Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/03426574-913b-4f83-8b2d-c2aacea18087.roa
File:                     03426574-913b-4f83-8b2d-c2aacea18087.roa (raw, json)
Hash identifier:          m4uNwPHUh46/mbztBjrGg6MUhAN2gP9+0H9zvDGJoBU=
Subject key identifier:   2A:DC:35:30:B8:82:F8:B8:04:A2:4E:39:84:C3:01:74:EB:25:2D:A0
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       159599B02C2049CB37A50E54ED1CB98C1E1EEA09
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/03426574-913b-4f83-8b2d-c2aacea18087.roa
Signing time:             Tue 14 Oct 2025 16:01:28 +0000
ROA not before:           Tue 14 Oct 2025 16:01:28 +0000
ROA not after:            Tue 18 Nov 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2600:1f69:2000::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:95:99:b0:2c:20:49:cb:37:a5:0e:54:ed:1c:b9:8c:1e:1e:ea:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 14 16:01:28 2025 GMT
            Not After : Nov 18 23:59:59 2025 GMT
        Subject: serialNumber=e84881b3278ae12a3a4a984da9ec7562eca3612e15b4f82ada136b2150bb4432, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:f6:13:1b:d8:9c:54:e9:bb:3d:9a:d0:52:75:
                    3c:dc:e3:56:4d:6f:4b:98:bb:e5:66:ea:ec:21:04:
                    25:a9:c2:11:7a:94:f9:aa:c7:02:7d:84:7c:0b:7b:
                    4f:a0:c2:7c:3c:04:2b:da:53:af:15:94:cf:35:47:
                    61:30:0e:25:0b:ec:45:55:17:57:c3:e7:a2:92:3c:
                    80:83:96:72:99:fd:6b:6b:cb:86:99:77:ac:10:50:
                    d6:f2:14:6c:4c:e2:75:61:fa:50:09:22:ac:c1:21:
                    a3:b5:6e:14:90:83:73:eb:d0:c9:50:fb:5d:a8:a3:
                    f5:82:14:3f:97:1a:45:17:d2:01:81:25:a3:1f:51:
                    ce:dd:09:aa:24:47:e1:74:0b:bb:13:02:a2:08:00:
                    07:7d:ae:38:f5:07:5e:90:ae:0a:bd:46:8b:24:61:
                    ca:8d:b1:e1:83:45:3b:1f:74:16:2f:99:8a:7a:8a:
                    6a:ff:13:69:49:26:ee:8e:1a:73:88:6b:5a:99:50:
                    d3:9d:7e:c3:d2:0c:d9:69:af:a9:3e:3e:59:c1:d8:
                    da:be:0e:7f:fb:9e:59:61:84:42:0b:39:52:e2:35:
                    2d:18:a9:19:59:51:6a:07:d1:08:96:20:d2:58:6b:
                    f2:13:f1:00:a0:0e:3b:5c:0a:d1:d8:59:89:0a:05:
                    8c:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:DC:35:30:B8:82:F8:B8:04:A2:4E:39:84:C3:01:74:EB:25:2D:A0
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/03426574-913b-4f83-8b2d-c2aacea18087.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f69:2000::/40

    Signature Algorithm: sha256WithRSAEncryption
         00:65:f6:4d:cc:09:8c:82:f9:05:e2:3d:a9:e3:b2:81:ca:9e:
         8d:ef:18:df:5a:99:97:a2:bf:d3:50:99:ce:ea:f5:36:c7:fa:
         1d:56:7a:fd:24:d5:b6:d9:23:87:ae:46:d0:f3:77:f1:70:0a:
         c8:c4:62:96:81:53:c6:e8:e0:37:46:80:04:b2:69:e4:6e:e0:
         2b:fa:1b:09:a3:d7:dc:e0:6f:30:4f:b1:55:5b:48:be:3b:fe:
         a4:bd:4f:7e:64:d5:73:06:00:4a:0c:7d:9c:eb:8f:df:ff:e4:
         57:d3:0b:7e:23:be:88:65:74:26:a9:5a:ca:40:7d:fe:ac:ea:
         4e:d5:16:5e:a5:27:44:af:05:f5:86:1c:cd:28:21:3d:81:1e:
         e3:d8:e3:44:96:52:31:67:05:c1:37:29:99:c1:39:f6:67:cb:
         54:53:6d:17:ba:f2:b8:c3:57:c1:68:43:3c:5a:c6:ef:c3:f1:
         8e:f0:5c:18:98:b0:34:03:83:c5:ee:74:f2:01:16:d8:b0:0d:
         1f:bf:d7:90:0f:fc:5c:e4:c6:c6:a0:c2:f1:5f:61:b9:e1:01:
         20:91:a1:b8:cf:04:14:ef:98:d9:ac:86:ce:9b:12:62:cd:9b:
         c3:8a:6b:0a:55:ce:1b:ab:62:52:b6:6e:bb:ca:02:e9:d1:cb:
         d7:34:59:a4
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUFZWZsCwgScs3pQ5U7Ry5jB4e6gkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE0MTYwMTI4WhcNMjUxMTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BlODQ4ODFiMzI3OGFlMTJhM2E0YTk4NGRhOWVjNzU2MmVj
YTM2MTJlMTViNGY4MmFkYTEzNmIyMTUwYmI0NDMyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC99hMb2JxU6bs9mtBSdTzc41ZNb0uYu+Vm6uwhBCWpwhF6
lPmqxwJ9hHwLe0+gwnw8BCvaU68VlM81R2EwDiUL7EVVF1fD56KSPICDlnKZ/Wtr
y4aZd6wQUNbyFGxM4nVh+lAJIqzBIaO1bhSQg3Pr0MlQ+12oo/WCFD+XGkUX0gGB
JaMfUc7dCaokR+F0C7sTAqIIAAd9rjj1B16Qrgq9RoskYcqNseGDRTsfdBYvmYp6
imr/E2lJJu6OGnOIa1qZUNOdfsPSDNlpr6k+PlnB2Nq+Dn/7nllhhEILOVLiNS0Y
qRlZUWoH0QiWINJYa/IT8QCgDjtcCtHYWYkKBYxPAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUKtw1MLiC+LgEok45hMMBdOslLaAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzAzNDI2NTc0LTkxM2ItNGY4My04YjJkLWMyYWFjZWExODA4Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB9pIDANBgkqhkiG9w0BAQsFAAOCAQEAAGX2TcwJjIL5BeI9qeOygcqe
je8Y31qZl6K/01CZzur1Nsf6HVZ6/STVttkjh65G0PN38XAKyMRiloFTxujgN0aA
BLJp5G7gK/obCaPX3OBvME+xVVtIvjv+pL1PfmTVcwYASgx9nOuP3//kV9MLfiO+
iGV0JqlaykB9/qzqTtUWXqUnRK8F9YYczSghPYEe49jjRJZSMWcFwTcpmcE59mfL
VFNtF7ryuMNXwWhDPFrG78PxjvBcGJiwNAODxe508gEW2LANH7/XkA/8XOTGxqDC
8V9hueEBIJGhuM8EFO+Y2ayGzpsSYs2bw4prClXOG6tiUrZuu8oC6dHL1zRZpA==
-----END CERTIFICATE-----