Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9aca1af5-70ad-46f8-9435-7a35a97cef1f.roa
File:                     9aca1af5-70ad-46f8-9435-7a35a97cef1f.roa (raw, json)
Hash identifier:          5oij6Afiki3NP6RxQdkSVgR3XdchYyN27kV9DnrbVuA=
Subject key identifier:   8F:51:6D:CD:7B:E2:2A:23:BD:E9:B1:19:4D:B8:8F:23:54:0A:A8:55
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7B6051B516F47B6E623658847A261B592E3DD955
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9aca1af5-70ad-46f8-9435-7a35a97cef1f.roa
Signing time:             Tue 04 Nov 2025 00:20:10 +0000
ROA not before:           Tue 04 Nov 2025 00:20:10 +0000
ROA not after:            Tue 09 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        78.12.61.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:60:51:b5:16:f4:7b:6e:62:36:58:84:7a:26:1b:59:2e:3d:d9:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  4 00:20:10 2025 GMT
            Not After : Dec  9 23:59:59 2025 GMT
        Subject: serialNumber=e68ebe126901252e27a2d5589399d43725f894a6711e1329eec45d23e2c9b779, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:fd:99:fb:e2:f4:99:ce:25:17:43:90:e6:5d:
                    e0:7e:91:d8:61:29:59:45:1e:5f:f9:52:a2:29:97:
                    a2:50:98:5b:84:0c:f2:46:53:16:9f:ae:6c:8d:49:
                    cd:cf:d7:74:70:fb:f3:48:86:e7:58:3f:27:4e:90:
                    e5:0d:73:56:1c:38:10:12:22:e4:e5:c6:ee:aa:c0:
                    41:50:88:13:25:26:a6:ea:15:37:aa:95:d8:94:d8:
                    d0:32:38:19:c6:ff:d7:cf:97:2c:79:38:64:5f:aa:
                    6c:1f:02:25:e4:e1:38:59:fa:80:10:6c:9d:9c:ea:
                    f0:ae:1d:ce:9b:8c:71:9b:91:3b:d5:2c:28:0c:d1:
                    dd:cf:6c:b5:16:b5:63:ca:08:bf:9f:64:24:0a:26:
                    6b:52:db:38:82:3f:f3:28:86:46:b5:8e:13:0c:a8:
                    f8:d3:7f:36:e5:67:ed:79:33:c4:13:c8:e8:63:28:
                    42:6b:83:d5:40:a1:47:a0:bf:ed:18:12:ca:df:95:
                    4b:a4:a0:a0:e6:bc:7b:14:78:36:ae:94:cf:6c:39:
                    4e:ab:06:95:b2:8d:7b:28:30:0a:e7:86:47:dc:8f:
                    c6:12:bb:05:02:9f:4e:c2:e2:c7:0f:9a:84:a6:05:
                    b7:11:4e:ee:81:fe:7c:2d:a9:68:c7:cc:6a:d9:28:
                    0c:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:51:6D:CD:7B:E2:2A:23:BD:E9:B1:19:4D:B8:8F:23:54:0A:A8:55
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9aca1af5-70ad-46f8-9435-7a35a97cef1f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.12.61.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:62:71:16:b3:79:05:78:41:73:e6:06:ae:33:a3:e6:07:d7:
         28:6b:d5:00:16:d9:93:71:d2:29:63:4f:2d:db:5c:14:55:5c:
         5b:5d:22:b9:86:f7:40:b4:45:37:a1:58:c4:77:c8:b2:ad:36:
         f1:a4:45:28:5e:f2:11:1a:93:dc:c7:4e:a5:85:d7:be:1c:d1:
         1f:d4:6b:b7:15:41:81:79:2f:66:0e:b2:ec:ec:4f:eb:b7:00:
         27:90:ce:f3:02:49:b4:8f:54:c2:c9:56:57:ee:c1:28:8c:02:
         be:64:a1:d6:84:bf:b3:46:9e:8c:98:9e:75:3b:7d:da:1d:1b:
         ff:d7:4e:9e:4f:2d:25:a6:61:9c:f6:dc:50:11:79:d7:fe:96:
         94:d0:2b:5d:f5:a7:25:c7:c0:ba:61:3f:1c:d7:bb:46:27:f4:
         00:54:e4:f1:96:d7:eb:80:d8:cc:24:a3:94:61:31:7f:0a:34:
         e7:8b:14:66:e0:22:c3:b8:97:2a:ca:ab:38:0f:4a:15:1f:b9:
         58:8c:34:d0:d8:62:53:f2:ba:35:36:b4:73:fc:19:31:4e:26:
         18:d7:9a:c5:84:22:2a:61:65:3e:92:ea:86:59:29:fe:be:78:
         a9:ed:41:42:19:cf:cf:d5:70:12:f2:05:b7:6b:7d:f3:94:4f:
         52:19:fc:c0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUe2BRtRb0e25iNliEeiYbWS492VUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTA0MDAyMDEwWhcNMjUxMjA5MjM1OTU5
WjB6MUkwRwYDVQQFE0BlNjhlYmUxMjY5MDEyNTJlMjdhMmQ1NTg5Mzk5ZDQzNzI1
Zjg5NGE2NzExZTEzMjllZWM0NWQyM2UyYzliNzc5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD0/Zn74vSZziUXQ5DmXeB+kdhhKVlFHl/5UqIpl6JQmFuE
DPJGUxafrmyNSc3P13Rw+/NIhudYPydOkOUNc1YcOBASIuTlxu6qwEFQiBMlJqbq
FTeqldiU2NAyOBnG/9fPlyx5OGRfqmwfAiXk4ThZ+oAQbJ2c6vCuHc6bjHGbkTvV
LCgM0d3PbLUWtWPKCL+fZCQKJmtS2ziCP/Mohka1jhMMqPjTfzblZ+15M8QTyOhj
KEJrg9VAoUegv+0YEsrflUukoKDmvHsUeDaulM9sOU6rBpWyjXsoMArnhkfcj8YS
uwUCn07C4scPmoSmBbcRTu6B/nwtqWjHzGrZKAy7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUj1FtzXviKiO96bEZTbiPI1QKqFUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzlhY2ExYWY1LTcwYWQtNDZmOC05NDM1LTdhMzVhOTdjZWYxZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABODD0wDQYJKoZIhvcNAQELBQADggEBAH5icRazeQV4QXPmBq4zo+YH1yhr
1QAW2ZNx0iljTy3bXBRVXFtdIrmG90C0RTehWMR3yLKtNvGkRShe8hEak9zHTqWF
174c0R/Ua7cVQYF5L2YOsuzsT+u3ACeQzvMCSbSPVMLJVlfuwSiMAr5kodaEv7NG
noyYnnU7fdodG//XTp5PLSWmYZz23FARedf+lpTQK131pyXHwLphPxzXu0Yn9ABU
5PGW1+uA2Mwko5RhMX8KNOeLFGbgIsO4lyrKqzgPShUfuViMNNDYYlPyujU2tHP8
GTFOJhjXmsWEIiphZT6S6oZZKf6+eKntQUIZz8/VcBLyBbdrffOUT1IZ/MA=
-----END CERTIFICATE-----