Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2ff10bcf-a0d1-4f40-b79c-d84b07d3c7bd.roa
File:                     2ff10bcf-a0d1-4f40-b79c-d84b07d3c7bd.roa (raw, json)
Hash identifier:          P/Q1o3XwygLahe5kU5P60Dai2GTin4zLwJ/1HLa/M7g=
Subject key identifier:   92:93:30:55:C1:CF:23:95:FD:2E:1A:EF:D4:23:84:CD:D4:76:57:12
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       33529A6E0C9101C9978F35419F05A0DDAFDD68E3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2ff10bcf-a0d1-4f40-b79c-d84b07d3c7bd.roa
Signing time:             Wed 01 Oct 2025 00:22:45 +0000
ROA not before:           Wed 01 Oct 2025 00:22:45 +0000
ROA not after:            Wed 05 Nov 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2600:1ff0:5000::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            33:52:9a:6e:0c:91:01:c9:97:8f:35:41:9f:05:a0:dd:af:dd:68:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  1 00:22:45 2025 GMT
            Not After : Nov  5 23:59:59 2025 GMT
        Subject: serialNumber=0536c253ae59073fe081cba786e237216768a61c5257756857528534b4c94a75, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:49:25:82:60:0c:bb:21:e5:be:bf:e7:ba:61:
                    33:89:8a:9b:af:21:da:54:dc:6c:16:60:d7:fe:8f:
                    15:cf:f3:f0:f2:b8:c7:da:0f:04:4d:a6:b6:2c:b2:
                    09:52:75:cd:ec:c6:e8:ca:4b:c5:b7:34:ea:84:95:
                    f3:67:29:93:e2:a3:9d:f4:b2:dd:ff:9c:56:34:d6:
                    7b:20:fb:39:7e:b3:e0:09:e2:92:68:e3:5c:46:1c:
                    04:84:ae:5c:92:56:44:e7:ca:06:5e:67:d9:f4:c2:
                    88:6c:84:5c:83:f6:21:44:88:c7:76:2a:78:84:4b:
                    e5:17:c6:10:44:12:a4:42:5a:58:53:0a:3b:e9:0b:
                    83:be:be:9b:a2:db:38:a0:90:3f:f1:0f:61:51:4b:
                    a1:e9:9f:4d:23:84:ae:15:55:df:d7:53:dd:33:6a:
                    b9:c9:f0:06:53:b3:91:02:e9:b0:c5:b6:8b:40:18:
                    e4:05:77:e5:4a:2f:eb:e7:ea:43:e9:4f:1f:8a:97:
                    e7:06:8e:c7:da:13:fb:ca:cd:86:a7:c5:18:e5:d4:
                    03:d7:46:05:88:58:e2:66:c6:30:e7:66:c9:7e:ca:
                    bf:d1:cc:29:7c:d3:29:94:6c:d8:c7:5b:45:43:49:
                    70:d8:68:37:cc:42:be:ff:50:40:05:dc:4b:ac:0b:
                    a5:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:93:30:55:C1:CF:23:95:FD:2E:1A:EF:D4:23:84:CD:D4:76:57:12
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2ff10bcf-a0d1-4f40-b79c-d84b07d3c7bd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff0:5000::/40

    Signature Algorithm: sha256WithRSAEncryption
         ab:03:5d:3c:ac:85:e2:05:0e:4f:74:e7:94:c1:d7:e9:f5:48:
         a0:58:c0:d2:bb:5a:ed:1d:25:28:4e:27:02:d3:eb:cb:e4:85:
         6b:4e:c5:96:b9:9b:b0:78:12:1c:43:ea:32:27:f5:15:36:ed:
         ad:db:17:25:41:db:50:3a:6f:aa:6f:2c:4d:ad:8e:c5:aa:43:
         a1:99:92:c2:f5:23:60:d0:d0:24:70:35:c2:39:bb:4c:65:b6:
         0f:c8:6e:33:60:fd:c5:0b:50:ee:1e:60:35:44:73:7c:d7:92:
         90:06:b3:c2:3a:16:0d:be:9d:72:50:4a:49:65:62:db:a7:81:
         93:ef:89:9f:ae:0f:7a:7c:9d:58:e2:f1:0b:89:2b:0c:7b:24:
         a2:9c:82:d2:03:72:9f:c8:25:4f:b2:0c:3d:ae:f1:a2:73:36:
         23:43:de:6e:47:46:52:fc:dc:55:7e:1f:60:97:60:2f:45:63:
         33:27:10:54:48:1c:cf:2f:37:e5:e8:a2:1d:0c:11:0c:4a:82:
         71:d8:40:86:71:81:17:ae:c8:72:3d:b9:55:b1:96:44:c0:28:
         3d:d4:4e:54:17:5b:8f:2f:dc:9f:b8:26:ae:fb:cc:47:8a:6c:
         0f:a6:a8:be:89:4a:68:40:c0:4e:b7:cb:11:08:3f:d4:4e:de:
         9e:6a:b1:2d
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUM1KabgyRAcmXjzVBnwWg3a/daOMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDAyMjQ1WhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0AwNTM2YzI1M2FlNTkwNzNmZTA4MWNiYTc4NmUyMzcyMTY3
NjhhNjFjNTI1Nzc1Njg1NzUyODUzNGI0Yzk0YTc1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCmSSWCYAy7IeW+v+e6YTOJipuvIdpU3GwWYNf+jxXP8/Dy
uMfaDwRNprYssglSdc3sxujKS8W3NOqElfNnKZPio530st3/nFY01nsg+zl+s+AJ
4pJo41xGHASErlySVkTnygZeZ9n0wohshFyD9iFEiMd2KniES+UXxhBEEqRCWlhT
CjvpC4O+vpui2zigkD/xD2FRS6Hpn00jhK4VVd/XU90zarnJ8AZTs5EC6bDFtotA
GOQFd+VKL+vn6kPpTx+Kl+cGjsfaE/vKzYanxRjl1APXRgWIWOJmxjDnZsl+yr/R
zCl80ymUbNjHW0VDSXDYaDfMQr7/UEAF3EusC6V/AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUkpMwVcHPI5X9Lhrv1COEzdR2VxIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJmZjEwYmNmLWEwZDEtNGY0MC1iNzljLWQ4NGIwN2QzYzdiZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/wUDANBgkqhkiG9w0BAQsFAAOCAQEAqwNdPKyF4gUOT3TnlMHX6fVI
oFjA0rta7R0lKE4nAtPry+SFa07FlrmbsHgSHEPqMif1FTbtrdsXJUHbUDpvqm8s
Ta2OxapDoZmSwvUjYNDQJHA1wjm7TGW2D8huM2D9xQtQ7h5gNURzfNeSkAazwjoW
Db6dclBKSWVi26eBk++Jn64PenydWOLxC4krDHskopyC0gNyn8glT7IMPa7xonM2
I0PebkdGUvzcVX4fYJdgL0VjMycQVEgczy835eiiHQwRDEqCcdhAhnGBF67Icj25
VbGWRMAoPdROVBdbjy/cn7gmrvvMR4psD6aovolKaEDATrfLEQg/1E7enmqxLQ==
-----END CERTIFICATE-----