Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/713ada64-003f-4d7e-9ca8-19853d2f9d0e.roa
File:                     713ada64-003f-4d7e-9ca8-19853d2f9d0e.roa (raw, json)
Hash identifier:          slCG5hgg2M60/29Pk0YSn8ZZzUyyfXpH3qV31ewM9sc=
Subject key identifier:   3C:A7:6D:8F:CE:F0:A0:8D:EC:78:7B:02:AB:D3:B7:E8:F0:4F:E1:AD
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6002F0DDEA33916327DBC82361AF6EC0FC70BCF7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/713ada64-003f-4d7e-9ca8-19853d2f9d0e.roa
Signing time:             Sun 19 Oct 2025 02:11:46 +0000
ROA not before:           Sun 19 Oct 2025 02:11:46 +0000
ROA not after:            Sun 23 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f20:c000::/36 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:02:f0:dd:ea:33:91:63:27:db:c8:23:61:af:6e:c0:fc:70:bc:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 19 02:11:46 2025 GMT
            Not After : Nov 23 23:59:59 2025 GMT
        Subject: serialNumber=ce813efe2266fc1755e8129621ee60dd2b2a5e421901a0f1c3cbf3cd6cf0abe6, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:15:cb:af:cb:69:9e:7f:fe:34:64:1e:f0:77:
                    2a:2a:50:5a:b8:93:7f:9e:3d:84:0f:b8:bc:7b:8a:
                    23:8b:4f:14:21:5d:c0:11:57:8e:1a:ea:3e:5f:0c:
                    06:9d:39:cd:f0:d3:01:0c:7e:3a:38:dd:09:2d:61:
                    42:0a:00:2c:66:ad:2d:42:72:eb:43:d1:9a:9b:37:
                    3e:88:7b:37:38:4f:ee:ff:1c:00:60:6b:1d:cc:fc:
                    56:8d:51:a3:2d:1d:47:ff:82:49:cc:f5:7f:84:e9:
                    29:92:2a:4b:27:93:23:11:21:f6:e8:6d:90:a3:bf:
                    f7:46:96:3f:4b:35:0c:bc:69:b3:66:53:2b:81:81:
                    e5:ae:f4:7f:dc:da:09:ca:1a:3e:76:91:4a:9a:9a:
                    66:b1:0f:87:4d:81:0d:65:a7:54:3b:fd:c7:76:d9:
                    60:c9:17:05:ee:c1:2a:cd:14:c4:be:3d:08:dd:e6:
                    be:cd:94:6e:37:38:72:53:9e:67:4f:a8:4a:d7:90:
                    cf:39:27:27:a6:23:44:4c:1a:1b:0a:1b:df:df:15:
                    c2:3d:09:3f:1c:cd:da:d6:2e:3b:34:48:b8:1d:7d:
                    9f:8b:f9:dc:09:de:7b:a0:6d:a7:1f:47:c4:2c:be:
                    6e:ec:fc:92:e8:fa:6c:9c:6f:ef:88:5a:e7:3d:cc:
                    0b:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:A7:6D:8F:CE:F0:A0:8D:EC:78:7B:02:AB:D3:B7:E8:F0:4F:E1:AD
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/713ada64-003f-4d7e-9ca8-19853d2f9d0e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f20:c000::/36

    Signature Algorithm: sha256WithRSAEncryption
         c8:80:3c:f8:cc:f3:a2:cd:6a:f9:83:fa:6e:91:08:55:7a:7b:
         75:f4:8f:07:78:86:72:8f:8d:7f:e4:d8:8d:1b:95:dc:1b:df:
         ff:86:fd:72:53:d0:ed:07:f4:0e:de:97:e8:e1:9b:e9:52:32:
         f8:93:a3:3b:02:e5:85:ec:66:27:27:9a:0d:8e:b5:3b:b4:d4:
         8a:d8:da:23:fe:39:f4:95:69:80:54:7e:60:8f:8f:f5:39:5d:
         a2:b5:6d:f7:9b:ab:d7:79:73:0f:81:fb:a1:07:59:ea:23:a8:
         a7:f3:2b:b7:2e:21:3f:6a:be:24:77:2f:58:60:7e:c0:c2:6a:
         8b:95:94:39:c1:8e:b2:49:14:af:56:47:9c:c2:11:a7:cb:d2:
         fa:9b:2e:b5:f1:29:06:a6:1a:f0:d0:c0:63:d8:e5:04:5f:59:
         8d:bd:e3:ec:5f:75:ea:04:b5:10:88:fa:a1:75:2b:5a:7b:e9:
         cc:4e:cd:1f:81:1a:9c:bb:7e:d0:b5:03:6c:49:d7:09:27:03:
         fb:38:6c:98:04:0a:d5:13:40:d2:e1:8c:cd:71:3a:63:aa:d9:
         02:2b:24:5f:2a:4c:84:82:45:6c:71:90:56:a2:f7:fa:5c:d8:
         f2:0f:db:74:28:77:04:c6:99:3d:0b:7c:88:3c:bf:df:e5:20:
         df:32:47:b2
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUYALw3eozkWMn28gjYa9uwPxwvPcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE5MDIxMTQ2WhcNMjUxMTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BjZTgxM2VmZTIyNjZmYzE3NTVlODEyOTYyMWVlNjBkZDJi
MmE1ZTQyMTkwMWEwZjFjM2NiZjNjZDZjZjBhYmU2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDkFcuvy2mef/40ZB7wdyoqUFq4k3+ePYQPuLx7iiOLTxQh
XcARV44a6j5fDAadOc3w0wEMfjo43QktYUIKACxmrS1CcutD0ZqbNz6Iezc4T+7/
HABgax3M/FaNUaMtHUf/gknM9X+E6SmSKksnkyMRIfbobZCjv/dGlj9LNQy8abNm
UyuBgeWu9H/c2gnKGj52kUqammaxD4dNgQ1lp1Q7/cd22WDJFwXuwSrNFMS+PQjd
5r7NlG43OHJTnmdPqErXkM85JyemI0RMGhsKG9/fFcI9CT8czdrWLjs0SLgdfZ+L
+dwJ3nugbacfR8Qsvm7s/JLo+mycb++IWuc9zAtPAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUPKdtj87woI3seHsCq9O36PBP4a0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzcxM2FkYTY0LTAwM2YtNGQ3ZS05Y2E4LTE5ODUzZDJmOWQwZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8gwDANBgkqhkiG9w0BAQsFAAOCAQEAyIA8+Mzzos1q+YP6bpEIVXp7
dfSPB3iGco+Nf+TYjRuV3Bvf/4b9clPQ7Qf0Dt6X6OGb6VIy+JOjOwLlhexmJyea
DY61O7TUitjaI/459JVpgFR+YI+P9TldorVt95ur13lzD4H7oQdZ6iOop/Mrty4h
P2q+JHcvWGB+wMJqi5WUOcGOskkUr1ZHnMIRp8vS+psutfEpBqYa8NDAY9jlBF9Z
jb3j7F916gS1EIj6oXUrWnvpzE7NH4EanLt+0LUDbEnXCScD+zhsmAQK1RNA0uGM
zXE6Y6rZAiskXypMhIJFbHGQVqL3+lzY8g/bdCh3BMaZPQt8iDy/3+Ug3zJHsg==
-----END CERTIFICATE-----