e:cc:a4:
                    77:0e:40:cf:cb:91:92:db:7d:4c:71:67:9e:cc:90:
                    6d:df:e6:ce:2a:4b:f9:50:70:3a:4c:25:ee:40:f8:
                    81:cf:61:02:00:74:31:7d:17:00:d9:97:07:89:63:
                    ad:1c:b5:9a:12:e1:29:9c:ef:5e:90:72:53:66:4c:
                    b8:cb:25:79:40:d0:ce:6e:58:3d:fe:02:c9:3f:77:
                    47:aa:cb:7a:08:55:a6:7e:46:f9:44:2c:9f:b4:b4:
                    ea:2e:12:fa:70:77:f6:3f:80:09:87:fe:fc:3d:63:
                    67:99:2e:b8:62:f2:49:08:1d:82:25:b7:8a:99:62:
                    c1:6a:52:fe:f4:3f:67:f8:b5:82:27:69:5e:e4:98:
                    5f:1d:dc:90:06:45:fb:6f:1e:1e:36:a1:89:db:8f:
                    42:86:8f:3f:32:1e:1e:bb:66:c8:99:5b:f5:ae:74:
                    77:dc:9e:01:bd:b6:69:36:f9:a1:83:00:34:9c:dc:
                    47:45:6b:79:36:86:dc:58:1c:6f:b7:1b:a5:b2:16:
                    f5:2c:3f:38:9c:16:16:c9:45:da:bd:dc:db:52:b8:
                    37:d3:0f:c2:97:26:71:96:2c:b7:b3:b6:bf:42:94:
                    e9:df:61:3f:44:43:83:4e:fb:e0:78:22:9e:e2:5e:
                    be:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:80:06:B3:68:87:E6:A1:55:4B:DD:89:80:9A:67:7A:FF:40:00:A5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/60e798f1-2c72-4195-b34c-7c1c6171e9a3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.151.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:5c:82:d2:57:8a:98:5b:d7:2a:b0:e9:09:72:a0:1d:1b:8b:
         08:ca:08:fc:8b:e1:34:22:ab:e0:36:0f:4e:37:98:ce:4b:42:
         2d:16:f1:71:21:70:32:9c:1d:aa:2a:ff:69:ae:f9:4a:78:23:
         5a:3b:59:c2:94:20:61:b2:49:eb:84:e5:16:13:ac:d4:91:b6:
         fb:3c:cd:5a:82:72:ba:fb:9a:2d:d6:80:5e:47:c1:8d:01:07:
         6f:b0:7b:d0:50:fe:e3:4c:3e:81:68:e4:3f:d9:fd:65:78:6e:
         50:68:0b:38:08:36:f3:c1:a8:26:a0:2b:0f:dd:85:bc:a1:81:
         da:e7:ac:ed:cb:3a:9f:8d:7c:0b:8f:e9:d3:4c:1c:4b:35:a8:
         75:0a:f3:9a:79:9a:40:a8:b0:9b:cb:38:98:08:c7:34:13:7f:
         41:18:b1:b4:32:f9:20:2c:e5:e8:78:92:03:86:4a:47:86:02:
         0d:6c:53:c5:0b:8b:69:11:6c:e7:c1:8f:3c:09:aa:37:13:e0:
         18:6b:5e:96:39:fd:a2:80:59:d2:89:db:de:79:12:eb:a1:ac:
         10:d8:54:65:d9:56:c1:f9:70:c2:94:77:d2:ba:2e:f0:4d:08:
         d2:f9:95:60:7d:a5:2b:27:b5:a9:04:ca:08:13:d1:0e:62:48:
         5a:7c:65:e2
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUeKA1RFhh8Du5O7uhLQbAEP1fCyAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTAyMDAxMTEzWhcNMjUxMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A0OGFiOWRkNmE4MjVhODFkNTAwYjEyMWI0ZTA0NTI4ZWM3
NjU2Y2NhMjZhOTk5YmYwZDAyMTY4YTBiZGEwNDRjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCmZsFKBsOq7LYF0Q7MpHcOQM/LkZLbfUxxZ57MkG3f5s4q
S/lQcDpMJe5A+IHPYQIAdDF9FwDZlweJY60ctZoS4Smc716QclNmTLjLJXlA0M5u
WD3+Ask/d0eqy3oIVaZ+RvlELJ+0tOouEvpwd/Y/gAmH/vw9Y2eZLrhi8kkIHYIl
t4qZYsFqUv70P2f4tYInaV7kmF8d3JAGRftvHh42oYnbj0KGjz8yHh67ZsiZW/Wu
dHfcngG9tmk2+aGDADSc3EdFa3k2htxYHG+3G6WyFvUsPzicFhbJRdq93NtSuDfT
D8KXJnGWLLeztr9ClOnfYT9EQ4NO++B4Ip7iXr6xAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUcIAGs2iH5qFVS92JgJpnev9AAKUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzYwZTc5OGYxLTJjNzItNDE5NS1iMzRjLTdjMWM2MTcxZTlhMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjl68wDQYJKoZIhvcNAQELBQADggEBAGpcgtJXiphb1yqw6QlyoB0biwjK
CPyL4TQiq+A2D043mM5LQi0W8XEhcDKcHaoq/2mu+Up4I1o7WcKUIGGySeuE5RYT
rNSRtvs8zVqCcrr7mi3WgF5HwY0BB2+we9BQ/uNMPoFo5D/Z/WV4blBoCzgINvPB
qCagKw/dhbyhgdrnrO3LOp+NfAuP6dNMHEs1qHUK85p5mkCosJvLOJgIxzQTf0EY
sbQy+SAs5eh4kgOGSkeGAg1sU8ULi2kRbOfBjzwJqjcT4BhrXpY5/aKAWdKJ2955
EuuhrBDYVGXZVsH5cMKUd9K6LvBNCNL5lWB9pSsntakEyggT0Q5iSFp8ZeI=
-----END CERTIFICATE-----