Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7c163596-3504-4d1c-ac66-c039ee66cb59.roa
File:                     7c163596-3504-4d1c-ac66-c039ee66cb59.roa (raw, json)
Hash identifier:          NDc0HMs2efxD7n27ZLJohuSVb6jFKiqqn3dFgjqDNO8=
Subject key identifier:   05:44:DF:17:EF:D9:91:FF:B7:12:A6:5F:7E:B8:84:4C:25:D0:5B:98
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       40512420FAF944639CE9EF72808C2FA6BE52C09B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7c163596-3504-4d1c-ac66-c039ee66cb59.roa
Signing time:             Wed 01 Oct 2025 00:22:00 +0000
ROA not before:           Wed 01 Oct 2025 00:22:00 +0000
ROA not after:            Wed 05 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f2e:8000::/36 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:51:24:20:fa:f9:44:63:9c:e9:ef:72:80:8c:2f:a6:be:52:c0:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  1 00:22:00 2025 GMT
            Not After : Nov  5 23:59:59 2025 GMT
        Subject: serialNumber=077c32af22ed5f08d00d357fea68f1e08ce7c0e6670211cf2aec7ef808a39837, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:b8:0b:76:9f:6d:58:65:8d:44:73:65:44:0a:
                    32:e2:f5:c4:62:57:4b:a2:6b:2f:b8:4f:52:a9:6a:
                    dd:f5:39:f5:52:1b:79:52:f6:48:17:30:9b:e7:18:
                    4f:ed:72:a9:aa:ce:c0:6a:8c:c3:26:12:35:4e:66:
                    63:50:35:70:f9:73:67:b6:a9:5f:1c:de:b5:ca:0c:
                    95:60:c1:79:c7:34:88:f0:64:e8:95:d9:a7:f3:b6:
                    1b:02:43:d8:9e:c8:39:f6:cb:24:d3:06:09:42:1c:
                    8d:fc:68:eb:29:37:60:cd:75:91:24:83:34:43:57:
                    25:1e:32:cf:c5:71:0d:a9:c4:2b:f9:71:b4:bb:42:
                    e1:72:79:88:c2:93:08:26:42:74:e4:3d:65:8a:60:
                    1e:37:30:93:ef:d2:ca:6f:82:53:eb:4c:99:47:23:
                    cb:0b:d4:47:fe:0c:8a:d8:26:79:e1:42:e0:3e:a6:
                    40:27:3a:2d:53:48:4c:f1:11:df:af:f8:f0:61:49:
                    ec:a6:02:90:02:ba:a5:33:67:1a:ea:d6:fd:e4:98:
                    07:f9:14:5c:78:75:b4:9b:35:3d:64:4c:ea:e8:c9:
                    22:d4:a2:59:b6:b2:6a:df:6a:c4:f3:92:5e:bc:32:
                    4c:fb:a2:e8:da:c0:c5:54:f6:52:23:4f:46:bf:ad:
                    5e:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:44:DF:17:EF:D9:91:FF:B7:12:A6:5F:7E:B8:84:4C:25:D0:5B:98
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7c163596-3504-4d1c-ac66-c039ee66cb59.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f2e:8000::/36

    Signature Algorithm: sha256WithRSAEncryption
         95:1c:75:38:12:71:9f:2e:3b:c4:80:0f:62:31:23:8c:9e:ba:
         7a:57:51:a4:6f:6b:b0:51:1f:d9:62:e7:73:6e:32:c3:cd:1b:
         8a:93:05:42:1f:c9:5e:66:b1:79:1c:7d:c4:69:6c:5c:f5:91:
         73:49:f6:d6:cd:ed:01:87:95:38:0f:ff:99:89:0c:13:9c:96:
         c1:a8:e6:1a:95:73:33:5b:9d:6e:d4:76:18:d3:59:55:27:ac:
         4b:65:65:40:b7:31:d9:31:8f:d9:1f:6d:9c:05:7e:83:47:e3:
         30:1b:bf:a4:e1:81:aa:5e:50:57:bd:aa:5c:dd:88:78:68:4f:
         77:de:61:50:ac:1d:33:3e:48:4a:c7:d3:56:b8:73:e8:21:37:
         e9:e1:d8:86:6f:fd:fc:35:36:c3:5a:0a:05:34:e0:15:92:8f:
         ea:5f:18:98:11:3e:30:6f:c2:fc:d1:02:f6:12:70:7f:0d:b6:
         e8:8d:e6:e5:fb:d3:e6:2e:c3:3b:2c:5e:b1:3a:3d:f4:fc:d4:
         a3:94:33:5f:7c:45:8c:9e:fb:fa:5d:ed:95:de:ea:b7:ac:cc:
         21:bb:3e:e1:9b:f3:f8:30:a7:7a:a8:a1:4a:47:92:40:41:15:
         c2:9e:6e:7f:8e:82:4f:68:8f:77:9c:6e:ed:15:fa:c4:21:ff:
         2d:8f:e8:55
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUQFEkIPr5RGOc6e9ygIwvpr5SwJswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDAyMjAwWhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0AwNzdjMzJhZjIyZWQ1ZjA4ZDAwZDM1N2ZlYTY4ZjFlMDhj
ZTdjMGU2NjcwMjExY2YyYWVjN2VmODA4YTM5ODM3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDhuAt2n21YZY1Ec2VECjLi9cRiV0uiay+4T1Kpat31OfVS
G3lS9kgXMJvnGE/tcqmqzsBqjMMmEjVOZmNQNXD5c2e2qV8c3rXKDJVgwXnHNIjw
ZOiV2afzthsCQ9ieyDn2yyTTBglCHI38aOspN2DNdZEkgzRDVyUeMs/FcQ2pxCv5
cbS7QuFyeYjCkwgmQnTkPWWKYB43MJPv0spvglPrTJlHI8sL1Ef+DIrYJnnhQuA+
pkAnOi1TSEzxEd+v+PBhSeymApACuqUzZxrq1v3kmAf5FFx4dbSbNT1kTOroySLU
olm2smrfasTzkl68Mkz7oujawMVU9lIjT0a/rV6XAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUBUTfF+/Zkf+3EqZffriETCXQW5gwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdjMTYzNTk2LTM1MDQtNGQxYy1hYzY2LWMwMzllZTY2Y2I1OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8ugDANBgkqhkiG9w0BAQsFAAOCAQEAlRx1OBJxny47xIAPYjEjjJ66
eldRpG9rsFEf2WLnc24yw80bipMFQh/JXmaxeRx9xGlsXPWRc0n21s3tAYeVOA//
mYkME5yWwajmGpVzM1udbtR2GNNZVSesS2VlQLcx2TGP2R9tnAV+g0fjMBu/pOGB
ql5QV72qXN2IeGhPd95hUKwdMz5ISsfTVrhz6CE36eHYhm/9/DU2w1oKBTTgFZKP
6l8YmBE+MG/C/NEC9hJwfw226I3m5fvT5i7DOyxesTo99PzUo5QzX3xFjJ77+l3t
ld7qt6zMIbs+4Zvz+DCneqihSkeSQEEVwp5uf46CT2iPd5xu7RX6xCH/LY/oVQ==
-----END CERTIFICATE-----