Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2af74c30-9f78-4f6f-9bdf-df39462d2ebe.roa
File:                     2af74c30-9f78-4f6f-9bdf-df39462d2ebe.roa (raw, json)
Hash identifier:          zYGiSkyW95TLaS28/h53bJQqfGZLWgV5RiyCnDIqjaI=
Subject key identifier:   15:BB:C8:3F:54:80:B7:57:61:28:81:1F:33:42:9C:F3:63:05:BE:30
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       37C353404A1C7527B827FDEFDD57925EBD59DFDC
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2af74c30-9f78-4f6f-9bdf-df39462d2ebe.roa
Signing time:             Fri 10 Oct 2025 14:22:02 +0000
ROA not before:           Fri 10 Oct 2025 14:22:02 +0000
ROA not after:            Fri 14 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f15:c000::/36 maxlen: 36
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:c3:53:40:4a:1c:75:27:b8:27:fd:ef:dd:57:92:5e:bd:59:df:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 10 14:22:02 2025 GMT
            Not After : Nov 14 23:59:59 2025 GMT
        Subject: serialNumber=f53e8a789277e683ece09dc76b3ad8ceca88115fe92a2bffd896ae172469bb18, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:ce:9c:4c:e9:28:cd:64:55:96:b9:59:1c:f6:
                    5f:9c:e4:5a:a5:0e:6f:c4:48:35:9f:ab:cd:38:bf:
                    d6:42:59:55:e7:f3:d5:3a:09:48:4a:dd:b3:c0:8b:
                    dd:51:6c:5d:be:b0:86:54:e8:4c:0e:77:52:c8:8f:
                    9a:87:39:fb:78:63:4e:5a:a7:61:d2:15:14:07:99:
                    b7:e3:8e:66:77:54:4d:d7:a9:d6:99:29:39:32:a4:
                    fc:9d:c8:f4:f4:f6:63:5b:9d:b9:ab:1a:63:4b:f1:
                    cc:2a:2f:0e:19:c3:ba:74:38:79:32:e9:2d:f1:6b:
                    61:a5:1b:92:30:0c:a8:df:b3:e5:e1:7c:a8:81:3d:
                    b0:81:de:1f:2d:58:6e:b3:76:7a:d3:b8:08:d1:d1:
                    1a:45:22:93:5c:0e:46:3a:72:30:76:a4:1c:fc:eb:
                    6c:64:7a:bd:f6:f4:6c:dc:52:50:04:90:d9:bf:64:
                    bf:0a:af:08:54:b6:cc:91:02:bf:5a:40:7b:90:14:
                    2a:da:bb:72:b1:62:53:73:ad:4e:ac:50:1e:8a:ba:
                    b1:da:38:3f:dc:72:a8:a5:b6:e5:ee:f1:8d:4e:10:
                    ab:74:1b:24:9f:bc:9c:49:ef:e2:e5:41:bd:72:32:
                    6c:a4:f7:d1:12:f1:f7:a4:72:28:ed:ad:ae:e6:bf:
                    11:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:BB:C8:3F:54:80:B7:57:61:28:81:1F:33:42:9C:F3:63:05:BE:30
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2af74c30-9f78-4f6f-9bdf-df39462d2ebe.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f15:c000::/36

    Signature Algorithm: sha256WithRSAEncryption
         06:43:57:83:54:a9:74:9f:a4:20:51:9e:fd:a0:3a:06:97:46:
         bf:64:2e:10:b1:8e:ec:12:e0:14:c8:f3:a3:ab:60:2b:28:15:
         f5:93:47:17:1c:6a:7e:ad:46:c9:cb:4a:63:25:63:e0:c6:81:
         0f:20:d9:4d:2c:83:60:4a:d9:ac:19:ae:13:75:81:bd:64:d7:
         e1:c1:18:56:60:05:6f:6a:80:b2:62:61:df:2d:c3:09:df:3a:
         0e:60:66:4a:bb:d3:06:e2:7b:c0:a0:ec:49:ea:6d:e2:cd:9e:
         b0:dc:c3:c3:24:1c:55:5e:85:73:b1:ae:d1:9e:ab:6e:f2:41:
         b1:36:f0:9c:c4:4e:b4:9f:39:34:1f:66:fb:c0:8e:6c:52:c3:
         c2:b9:f0:5b:0b:09:cb:f9:9d:c0:4c:07:a7:12:ec:a8:e8:aa:
         9c:b6:e5:71:fb:1a:db:41:f8:45:a2:1d:d7:8f:d9:8e:02:4d:
         c1:b8:f3:40:3d:75:ba:40:3b:87:43:fc:d8:15:2c:bc:97:2f:
         5b:d8:8b:fd:f2:b4:3a:f2:9d:bc:a1:70:27:7a:ae:0b:12:b1:
         bd:fb:06:9c:a1:a8:a0:ed:2c:bf:92:4b:2a:05:5e:5a:da:5f:
         07:ec:d6:93:8c:94:d9:12:0c:d7:2b:1f:66:c7:53:d8:b8:b0:
         e0:b8:7d:2c
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUN8NTQEocdSe4J/3v3VeSXr1Z39wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDEwMTQyMjAyWhcNMjUxMTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BmNTNlOGE3ODkyNzdlNjgzZWNlMDlkYzc2YjNhZDhjZWNh
ODgxMTVmZTkyYTJiZmZkODk2YWUxNzI0NjliYjE4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDYzpxM6SjNZFWWuVkc9l+c5FqlDm/ESDWfq804v9ZCWVXn
89U6CUhK3bPAi91RbF2+sIZU6EwOd1LIj5qHOft4Y05ap2HSFRQHmbfjjmZ3VE3X
qdaZKTkypPydyPT09mNbnbmrGmNL8cwqLw4Zw7p0OHky6S3xa2GlG5IwDKjfs+Xh
fKiBPbCB3h8tWG6zdnrTuAjR0RpFIpNcDkY6cjB2pBz862xker329GzcUlAEkNm/
ZL8KrwhUtsyRAr9aQHuQFCrau3KxYlNzrU6sUB6KurHaOD/ccqiltuXu8Y1OEKt0
GySfvJxJ7+LlQb1yMmyk99ES8fekcijtra7mvxFfAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUFbvIP1SAt1dhKIEfM0Kc82MFvjAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJhZjc0YzMwLTlmNzgtNGY2Zi05YmRmLWRmMzk0NjJkMmViZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8VwDANBgkqhkiG9w0BAQsFAAOCAQEABkNXg1SpdJ+kIFGe/aA6BpdG
v2QuELGO7BLgFMjzo6tgKygV9ZNHFxxqfq1GyctKYyVj4MaBDyDZTSyDYErZrBmu
E3WBvWTX4cEYVmAFb2qAsmJh3y3DCd86DmBmSrvTBuJ7wKDsSept4s2esNzDwyQc
VV6Fc7Gu0Z6rbvJBsTbwnMROtJ85NB9m+8CObFLDwrnwWwsJy/mdwEwHpxLsqOiq
nLblcfsa20H4RaId14/ZjgJNwbjzQD11ukA7h0P82BUsvJcvW9iL/fK0OvKdvKFw
J3quCxKxvfsGnKGooO0sv5JLKgVeWtpfB+zWk4yU2RIM1ysfZsdT2Liw4Lh9LA==
-----END CERTIFICATE-----