Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2f91b8ca-e789-405a-8ad4-962f4aa4471b.roa
File:                     2f91b8ca-e789-405a-8ad4-962f4aa4471b.roa (raw, json)
Hash identifier:          yxRxLebJ0ECorHtyBctGh/5k8AJ2jk7NcBQ9n79JJ+U=
Subject key identifier:   46:13:FF:17:27:A5:78:FD:90:58:31:D1:B1:F8:69:1F:4D:AE:81:A0
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3798260D9FF22621582CB8341E7173BB934688DB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2f91b8ca-e789-405a-8ad4-962f4aa4471b.roa
Signing time:             Wed 08 Oct 2025 00:12:08 +0000
ROA not before:           Wed 08 Oct 2025 00:12:08 +0000
ROA not after:            Wed 12 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f60:4000::/39 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:98:26:0d:9f:f2:26:21:58:2c:b8:34:1e:71:73:bb:93:46:88:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  8 00:12:08 2025 GMT
            Not After : Nov 12 23:59:59 2025 GMT
        Subject: serialNumber=3854cfcab71956822f94eab8b35d480944e07d773de63f3a54e3d75aadebde16, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:ab:c7:b6:cf:cc:5e:c3:6e:47:1d:80:da:ff:
                    09:8f:cc:10:08:c0:1a:9a:40:93:08:f2:61:fc:99:
                    87:17:08:23:04:89:0f:a9:09:7c:0c:68:8c:8e:66:
                    8b:6a:27:0e:e9:a6:ec:90:f5:67:61:9c:29:d1:45:
                    0f:e5:48:24:d6:fc:13:1f:31:8c:99:c0:11:15:f1:
                    72:70:8e:7e:77:36:43:53:4f:88:03:27:a2:62:8c:
                    6a:41:a7:3d:14:57:c2:c0:97:c2:16:8d:72:2b:a1:
                    0b:dc:70:57:ae:26:f7:e0:32:bd:73:39:d7:6e:de:
                    60:94:7f:78:70:0c:fe:5e:65:bc:71:5d:c6:52:a1:
                    0d:0c:14:a3:70:f0:f6:b0:2c:b3:5c:d4:54:b5:55:
                    71:f2:b2:cd:1a:a0:69:00:9f:b7:ea:2b:74:9a:63:
                    f0:d2:c9:06:94:e9:ae:34:59:94:ab:55:60:f3:fe:
                    b2:72:8a:ef:6a:d6:c3:57:01:27:b2:bd:c6:4a:0e:
                    2f:fd:99:55:4f:2e:90:76:58:65:c1:18:4d:0e:bc:
                    94:5b:85:1b:73:67:36:51:0d:0c:3b:1f:bf:96:3b:
                    67:25:87:ec:fb:23:03:3c:ef:4d:5a:79:9c:72:70:
                    97:ac:e0:06:6b:1a:23:2f:d8:d3:0b:81:70:63:8b:
                    3a:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:13:FF:17:27:A5:78:FD:90:58:31:D1:B1:F8:69:1F:4D:AE:81:A0
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2f91b8ca-e789-405a-8ad4-962f4aa4471b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f60:4000::/39

    Signature Algorithm: sha256WithRSAEncryption
         02:25:25:58:33:4a:72:90:d9:a0:77:d0:80:82:db:3f:d6:f1:
         b7:0d:1f:e0:ee:d7:e7:29:d3:9e:14:47:5f:1c:2b:b4:4e:c2:
         63:72:88:34:60:28:1f:68:b5:61:c0:ac:9a:74:96:7b:ab:fc:
         72:cb:14:32:2a:11:53:ec:e5:c4:f9:48:5e:86:10:a8:fd:df:
         bc:29:78:fd:01:f1:2b:58:91:39:aa:ae:be:6d:d9:27:53:ab:
         ec:47:24:2c:e7:39:c9:ac:ca:bb:de:ae:55:35:f6:73:b6:dc:
         f0:3c:44:eb:56:ce:28:89:d2:3b:1e:f2:3e:7a:26:5f:f5:e2:
         0d:3a:ba:be:7d:c6:9c:13:1d:74:26:94:51:a8:95:89:1e:2b:
         1c:d2:10:50:6b:14:9e:33:2f:0c:9d:5c:de:0f:79:85:3b:4c:
         d8:f3:1e:2b:94:a1:bb:cd:5b:0c:cc:63:20:60:c0:3c:21:48:
         82:b1:9b:2d:46:7f:b4:fc:de:32:12:12:2a:ab:7e:51:2a:8e:
         ae:10:98:2c:40:d7:9e:ae:67:c7:1e:59:d5:0e:80:52:7f:71:
         08:59:a0:5e:60:58:fe:47:a2:54:56:9e:4a:44:64:5d:2e:de:
         d1:59:99:0d:26:0c:aa:2f:8b:90:c3:33:ea:24:9e:93:0b:6e:
         50:f5:82:b4
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUN5gmDZ/yJiFYLLg0HnFzu5NGiNswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA4MDAxMjA4WhcNMjUxMTEyMjM1OTU5
WjB6MUkwRwYDVQQFE0AzODU0Y2ZjYWI3MTk1NjgyMmY5NGVhYjhiMzVkNDgwOTQ0
ZTA3ZDc3M2RlNjNmM2E1NGUzZDc1YWFkZWJkZTE2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDEq8e2z8xew25HHYDa/wmPzBAIwBqaQJMI8mH8mYcXCCME
iQ+pCXwMaIyOZotqJw7ppuyQ9WdhnCnRRQ/lSCTW/BMfMYyZwBEV8XJwjn53NkNT
T4gDJ6JijGpBpz0UV8LAl8IWjXIroQvccFeuJvfgMr1zOddu3mCUf3hwDP5eZbxx
XcZSoQ0MFKNw8PawLLNc1FS1VXHyss0aoGkAn7fqK3SaY/DSyQaU6a40WZSrVWDz
/rJyiu9q1sNXASeyvcZKDi/9mVVPLpB2WGXBGE0OvJRbhRtzZzZRDQw7H7+WO2cl
h+z7IwM8701aeZxycJes4AZrGiMv2NMLgXBjizp9AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQURhP/FyeleP2QWDHRsfhpH02ugaAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJmOTFiOGNhLWU3ODktNDA1YS04YWQ0LTk2MmY0YWE0NDcxYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAB9gQDANBgkqhkiG9w0BAQsFAAOCAQEAAiUlWDNKcpDZoHfQgILbP9bx
tw0f4O7X5ynTnhRHXxwrtE7CY3KINGAoH2i1YcCsmnSWe6v8cssUMioRU+zlxPlI
XoYQqP3fvCl4/QHxK1iROaquvm3ZJ1Or7EckLOc5yazKu96uVTX2c7bc8DxE61bO
KInSOx7yPnomX/XiDTq6vn3GnBMddCaUUaiViR4rHNIQUGsUnjMvDJ1c3g95hTtM
2PMeK5Shu81bDMxjIGDAPCFIgrGbLUZ/tPzeMhISKqt+USqOrhCYLEDXnq5nxx5Z
1Q6AUn9xCFmgXmBY/keiVFaeSkRkXS7e0VmZDSYMqi+LkMMz6iSekwtuUPWCtA==
-----END CERTIFICATE-----