Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/330c9f9f-fd15-45ce-9483-bc877672941d.roa
File:                     330c9f9f-fd15-45ce-9483-bc877672941d.roa (raw, json)
Hash identifier:          y7jophyYv6pVNYPNZACdF4H4+bFT/LXWXPmjVEP8llw=
Subject key identifier:   BD:4A:A9:75:CF:A7:44:1D:E1:03:55:56:7B:8C:3C:1B:3A:C7:E0:4F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       52DDFF8543767CC375D2E5932F3AF2913FF55B79
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/330c9f9f-fd15-45ce-9483-bc877672941d.roa
Signing time:             Fri 03 Oct 2025 00:22:01 +0000
ROA not before:           Fri 03 Oct 2025 00:22:01 +0000
ROA not after:            Fri 07 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ffe:c000::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:dd:ff:85:43:76:7c:c3:75:d2:e5:93:2f:3a:f2:91:3f:f5:5b:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  3 00:22:01 2025 GMT
            Not After : Nov  7 23:59:59 2025 GMT
        Subject: serialNumber=ef7915ec890a063051ecc84ab1c1be33cbe8c3069ec9e94c9f7c745acdb72e3c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:de:c8:ef:56:5e:bf:5e:b5:fb:2b:15:7a:b4:
                    d2:39:66:da:4b:f2:dd:dd:a4:7c:cc:3f:88:9f:3f:
                    26:7f:3c:f6:ff:9a:a0:c9:ad:cd:b0:cf:46:78:f7:
                    b8:46:24:98:12:94:ee:1d:70:d6:28:d7:86:a1:5f:
                    23:82:8f:c2:0f:51:d0:08:42:9c:c4:2e:ab:91:90:
                    51:0c:9e:07:6d:f9:17:4e:cf:a9:f6:98:b7:95:65:
                    d0:65:1c:bd:1a:8b:e9:c2:ea:6b:c7:38:06:a3:c2:
                    71:ad:db:9d:99:9c:70:e0:12:a4:f4:58:b5:4b:b3:
                    73:e6:68:be:f8:f1:40:07:30:ad:6d:e4:84:c5:16:
                    9f:d3:4d:97:84:78:41:42:d2:b5:00:cd:ef:f8:d2:
                    82:16:94:3c:d6:0d:4a:9a:af:09:0b:8a:13:62:fe:
                    30:35:30:ba:bb:f8:59:14:76:e0:61:00:36:85:45:
                    bd:45:32:16:13:da:4e:70:aa:63:c4:59:93:3b:b7:
                    ad:29:26:0e:11:d1:88:0f:76:25:81:88:15:d0:19:
                    f2:4b:94:fb:f9:93:16:77:c6:c1:0b:62:9a:9a:3e:
                    12:58:5d:88:4a:89:3f:07:0c:c1:2d:8d:0a:9e:1c:
                    1d:41:4d:81:0d:ce:ce:57:16:b8:e8:a4:ae:0d:fe:
                    fd:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:4A:A9:75:CF:A7:44:1D:E1:03:55:56:7B:8C:3C:1B:3A:C7:E0:4F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/330c9f9f-fd15-45ce-9483-bc877672941d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ffe:c000::/40

    Signature Algorithm: sha256WithRSAEncryption
         28:ac:7a:6f:ec:2a:f4:0e:bf:c6:ba:c2:8d:4b:40:6c:4f:f5:
         08:59:a3:7b:f6:d1:9e:9d:79:f2:b2:8a:f5:f5:9d:6f:8e:97:
         40:b6:47:d4:58:27:d5:09:0c:1e:5f:3d:d4:58:fe:98:8d:f7:
         96:1f:28:56:b1:bd:de:d2:f4:45:c0:28:65:ec:ce:9b:64:f1:
         8b:ee:99:46:bf:76:ef:3a:f5:ca:ff:33:8c:95:92:99:0a:e7:
         14:ae:91:a1:70:9b:e4:6a:a3:36:cb:d7:86:86:96:de:47:b1:
         23:ff:38:c7:78:44:84:54:cd:27:64:49:1b:f7:21:21:7d:41:
         c0:4e:1d:bb:4b:f1:9c:55:6b:c4:21:44:bc:8f:8d:5a:25:cb:
         2a:d2:23:a1:8a:25:bb:c8:7f:73:4d:a3:18:36:91:e5:9b:23:
         a7:ad:31:00:42:c7:84:6b:86:c7:11:cf:c3:fc:c0:d9:fc:18:
         71:e4:46:5b:fb:db:79:95:e4:4d:76:8c:40:69:77:9d:67:a1:
         fb:09:ce:d8:2b:d6:15:8f:ff:f6:80:24:6c:aa:b6:4f:c7:2e:
         19:9b:a3:b5:de:7f:3d:24:e4:ab:1e:03:5f:16:79:42:ab:79:
         ee:64:be:a8:0f:7e:eb:27:71:06:ba:f2:98:6a:13:15:9d:7c:
         61:bb:f0:27
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUUt3/hUN2fMN10uWTLzrykT/1W3kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAzMDAyMjAxWhcNMjUxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BlZjc5MTVlYzg5MGEwNjMwNTFlY2M4NGFiMWMxYmUzM2Ni
ZThjMzA2OWVjOWU5NGM5ZjdjNzQ1YWNkYjcyZTNjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCq3sjvVl6/XrX7KxV6tNI5ZtpL8t3dpHzMP4ifPyZ/PPb/
mqDJrc2wz0Z497hGJJgSlO4dcNYo14ahXyOCj8IPUdAIQpzELquRkFEMngdt+RdO
z6n2mLeVZdBlHL0ai+nC6mvHOAajwnGt252ZnHDgEqT0WLVLs3PmaL748UAHMK1t
5ITFFp/TTZeEeEFC0rUAze/40oIWlDzWDUqarwkLihNi/jA1MLq7+FkUduBhADaF
Rb1FMhYT2k5wqmPEWZM7t60pJg4R0YgPdiWBiBXQGfJLlPv5kxZ3xsELYpqaPhJY
XYhKiT8HDMEtjQqeHB1BTYENzs5XFrjopK4N/v0xAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUvUqpdc+nRB3hA1VWe4w8GzrH4E8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzMzMGM5ZjlmLWZkMTUtNDVjZS05NDgzLWJjODc3NjcyOTQxZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/+wDANBgkqhkiG9w0BAQsFAAOCAQEAKKx6b+wq9A6/xrrCjUtAbE/1
CFmje/bRnp158rKK9fWdb46XQLZH1Fgn1QkMHl891Fj+mI33lh8oVrG93tL0RcAo
ZezOm2Txi+6ZRr927zr1yv8zjJWSmQrnFK6RoXCb5GqjNsvXhoaW3kexI/84x3hE
hFTNJ2RJG/chIX1BwE4du0vxnFVrxCFEvI+NWiXLKtIjoYolu8h/c02jGDaR5Zsj
p60xAELHhGuGxxHPw/zA2fwYceRGW/vbeZXkTXaMQGl3nWeh+wnO2CvWFY//9oAk
bKq2T8cuGZujtd5/PSTkqx4DXxZ5Qqt57mS+qA9+6ydxBrrymGoTFZ18YbvwJw==
-----END CERTIFICATE-----