Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4c463e88-0f7c-4897-ac99-34b8567b1dc9.roa
File:                     4c463e88-0f7c-4897-ac99-34b8567b1dc9.roa (raw, json)
Hash identifier:          M6/sRVqGRX/hAFj4AZerLXUdbTSyCbOv1lL/OdNtc8A=
Subject key identifier:   3D:BC:E3:51:A7:E6:E9:54:4F:D9:0F:A2:D4:09:0F:FC:0B:E6:73:C0
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2D94537D16CEF85259F20C9C9584E3DE62283ED2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4c463e88-0f7c-4897-ac99-34b8567b1dc9.roa
Signing time:             Tue 07 Oct 2025 00:43:20 +0000
ROA not before:           Tue 07 Oct 2025 00:43:20 +0000
ROA not after:            Tue 11 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1fff:8000::/39 maxlen: 39
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:94:53:7d:16:ce:f8:52:59:f2:0c:9c:95:84:e3:de:62:28:3e:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  7 00:43:20 2025 GMT
            Not After : Nov 11 23:59:59 2025 GMT
        Subject: serialNumber=63bae99cc0f7031f89cf0b64688ce743953dd1a1e6990570e84eaf6e42c4d007, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:9b:53:69:c8:ea:de:3c:9f:32:4d:35:79:11:
                    9f:d6:7a:1e:36:5b:ce:30:dc:f1:33:95:5a:d6:44:
                    d1:c0:a0:d5:47:29:94:c7:96:01:78:79:2d:9e:a3:
                    58:7f:22:28:82:30:12:72:cd:ad:27:3d:d8:92:d7:
                    17:23:da:3f:d9:9f:78:60:4f:3b:86:e3:c9:bd:03:
                    2a:3c:26:db:b5:0b:e0:f4:b2:bc:9e:e0:16:0a:72:
                    f1:ff:e4:b8:e3:ce:cb:bf:45:c2:68:7e:cd:70:6f:
                    18:88:18:3a:ad:c7:b9:12:86:5c:c8:f0:0e:f3:dd:
                    05:60:3f:2e:0a:d3:67:cc:c4:f3:2b:9b:9c:0e:43:
                    66:bb:fb:09:52:68:82:4e:8a:53:3b:0b:37:8b:7e:
                    63:18:e3:a4:78:d9:50:4c:86:39:0b:92:1f:2a:58:
                    e6:67:74:c8:dd:19:c1:99:15:f4:77:c7:a5:f7:d6:
                    73:71:80:10:7b:79:26:ed:92:0c:d7:3f:45:6b:bb:
                    d9:f6:8d:e4:81:17:4d:6e:0e:38:b7:a7:19:50:9f:
                    92:01:c5:82:f1:e6:07:42:89:8c:6d:16:ca:ae:5b:
                    53:95:1d:31:d4:57:cc:fa:87:17:3f:45:c6:95:d3:
                    43:ec:4c:80:6e:8a:18:3d:be:87:a8:45:d3:72:20:
                    72:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:BC:E3:51:A7:E6:E9:54:4F:D9:0F:A2:D4:09:0F:FC:0B:E6:73:C0
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4c463e88-0f7c-4897-ac99-34b8567b1dc9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fff:8000::/39

    Signature Algorithm: sha256WithRSAEncryption
         d8:4b:88:eb:06:51:2d:f9:45:74:83:c5:5a:b7:95:8c:d2:cb:
         64:94:9b:bf:27:4f:41:93:66:7f:24:40:62:39:71:ce:37:91:
         03:d9:6e:3f:ab:e8:6d:54:d3:62:32:4d:2a:98:5f:d5:1b:d5:
         7b:c1:d6:2e:15:58:ef:df:04:80:53:75:7e:ba:b1:3c:09:0f:
         81:17:68:6f:b7:40:c3:fb:e4:2f:f3:62:da:fb:e7:2e:e3:b3:
         81:d0:e5:9f:c0:9f:0d:e4:49:6e:90:8b:3f:f3:d8:af:4d:01:
         04:4b:c9:04:00:d2:38:f6:94:bf:de:49:65:78:02:2c:55:38:
         26:3b:b2:e8:1e:c6:88:9e:29:f4:d7:5e:12:cf:26:45:15:4c:
         98:30:8c:3e:50:3e:17:82:d9:45:06:d0:29:6c:60:b8:57:d9:
         c6:ad:92:0d:98:c6:9a:d6:c9:a3:f2:07:20:cf:38:52:9a:85:
         14:b0:64:a3:f8:46:0d:79:60:13:2f:a1:c3:7d:4d:60:f6:34:
         ea:dd:69:00:38:25:3f:90:52:7e:74:dc:bf:cb:5f:36:48:a7:
         ce:39:2b:88:79:0f:c4:80:bd:f1:ca:16:4c:19:92:2c:73:ed:
         fb:92:63:6c:16:89:af:c7:f2:6e:70:73:20:98:d8:8b:33:fb:
         8c:ad:d0:ef
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIULZRTfRbO+FJZ8gyclYTj3mIoPtIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA3MDA0MzIwWhcNMjUxMTExMjM1OTU5
WjB6MUkwRwYDVQQFE0A2M2JhZTk5Y2MwZjcwMzFmODljZjBiNjQ2ODhjZTc0Mzk1
M2RkMWExZTY5OTA1NzBlODRlYWY2ZTQyYzRkMDA3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCrm1NpyOrePJ8yTTV5EZ/Weh42W84w3PEzlVrWRNHAoNVH
KZTHlgF4eS2eo1h/IiiCMBJyza0nPdiS1xcj2j/Zn3hgTzuG48m9Ayo8Jtu1C+D0
srye4BYKcvH/5Ljjzsu/RcJofs1wbxiIGDqtx7kShlzI8A7z3QVgPy4K02fMxPMr
m5wOQ2a7+wlSaIJOilM7CzeLfmMY46R42VBMhjkLkh8qWOZndMjdGcGZFfR3x6X3
1nNxgBB7eSbtkgzXP0Vru9n2jeSBF01uDji3pxlQn5IBxYLx5gdCiYxtFsquW1OV
HTHUV8z6hxc/RcaV00PsTIBuihg9voeoRdNyIHJTAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUPbzjUafm6VRP2Q+i1AkP/Avmc8AwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRjNDYzZTg4LTBmN2MtNDg5Ny1hYzk5LTM0Yjg1NjdiMWRjOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAB//gDANBgkqhkiG9w0BAQsFAAOCAQEA2EuI6wZRLflFdIPFWreVjNLL
ZJSbvydPQZNmfyRAYjlxzjeRA9luP6vobVTTYjJNKphf1RvVe8HWLhVY798EgFN1
frqxPAkPgRdob7dAw/vkL/Ni2vvnLuOzgdDln8CfDeRJbpCLP/PYr00BBEvJBADS
OPaUv95JZXgCLFU4Jjuy6B7GiJ4p9NdeEs8mRRVMmDCMPlA+F4LZRQbQKWxguFfZ
xq2SDZjGmtbJo/IHIM84UpqFFLBko/hGDXlgEy+hw31NYPY06t1pADglP5BSfnTc
v8tfNkinzjkriHkPxIC98coWTBmSLHPt+5JjbBaJr8fybnBzIJjYizP7jK3Q7w==
-----END CERTIFICATE-----