Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/62d73b12-bd72-4fc5-8d0d-b0fd6b055927.roa
File:                     62d73b12-bd72-4fc5-8d0d-b0fd6b055927.roa (raw, json)
Hash identifier:          HXX/j3NJaQssB5LhxcQWlWfUwObJgp6yCM31Lx9uu4M=
Subject key identifier:   F3:FC:80:1E:1A:DB:94:FF:2E:02:BC:19:CB:CA:05:31:E2:05:D8:6E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       23FF2FAFA9535D3EEF1BCA56B41F5B130512CCFF
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/62d73b12-bd72-4fc5-8d0d-b0fd6b055927.roa
Signing time:             Tue 14 Oct 2025 16:02:22 +0000
ROA not before:           Tue 14 Oct 2025 16:02:22 +0000
ROA not after:            Tue 18 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f00::/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:ff:2f:af:a9:53:5d:3e:ef:1b:ca:56:b4:1f:5b:13:05:12:cc:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 14 16:02:22 2025 GMT
            Not After : Nov 18 23:59:59 2025 GMT
        Subject: serialNumber=2ffc0b0421e5a53c9f59fd20f3af55f8b2d9a68586c26847bb89cf52550e88db, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:20:66:86:fc:64:47:7a:62:b1:fe:db:d3:90:
                    6f:2f:52:ac:a6:6a:4a:ef:5e:f5:e0:17:aa:1c:27:
                    07:2d:eb:b4:26:49:62:d5:7a:92:12:f8:df:50:c2:
                    6c:de:ec:1a:95:58:3d:30:59:cf:22:ed:20:e6:9b:
                    08:19:a7:d7:5d:c1:45:bf:51:ae:a5:f8:81:f8:8f:
                    a0:20:e3:2b:83:2a:6d:9e:18:ff:cc:3d:bf:78:d0:
                    9f:b5:0a:6a:90:1c:87:11:44:a0:49:12:0a:91:f8:
                    17:41:e0:25:96:b9:b8:b6:1f:18:7a:cc:bd:ef:ab:
                    48:44:59:97:fd:cf:a0:e7:45:cb:a9:15:83:f8:48:
                    4e:4e:6a:c9:e1:f5:b6:04:77:a0:ab:4d:34:ea:a9:
                    9d:8e:2b:22:58:e7:85:dc:ba:09:cd:be:fd:be:65:
                    2e:67:01:fa:b4:55:31:ac:37:a4:18:3a:66:19:e6:
                    22:5f:e8:1a:a4:d9:ba:26:af:d7:95:de:d3:31:61:
                    16:fa:e2:97:ea:d4:47:e7:61:ca:20:3d:2a:8f:e9:
                    cf:5d:9b:84:61:18:c4:27:06:42:2c:29:9d:c3:93:
                    b7:12:83:c2:e8:74:0b:69:b9:b4:21:2e:85:d4:ff:
                    b7:5f:37:71:84:35:53:fa:6d:ab:58:2e:86:f7:8e:
                    65:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:FC:80:1E:1A:DB:94:FF:2E:02:BC:19:CB:CA:05:31:E2:05:D8:6E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/62d73b12-bd72-4fc5-8d0d-b0fd6b055927.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f00::/24

    Signature Algorithm: sha256WithRSAEncryption
         18:6e:65:f8:ab:31:78:b9:d5:fc:07:89:35:20:a3:81:41:85:
         05:90:c1:a4:1b:c9:12:ec:85:a3:b5:09:f0:af:3b:d8:9e:e5:
         d2:59:38:37:11:44:bc:76:75:c6:3c:8f:6f:0b:d2:08:33:a1:
         94:30:cd:1d:46:9b:66:a0:62:2d:17:70:ca:8a:31:de:44:cf:
         e5:4a:86:f9:06:12:1a:6a:7c:c6:5e:ee:28:db:eb:8a:89:cf:
         d7:c2:43:29:b5:bf:86:31:3a:19:bb:7b:53:8e:b4:ac:c9:20:
         73:0a:75:3d:2b:dd:84:7d:a1:52:25:b0:d5:77:e2:54:05:f8:
         c0:76:f8:eb:e2:ad:94:76:55:e9:56:d6:57:c8:ac:f1:15:ad:
         81:5e:06:49:23:e5:e5:d9:82:49:41:cb:63:81:40:d8:a9:2c:
         c3:5d:a0:7d:af:d0:79:38:04:6a:53:a2:7a:2c:cb:73:ab:09:
         da:6c:99:62:b3:74:00:2e:c6:19:5a:95:aa:67:6c:be:a2:b9:
         06:e5:c4:73:0b:1d:4f:b8:2a:3c:3a:6e:50:0e:fa:06:5f:bd:
         7d:80:75:c9:f3:34:7b:a0:35:06:59:25:92:b3:97:03:36:24:
         a5:cf:69:34:a4:48:20:14:d2:49:07:32:4b:e1:39:c2:b2:a8:
         e1:99:10:44
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUI/8vr6lTXT7vG8pWtB9bEwUSzP8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE0MTYwMjIyWhcNMjUxMTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AyZmZjMGIwNDIxZTVhNTNjOWY1OWZkMjBmM2FmNTVmOGIy
ZDlhNjg1ODZjMjY4NDdiYjg5Y2Y1MjU1MGU4OGRiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDaIGaG/GRHemKx/tvTkG8vUqymakrvXvXgF6ocJwct67Qm
SWLVepIS+N9Qwmze7BqVWD0wWc8i7SDmmwgZp9ddwUW/Ua6l+IH4j6Ag4yuDKm2e
GP/MPb940J+1CmqQHIcRRKBJEgqR+BdB4CWWubi2Hxh6zL3vq0hEWZf9z6DnRcup
FYP4SE5Oasnh9bYEd6CrTTTqqZ2OKyJY54XcugnNvv2+ZS5nAfq0VTGsN6QYOmYZ
5iJf6Bqk2bomr9eV3tMxYRb64pfq1EfnYcogPSqP6c9dm4RhGMQnBkIsKZ3Dk7cS
g8LodAtpubQhLoXU/7dfN3GENVP6batYLob3jmXJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU8/yAHhrblP8uArwZy8oFMeIF2G4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzYyZDczYjEyLWJkNzItNGZjNS04ZDBkLWIwZmQ2YjA1NTkyNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAC
MAYDBAAmAB8wDQYJKoZIhvcNAQELBQADggEBABhuZfirMXi51fwHiTUgo4FBhQWQ
waQbyRLshaO1CfCvO9ie5dJZODcRRLx2dcY8j28L0ggzoZQwzR1Gm2agYi0XcMqK
Md5Ez+VKhvkGEhpqfMZe7ijb64qJz9fCQym1v4YxOhm7e1OOtKzJIHMKdT0r3YR9
oVIlsNV34lQF+MB2+OvirZR2VelW1lfIrPEVrYFeBkkj5eXZgklBy2OBQNipLMNd
oH2v0Hk4BGpTonosy3OrCdpsmWKzdAAuxhlalapnbL6iuQblxHMLHU+4Kjw6blAO
+gZfvX2AdcnzNHugNQZZJZKzlwM2JKXPaTSkSCAU0kkHMkvhOcKyqOGZEEQ=
-----END CERTIFICATE-----