Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4b128b97-197d-4126-9887-73a31ea7479b.roa
File:                     4b128b97-197d-4126-9887-73a31ea7479b.roa (raw, json)
Hash identifier:          9yjpk7L2VzAy5i9Ndca495svMMQpH0ooe0TI1eRMlK8=
Subject key identifier:   C8:62:CF:99:BF:93:F3:B2:25:89:E2:6B:EF:FF:6E:FF:C1:3F:B1:C6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6DC839F702F62C4FFAF6D65620F97EB30C45BF17
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4b128b97-197d-4126-9887-73a31ea7479b.roa
Signing time:             Wed 08 Oct 2025 00:11:22 +0000
ROA not before:           Wed 08 Oct 2025 00:11:22 +0000
ROA not after:            Wed 12 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f60:e000::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:c8:39:f7:02:f6:2c:4f:fa:f6:d6:56:20:f9:7e:b3:0c:45:bf:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  8 00:11:22 2025 GMT
            Not After : Nov 12 23:59:59 2025 GMT
        Subject: serialNumber=191316ae2c6b1990f3d24f38c2d2205b985a06642b3af89225b5c5ceb4cb9336, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:ad:6d:64:a8:52:cd:a1:41:e6:48:98:eb:41:
                    f2:c4:03:b2:7b:4c:5c:92:e7:e2:a5:fd:ac:70:03:
                    e3:c1:9e:99:e4:da:74:ff:fd:05:4d:4c:66:54:56:
                    d2:94:7b:2e:7c:68:dd:bd:fc:c2:b1:7b:46:96:95:
                    2c:08:6e:a0:ba:36:a3:d9:df:e2:02:d0:fb:cf:13:
                    07:6e:57:23:b1:31:fb:f1:17:d4:45:eb:a8:71:65:
                    25:b6:d8:b5:71:70:69:a7:e7:59:f6:6b:d3:ce:47:
                    5a:2a:1e:29:0d:8a:6b:6a:41:e3:4c:bd:3b:4f:52:
                    10:8e:99:03:fd:9f:b1:96:f3:e6:7a:c9:e5:23:4d:
                    60:76:43:5c:38:9f:12:64:9a:a9:5b:da:06:04:40:
                    89:cf:35:ef:f2:d5:6b:1d:0b:a2:8d:79:e8:87:57:
                    1d:b9:f3:1c:3e:14:54:d5:91:98:a7:8e:e7:35:41:
                    14:24:8f:c9:24:f9:c4:df:0f:ee:3c:c3:d4:2b:27:
                    c7:65:64:4e:45:22:f6:02:4e:e6:f5:78:fb:b7:e3:
                    2e:18:f5:b5:a0:b6:5c:ae:28:8d:72:59:2e:8d:a2:
                    a9:1e:1b:fd:36:5d:cb:c4:9d:99:97:41:b6:3e:f0:
                    b5:8c:66:5c:5c:28:04:ab:6d:8c:c6:4e:e6:7e:27:
                    7d:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:62:CF:99:BF:93:F3:B2:25:89:E2:6B:EF:FF:6E:FF:C1:3F:B1:C6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4b128b97-197d-4126-9887-73a31ea7479b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f60:e000::/40

    Signature Algorithm: sha256WithRSAEncryption
         6e:bb:e7:79:3c:19:f5:cd:2c:b4:1e:64:70:71:31:5e:7e:37:
         34:79:9d:bd:91:fb:47:8c:7a:4f:cf:ef:5a:f1:c7:54:fc:df:
         38:3a:b6:75:3f:64:40:7b:5b:3b:1c:63:b8:db:2c:d7:80:30:
         e7:09:0d:fc:26:3a:cf:9e:cf:3b:f8:85:b8:b5:f2:bc:36:16:
         6d:45:5e:0c:71:d0:15:87:f1:52:b5:70:cb:f3:88:f7:b4:59:
         f9:77:3b:9a:73:7d:b8:86:77:3c:d2:d3:63:16:53:6b:4a:de:
         8f:cf:0c:d2:67:86:68:ab:ea:ab:e8:f3:30:c4:24:13:da:b1:
         2d:5a:fb:c2:b5:2d:d3:a6:8d:79:69:b9:20:db:5f:f7:5f:2e:
         a5:8f:38:d6:49:55:59:e6:98:60:bb:bc:60:71:c3:38:fe:1d:
         bb:b6:13:cb:9c:68:ca:63:f0:84:1e:26:e8:91:40:f4:41:87:
         3d:2e:36:54:3c:0a:85:9e:5e:e2:f2:88:9b:5b:03:67:31:b6:
         fe:9a:4f:76:17:a4:1d:4f:3b:99:cd:33:bc:f5:97:09:d4:c6:
         12:59:7a:a1:22:14:f5:88:7d:46:ce:5d:5f:48:a5:49:b2:9e:
         4a:cf:3f:0b:25:1b:a1:04:79:2b:92:5e:d3:95:a1:a3:a1:17:
         ad:c0:7b:20
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUbcg59wL2LE/69tZWIPl+swxFvxcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA4MDAxMTIyWhcNMjUxMTEyMjM1OTU5
WjB6MUkwRwYDVQQFE0AxOTEzMTZhZTJjNmIxOTkwZjNkMjRmMzhjMmQyMjA1Yjk4
NWEwNjY0MmIzYWY4OTIyNWI1YzVjZWI0Y2I5MzM2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDMrW1kqFLNoUHmSJjrQfLEA7J7TFyS5+Kl/axwA+PBnpnk
2nT//QVNTGZUVtKUey58aN29/MKxe0aWlSwIbqC6NqPZ3+IC0PvPEwduVyOxMfvx
F9RF66hxZSW22LVxcGmn51n2a9POR1oqHikNimtqQeNMvTtPUhCOmQP9n7GW8+Z6
yeUjTWB2Q1w4nxJkmqlb2gYEQInPNe/y1WsdC6KNeeiHVx258xw+FFTVkZinjuc1
QRQkj8kk+cTfD+48w9QrJ8dlZE5FIvYCTub1ePu34y4Y9bWgtlyuKI1yWS6Noqke
G/02XcvEnZmXQbY+8LWMZlxcKASrbYzGTuZ+J33ZAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUyGLPmb+T87IlieJr7/9u/8E/scYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRiMTI4Yjk3LTE5N2QtNDEyNi05ODg3LTczYTMxZWE3NDc5Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB9g4DANBgkqhkiG9w0BAQsFAAOCAQEAbrvneTwZ9c0stB5kcHExXn43
NHmdvZH7R4x6T8/vWvHHVPzfODq2dT9kQHtbOxxjuNss14Aw5wkN/CY6z57PO/iF
uLXyvDYWbUVeDHHQFYfxUrVwy/OI97RZ+Xc7mnN9uIZ3PNLTYxZTa0rej88M0meG
aKvqq+jzMMQkE9qxLVr7wrUt06aNeWm5INtf918upY841klVWeaYYLu8YHHDOP4d
u7YTy5xoymPwhB4m6JFA9EGHPS42VDwKhZ5e4vKIm1sDZzG2/ppPdhekHU87mc0z
vPWXCdTGEll6oSIU9Yh9Rs5dX0ilSbKeSs8/CyUboQR5K5Je05Who6EXrcB7IA==
-----END CERTIFICATE-----