Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3d71a0d0-152f-4f2e-ba5f-6eda48d8e284.roa
File:                     3d71a0d0-152f-4f2e-ba5f-6eda48d8e284.roa (raw, json)
Hash identifier:          pP9HigA7y9cwQEip5t+wP7BDO6Uqrg1yzTkjaHzGURI=
Subject key identifier:   55:0A:D3:11:E1:7A:97:D9:2C:93:B6:0C:59:3A:CF:C5:9E:7F:DF:77
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5061A4B771EA5926CDA442939BAC445B2DFF1F30
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3d71a0d0-152f-4f2e-ba5f-6eda48d8e284.roa
Signing time:             Fri 10 Oct 2025 14:21:58 +0000
ROA not before:           Fri 10 Oct 2025 14:21:58 +0000
ROA not after:            Fri 14 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f25:c000::/37 maxlen: 37
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:61:a4:b7:71:ea:59:26:cd:a4:42:93:9b:ac:44:5b:2d:ff:1f:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 10 14:21:58 2025 GMT
            Not After : Nov 14 23:59:59 2025 GMT
        Subject: serialNumber=00b12413c2fe0b934f49a7e4b48bdc472ce8c30b2c69e2720eec0c6da966fb3f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:37:04:db:cc:f5:8e:a5:d3:2c:a8:eb:f1:c1:
                    0f:10:8c:50:fa:73:a2:8a:c9:9f:0b:53:6e:58:45:
                    7a:00:3e:28:77:be:1b:86:f4:83:3a:8f:a5:45:ba:
                    c6:b7:b7:f8:71:67:bb:96:6a:c4:a9:24:7a:e8:54:
                    1f:31:ab:1a:7b:2c:fd:65:40:af:0a:8f:92:01:2c:
                    9c:65:a2:a1:89:a4:c7:7d:07:91:0c:ca:cd:4a:31:
                    e6:6f:2e:5e:c5:5c:f3:92:31:95:b9:d4:30:63:5e:
                    19:98:bf:cf:91:4d:23:0f:1f:78:60:55:05:b0:43:
                    a1:70:7f:b0:02:0b:a2:0b:88:06:ff:36:e9:45:3a:
                    f0:df:8b:54:9d:98:a1:cc:e4:cd:4e:b8:04:fb:db:
                    5c:e7:b9:38:f0:d9:99:1c:d4:91:56:d2:51:8d:85:
                    f1:80:37:ee:4d:59:6b:de:03:d9:c8:85:35:65:69:
                    74:7d:4c:cc:1d:68:d5:ed:aa:cb:4d:7d:f4:ac:8e:
                    0d:a0:50:df:38:e0:8c:9e:ee:09:e1:7c:77:74:c1:
                    fb:82:e4:7c:fe:28:73:9d:e8:05:3f:b2:3f:bd:8c:
                    0b:29:19:f2:ab:9c:c8:0b:11:5b:e6:a7:f7:42:08:
                    e1:b3:e5:53:be:97:2d:9b:73:12:5b:4f:45:f1:cc:
                    c3:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:0A:D3:11:E1:7A:97:D9:2C:93:B6:0C:59:3A:CF:C5:9E:7F:DF:77
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3d71a0d0-152f-4f2e-ba5f-6eda48d8e284.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f25:c000::/37

    Signature Algorithm: sha256WithRSAEncryption
         8e:d9:77:29:ef:ff:ec:10:f3:20:62:ac:dc:ef:c0:1e:58:0c:
         91:c0:ed:49:5d:9c:b6:8f:74:42:77:6d:6a:f3:da:18:9f:57:
         ea:92:bf:13:c1:42:0e:5d:92:5c:ec:b5:1a:d7:60:22:21:3f:
         d3:e9:16:0d:92:7d:d3:74:c0:83:29:36:91:a7:f8:e9:19:0e:
         92:85:00:3d:7d:5b:04:cf:73:f4:5f:68:b9:a1:32:a9:38:bd:
         66:96:fd:d3:34:a4:45:79:5b:23:9e:b3:6a:f4:13:a3:09:e0:
         54:ed:70:7a:d4:58:03:b5:29:95:31:01:c8:d5:a4:71:a7:d5:
         5c:34:40:98:3f:3f:da:e6:77:6c:dc:5d:04:ca:44:31:bc:f2:
         5f:d4:e2:eb:c3:30:f0:0f:6e:38:ed:59:c3:f2:7d:1a:c8:a6:
         b4:cc:c9:7d:d7:60:84:c7:48:29:3e:86:8d:c2:5e:1c:26:4f:
         b4:70:d0:17:c3:fa:d1:d1:2e:88:f9:4d:96:45:34:84:03:ce:
         b3:62:fe:17:eb:52:c4:86:f8:30:45:8e:dd:9c:82:8e:f5:81:
         dd:3e:a0:93:9a:1f:c8:25:1b:69:1c:c1:36:17:eb:1c:a2:e6:
         40:9d:86:90:22:5e:02:a2:5d:97:81:c8:37:aa:ea:08:4a:6a:
         32:e2:c4:79
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUUGGkt3HqWSbNpEKTm6xEWy3/HzAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDEwMTQyMTU4WhcNMjUxMTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AwMGIxMjQxM2MyZmUwYjkzNGY0OWE3ZTRiNDhiZGM0NzJj
ZThjMzBiMmM2OWUyNzIwZWVjMGM2ZGE5NjZmYjNmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCWNwTbzPWOpdMsqOvxwQ8QjFD6c6KKyZ8LU25YRXoAPih3
vhuG9IM6j6VFusa3t/hxZ7uWasSpJHroVB8xqxp7LP1lQK8Kj5IBLJxloqGJpMd9
B5EMys1KMeZvLl7FXPOSMZW51DBjXhmYv8+RTSMPH3hgVQWwQ6Fwf7ACC6ILiAb/
NulFOvDfi1SdmKHM5M1OuAT721znuTjw2Zkc1JFW0lGNhfGAN+5NWWveA9nIhTVl
aXR9TMwdaNXtqstNffSsjg2gUN844Iye7gnhfHd0wfuC5Hz+KHOd6AU/sj+9jAsp
GfKrnMgLEVvmp/dCCOGz5VO+ly2bcxJbT0XxzMPtAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUVQrTEeF6l9ksk7YMWTrPxZ5/33cwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNkNzFhMGQwLTE1MmYtNGYyZS1iYTVmLTZlZGE0OGQ4ZTI4NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgMmAB8lwDANBgkqhkiG9w0BAQsFAAOCAQEAjtl3Ke//7BDzIGKs3O/AHlgM
kcDtSV2cto90QndtavPaGJ9X6pK/E8FCDl2SXOy1GtdgIiE/0+kWDZJ903TAgyk2
kaf46RkOkoUAPX1bBM9z9F9ouaEyqTi9Zpb90zSkRXlbI56zavQTowngVO1wetRY
A7UplTEByNWkcafVXDRAmD8/2uZ3bNxdBMpEMbzyX9Ti68Mw8A9uOO1Zw/J9Gsim
tMzJfddghMdIKT6GjcJeHCZPtHDQF8P60dEuiPlNlkU0hAPOs2L+F+tSxIb4MEWO
3ZyCjvWB3T6gk5ofyCUbaRzBNhfrHKLmQJ2GkCJeAqJdl4HIN6rqCEpqMuLEeQ==
-----END CERTIFICATE-----