Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/279a14e6-acd1-40ed-a2e4-0c100e001705.roa
File:                     279a14e6-acd1-40ed-a2e4-0c100e001705.roa (raw, json)
Hash identifier:          sFymoeIZhW7/Vcash1I5zRs/W/kEzZLJAmAFFD4Vws4=
Subject key identifier:   78:85:05:D6:13:2E:02:D2:EF:C0:58:23:21:21:AE:0E:7A:7E:C6:DF
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       259312B1DF8917ECA2879D6A01391352B2FABEF5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/279a14e6-acd1-40ed-a2e4-0c100e001705.roa
Signing time:             Wed 01 Oct 2025 00:22:03 +0000
ROA not before:           Wed 01 Oct 2025 00:22:03 +0000
ROA not after:            Wed 05 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f2c::/36 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:93:12:b1:df:89:17:ec:a2:87:9d:6a:01:39:13:52:b2:fa:be:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  1 00:22:03 2025 GMT
            Not After : Nov  5 23:59:59 2025 GMT
        Subject: serialNumber=b0ae13cb07f6be694113a26754548d48f9be6b4034d174c174a1a45166116e83, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:80:a7:f7:8c:52:9f:49:66:38:43:ba:82:2d:
                    e3:c5:59:fb:ef:60:3c:92:19:25:6f:24:c3:25:d8:
                    5c:d4:36:fb:28:b1:34:dd:df:60:65:70:e0:64:c2:
                    3a:22:c8:87:be:47:ce:5c:a9:eb:52:e2:38:2e:74:
                    f6:89:dd:37:7c:ad:1b:63:47:81:ff:91:2a:2d:f0:
                    49:7d:56:bd:ad:8f:9a:49:28:6c:41:50:65:9a:01:
                    9f:1e:60:6d:67:13:a7:67:5d:4d:7c:46:f2:75:1b:
                    80:1e:70:5a:74:dc:bb:fa:98:66:cd:94:77:9b:4b:
                    29:c1:b7:a7:53:aa:09:b5:8e:1b:cf:56:f7:d6:7f:
                    66:c8:7b:c7:a9:49:f0:a8:0f:ff:bf:8f:f1:ae:ac:
                    62:1a:03:89:9c:53:31:0c:76:8a:a3:a5:25:c2:e0:
                    73:0f:71:70:c0:2f:c3:50:70:92:59:d1:23:6d:dd:
                    e5:85:91:68:60:79:41:78:96:60:4b:ad:33:7a:6b:
                    7f:67:f9:ed:a4:dd:7f:04:f3:13:45:3d:23:8b:1a:
                    4c:a4:11:10:9d:2c:0b:c9:6c:e7:c8:73:fe:63:22:
                    1c:e3:39:ae:37:02:9a:64:31:95:cb:d7:aa:71:0b:
                    ce:c3:51:47:cc:d2:de:16:29:2e:46:f4:06:72:b2:
                    0e:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:85:05:D6:13:2E:02:D2:EF:C0:58:23:21:21:AE:0E:7A:7E:C6:DF
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/279a14e6-acd1-40ed-a2e4-0c100e001705.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f2c::/36

    Signature Algorithm: sha256WithRSAEncryption
         3f:e1:c2:e2:02:3a:b4:90:2a:52:7a:f4:44:ca:24:75:7b:7b:
         3e:5a:de:fe:f7:4a:c9:69:0e:e9:f0:32:74:77:47:3b:9f:4a:
         1d:e7:d8:b1:47:db:da:85:4f:fe:77:84:42:69:bd:68:7c:cf:
         4b:b7:dc:04:ff:ea:4c:70:b1:24:64:80:0d:0c:cf:25:5a:f1:
         7b:9c:f5:d8:1a:d9:a6:51:f1:e6:e8:f6:90:cb:60:b3:f5:7f:
         26:fa:f9:44:42:f6:0e:02:3e:18:e5:d7:01:e8:91:b4:6e:4b:
         ed:73:6c:17:8f:55:bc:82:40:2c:db:3d:a1:74:a1:57:32:38:
         97:3d:d1:11:88:ee:8a:91:a8:d0:06:03:a8:64:ea:c0:d7:53:
         0e:aa:92:b2:2f:63:9d:24:92:f0:d6:03:90:6e:ae:46:7d:18:
         11:0c:b4:4b:7a:ba:41:31:d6:f0:f6:dd:ad:b6:8b:89:d8:26:
         9d:48:f3:37:b3:7b:fe:97:78:aa:82:53:f7:b0:42:db:db:fc:
         6f:7f:19:b8:fc:80:3c:42:7f:55:19:67:31:4b:61:3e:2a:9e:
         32:f9:e2:a7:89:38:44:6c:ba:6a:7c:89:7e:9b:19:98:d5:f5:
         08:82:e4:15:32:ed:b2:eb:99:ad:3c:23:0c:99:fa:d5:76:e3:
         ca:40:29:66
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUJZMSsd+JF+yih51qATkTUrL6vvUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDAyMjAzWhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BiMGFlMTNjYjA3ZjZiZTY5NDExM2EyNjc1NDU0OGQ0OGY5
YmU2YjQwMzRkMTc0YzE3NGExYTQ1MTY2MTE2ZTgzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDVgKf3jFKfSWY4Q7qCLePFWfvvYDySGSVvJMMl2FzUNvso
sTTd32BlcOBkwjoiyIe+R85cqetS4jgudPaJ3Td8rRtjR4H/kSot8El9Vr2tj5pJ
KGxBUGWaAZ8eYG1nE6dnXU18RvJ1G4AecFp03Lv6mGbNlHebSynBt6dTqgm1jhvP
VvfWf2bIe8epSfCoD/+/j/GurGIaA4mcUzEMdoqjpSXC4HMPcXDAL8NQcJJZ0SNt
3eWFkWhgeUF4lmBLrTN6a39n+e2k3X8E8xNFPSOLGkykERCdLAvJbOfIc/5jIhzj
Oa43AppkMZXL16pxC87DUUfM0t4WKS5G9AZysg4LAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUeIUF1hMuAtLvwFgjISGuDnp+xt8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI3OWExNGU2LWFjZDEtNDBlZC1hMmU0LTBjMTAwZTAwMTcwNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8sADANBgkqhkiG9w0BAQsFAAOCAQEAP+HC4gI6tJAqUnr0RMokdXt7
Plre/vdKyWkO6fAydHdHO59KHefYsUfb2oVP/neEQmm9aHzPS7fcBP/qTHCxJGSA
DQzPJVrxe5z12BrZplHx5uj2kMtgs/V/Jvr5REL2DgI+GOXXAeiRtG5L7XNsF49V
vIJALNs9oXShVzI4lz3REYjuipGo0AYDqGTqwNdTDqqSsi9jnSSS8NYDkG6uRn0Y
EQy0S3q6QTHW8PbdrbaLidgmnUjzN7N7/pd4qoJT97BC29v8b38ZuPyAPEJ/VRln
MUthPiqeMvnip4k4RGy6anyJfpsZmNX1CILkFTLtsuuZrTwjDJn61XbjykApZg==
-----END CERTIFICATE-----