Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5cb9a48f-17e2-4fa1-8ff6-b5f80c8a8908.roa
File:                     5cb9a48f-17e2-4fa1-8ff6-b5f80c8a8908.roa (raw, json)
Hash identifier:          PNDtfjgg1Zrvk+zd+1kogz3hCeXdjNSs8AeeiUtPt/E=
Subject key identifier:   80:83:50:88:AC:66:46:2F:5E:55:E0:A0:2B:36:F6:EB:6C:BF:9A:23
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4AB8F8C5F8AB5555736822F9EC736EA032B9E429
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5cb9a48f-17e2-4fa1-8ff6-b5f80c8a8908.roa
Signing time:             Fri 26 Sep 2025 00:22:50 +0000
ROA not before:           Fri 26 Sep 2025 00:22:50 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1fef:c000::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:b8:f8:c5:f8:ab:55:55:73:68:22:f9:ec:73:6e:a0:32:b9:e4:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 26 00:22:50 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=73084ba3eac0cc618b07bddd664e71b84597223086ff9be168ebe670de187c7b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:31:bf:8b:61:15:63:42:63:d3:44:bb:7b:6a:
                    32:e0:13:ea:bd:d1:a7:45:a6:0d:9f:c9:08:12:75:
                    a2:ea:83:14:41:b6:86:a9:c7:c2:bc:49:2d:8a:f0:
                    39:d0:11:e7:aa:4e:d7:37:17:3f:d2:93:36:5d:5f:
                    05:65:5b:80:98:c8:03:2f:8f:73:8c:a5:f2:01:38:
                    bd:7d:55:1f:45:c1:f1:f4:b0:11:9c:44:8b:5b:51:
                    80:be:af:60:f1:d6:24:c5:3c:fe:a2:a8:b1:c4:32:
                    d5:1d:e3:d4:b6:c2:87:eb:74:60:ed:f4:9f:f5:2d:
                    6d:63:fd:39:26:e6:c4:39:bc:22:c1:0f:4c:a5:3e:
                    01:9d:56:3a:00:17:ba:bb:06:ec:8b:0a:57:82:46:
                    1f:2f:be:43:d9:de:a9:b4:a8:87:e5:e0:84:d7:c1:
                    32:9f:34:38:a6:54:21:e2:3d:c2:ea:58:5e:07:7e:
                    b9:4d:5f:7b:3b:93:40:fa:8d:4b:cf:46:4c:f4:6c:
                    d2:e8:13:fd:1e:3e:d2:07:32:f8:68:38:69:95:8a:
                    21:e5:38:6a:16:01:e3:51:0c:ba:a0:de:dc:7b:ed:
                    d7:c8:55:80:0f:a7:84:7f:2b:a8:63:98:23:11:a8:
                    96:fa:27:62:98:0b:1a:49:dc:cb:49:93:d9:43:3b:
                    82:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:83:50:88:AC:66:46:2F:5E:55:E0:A0:2B:36:F6:EB:6C:BF:9A:23
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5cb9a48f-17e2-4fa1-8ff6-b5f80c8a8908.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fef:c000::/40

    Signature Algorithm: sha256WithRSAEncryption
         03:ba:22:38:a7:88:4d:ac:56:38:b8:79:e0:38:82:e3:7c:0e:
         9a:b0:cb:b4:02:7d:70:e3:ab:4b:cf:87:96:36:28:bb:ad:64:
         23:c0:ac:6b:0e:e4:fa:4a:2e:7f:83:d0:5c:19:40:94:dd:70:
         08:9f:36:8a:49:83:22:b9:bc:2b:64:ee:bd:53:ad:3f:d1:9c:
         eb:aa:c1:fd:4b:84:1b:ef:6f:01:54:d0:b0:78:08:22:24:93:
         6d:42:73:7f:71:64:3f:e2:57:ec:cf:7b:db:d1:36:02:12:f4:
         56:7c:99:9b:be:33:d1:e8:7c:71:6b:a0:a5:4d:b9:3a:91:d9:
         16:82:72:e8:ba:2e:94:0f:ce:ea:2c:28:06:51:66:79:f5:55:
         75:00:66:d5:17:c3:15:79:57:51:2d:ed:fe:2d:95:76:aa:21:
         a3:fa:df:cb:18:66:24:a8:a4:ac:2b:f0:e1:0f:c4:1e:dc:c7:
         10:aa:71:64:ab:cb:81:88:58:71:a3:21:63:96:52:6d:a4:e4:
         0f:81:89:96:f4:a5:f4:bc:6f:8a:ea:c5:d0:b7:53:11:f0:6b:
         43:86:96:b9:94:63:6b:a5:60:1b:70:37:5a:d7:6f:39:86:29:
         be:37:2d:00:d3:6b:d6:46:91:98:bf:39:a4:46:e7:2d:65:42:
         91:50:56:09
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUSrj4xfirVVVzaCL57HNuoDK55CkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI2MDAyMjUwWhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A3MzA4NGJhM2VhYzBjYzYxOGIwN2JkZGQ2NjRlNzFiODQ1
OTcyMjMwODZmZjliZTE2OGViZTY3MGRlMTg3YzdiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpMb+LYRVjQmPTRLt7ajLgE+q90adFpg2fyQgSdaLqgxRB
toapx8K8SS2K8DnQEeeqTtc3Fz/SkzZdXwVlW4CYyAMvj3OMpfIBOL19VR9FwfH0
sBGcRItbUYC+r2Dx1iTFPP6iqLHEMtUd49S2wofrdGDt9J/1LW1j/Tkm5sQ5vCLB
D0ylPgGdVjoAF7q7BuyLCleCRh8vvkPZ3qm0qIfl4ITXwTKfNDimVCHiPcLqWF4H
frlNX3s7k0D6jUvPRkz0bNLoE/0ePtIHMvhoOGmViiHlOGoWAeNRDLqg3tx77dfI
VYAPp4R/K6hjmCMRqJb6J2KYCxpJ3MtJk9lDO4JfAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUgINQiKxmRi9eVeCgKzb262y/miMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzVjYjlhNDhmLTE3ZTItNGZhMS04ZmY2LWI1ZjgwYzhhODkwOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/vwDANBgkqhkiG9w0BAQsFAAOCAQEAA7oiOKeITaxWOLh54DiC43wO
mrDLtAJ9cOOrS8+HljYou61kI8Csaw7k+kouf4PQXBlAlN1wCJ82ikmDIrm8K2Tu
vVOtP9Gc66rB/UuEG+9vAVTQsHgIIiSTbUJzf3FkP+JX7M9729E2AhL0VnyZm74z
0eh8cWugpU25OpHZFoJy6LoulA/O6iwoBlFmefVVdQBm1RfDFXlXUS3t/i2Vdqoh
o/rfyxhmJKikrCvw4Q/EHtzHEKpxZKvLgYhYcaMhY5ZSbaTkD4GJlvSl9LxviurF
0LdTEfBrQ4aWuZRja6VgG3A3WtdvOYYpvjctANNr1kaRmL85pEbnLWVCkVBWCQ==
-----END CERTIFICATE-----