Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7a728816-ace9-4a07-86ea-7ebc247ed176.roa
File:                     7a728816-ace9-4a07-86ea-7ebc247ed176.roa (raw, json)
Hash identifier:          mZlWqZCLKBzskCgiVH9CfCug6DkhYgnyMWHH3Wyq7uI=
Subject key identifier:   43:75:2B:37:3F:6B:BA:A3:09:76:B6:4A:66:16:0E:B8:B3:24:26:9C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       07F261C8720DC860B0912FA6DD6EDBD35F0173F4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7a728816-ace9-4a07-86ea-7ebc247ed176.roa
Signing time:             Tue 14 Oct 2025 18:01:19 +0000
ROA not before:           Tue 14 Oct 2025 18:01:19 +0000
ROA not after:            Tue 18 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        78.12.0.0/14 maxlen: 14
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:f2:61:c8:72:0d:c8:60:b0:91:2f:a6:dd:6e:db:d3:5f:01:73:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 14 18:01:19 2025 GMT
            Not After : Nov 18 23:59:59 2025 GMT
        Subject: serialNumber=709fa17cd49bc165e6aa90ec609880085611ba97b20cd29605606304554ceec0, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:d7:33:dd:4a:64:68:e6:82:09:f1:6c:9e:ea:
                    8a:25:5d:82:7f:e8:20:6b:c2:3b:43:bb:99:28:74:
                    ca:f3:dc:4f:87:f7:92:13:08:33:0f:15:a9:bd:a1:
                    8b:43:83:0e:9f:7d:2a:d5:82:7a:c4:0a:a9:e8:ab:
                    a5:4a:29:21:76:ba:35:ed:7c:22:55:b1:34:ed:b9:
                    ac:e3:ec:6d:90:08:ce:c2:94:0d:ed:99:da:d3:a5:
                    b7:d3:9e:4f:98:d6:3c:55:6d:8c:fb:60:52:54:8b:
                    fd:08:29:76:69:81:41:06:0d:3d:c8:30:51:00:70:
                    7e:10:56:4e:c9:33:0d:38:d7:fd:83:16:ca:d1:a7:
                    a8:06:9d:3c:0f:8f:1e:ba:83:3a:12:10:56:4f:d5:
                    f4:20:d8:7e:e3:19:87:1f:47:26:0c:1b:92:c0:fe:
                    fe:44:2e:1c:db:d9:42:74:af:1d:a4:59:8e:9a:2d:
                    de:8d:c4:60:b8:33:67:6e:cc:23:b2:8c:c0:f2:45:
                    bd:da:c8:d5:f5:73:f5:d0:86:59:de:cb:c5:41:19:
                    bd:47:f6:66:f2:9b:f4:c0:8d:38:6e:b0:09:ec:94:
                    43:56:32:da:9e:b4:54:8e:f4:a5:d1:0b:1f:1b:35:
                    dc:d7:41:a6:4d:9d:5c:a0:96:6d:72:65:59:2d:7a:
                    2c:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:75:2B:37:3F:6B:BA:A3:09:76:B6:4A:66:16:0E:B8:B3:24:26:9C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7a728816-ace9-4a07-86ea-7ebc247ed176.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.12.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         d7:cc:8e:05:6b:ba:d2:56:29:12:b9:fc:bd:93:31:ca:37:c7:
         86:63:e6:ad:dd:af:37:b1:d7:b5:68:98:ad:6e:bf:89:ff:fd:
         57:aa:04:d7:11:85:9e:2e:28:04:9e:1a:1d:aa:a1:2c:a4:2a:
         25:7f:52:ed:8b:a8:6e:f5:68:80:4b:75:a7:16:de:04:1e:dc:
         c5:79:98:1d:c6:66:77:31:e4:86:b6:11:d3:17:23:34:4e:68:
         91:93:4a:6e:1d:03:5b:b1:17:c7:6e:24:a8:28:98:a1:34:93:
         b7:a3:91:4d:c3:92:8b:6a:f1:18:9b:cd:2e:f7:55:1c:59:0d:
         e0:99:9b:9b:b8:02:6f:e7:67:a6:4e:4e:28:14:c7:fc:1b:7a:
         41:38:62:6f:84:bf:76:6b:ef:78:5b:92:bc:71:65:ff:c8:0c:
         73:5a:cd:22:ee:bd:ed:33:a2:86:17:84:53:bf:ec:c8:98:b3:
         94:8d:80:56:c0:64:04:66:3d:e4:fe:d6:53:f6:88:45:7b:36:
         42:b9:d8:5f:07:cf:2a:9a:cc:5f:85:2b:16:5a:2e:10:6e:96:
         ff:4d:18:d0:48:89:0c:f4:f7:06:13:b6:84:f5:0f:b4:dd:6b:
         85:32:f2:73:8e:f0:a1:7b:d8:e1:13:63:04:45:60:22:7c:00:
         d7:04:22:c4
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUB/JhyHINyGCwkS+m3W7b018Bc/QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE0MTgwMTE5WhcNMjUxMTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A3MDlmYTE3Y2Q0OWJjMTY1ZTZhYTkwZWM2MDk4ODAwODU2
MTFiYTk3YjIwY2QyOTYwNTYwNjMwNDU1NGNlZWMwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC11zPdSmRo5oIJ8Wye6oolXYJ/6CBrwjtDu5kodMrz3E+H
95ITCDMPFam9oYtDgw6ffSrVgnrECqnoq6VKKSF2ujXtfCJVsTTtuazj7G2QCM7C
lA3tmdrTpbfTnk+Y1jxVbYz7YFJUi/0IKXZpgUEGDT3IMFEAcH4QVk7JMw041/2D
FsrRp6gGnTwPjx66gzoSEFZP1fQg2H7jGYcfRyYMG5LA/v5ELhzb2UJ0rx2kWY6a
Ld6NxGC4M2duzCOyjMDyRb3ayNX1c/XQhlney8VBGb1H9mbym/TAjThusAnslENW
MtqetFSO9KXRCx8bNdzXQaZNnVyglm1yZVkteiwnAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUQ3UrNz9ruqMJdrZKZhYOuLMkJpwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdhNzI4ODE2LWFjZTktNGEwNy04NmVhLTdlYmMyNDdlZDE3Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwJODDANBgkqhkiG9w0BAQsFAAOCAQEA18yOBWu60lYpErn8vZMxyjfHhmPm
rd2vN7HXtWiYrW6/if/9V6oE1xGFni4oBJ4aHaqhLKQqJX9S7YuobvVogEt1pxbe
BB7cxXmYHcZmdzHkhrYR0xcjNE5okZNKbh0DW7EXx24kqCiYoTSTt6ORTcOSi2rx
GJvNLvdVHFkN4Jmbm7gCb+dnpk5OKBTH/Bt6QThib4S/dmvveFuSvHFl/8gMc1rN
Iu697TOihheEU7/syJizlI2AVsBkBGY95P7WU/aIRXs2QrnYXwfPKprMX4UrFlou
EG6W/00Y0EiJDPT3BhO2hPUPtN1rhTLyc47woXvY4RNjBEVgInwA1wQixA==
-----END CERTIFICATE-----