Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7c84c8b4-b6fd-476d-84bf-094c6f9e6769.roa
File:                     7c84c8b4-b6fd-476d-84bf-094c6f9e6769.roa (raw, json)
Hash identifier:          P0KLmYvzKCRe0COiAufjlNG87TlNM7vMdFhLMtFiUyU=
Subject key identifier:   BB:94:DF:46:3B:62:B8:D6:CC:9C:29:D0:9D:CC:47:F3:0A:74:8B:B8
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       022D87DE3FB2151B8EF8E1106AF42CF3CA209857
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7c84c8b4-b6fd-476d-84bf-094c6f9e6769.roa
Signing time:             Tue 07 Oct 2025 00:51:08 +0000
ROA not before:           Tue 07 Oct 2025 00:51:08 +0000
ROA not after:            Tue 11 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1fbb::/32 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:2d:87:de:3f:b2:15:1b:8e:f8:e1:10:6a:f4:2c:f3:ca:20:98:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  7 00:51:08 2025 GMT
            Not After : Nov 11 23:59:59 2025 GMT
        Subject: serialNumber=52f222fccef1ada8a6d81a5fa7f62e9f72a69a9dc58ba50b5ed88ec0dfac781f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:e7:c2:47:d1:96:4e:af:cf:92:48:24:95:22:
                    f8:03:c9:bb:dc:11:fd:71:cc:16:e7:df:9f:2a:8d:
                    c1:ef:68:8a:64:9e:ac:7a:d9:2e:ef:7d:8e:12:c3:
                    99:4a:50:f0:ff:d9:7c:63:bc:f1:90:4f:f5:5c:e6:
                    18:ea:d3:44:71:eb:d8:0b:1c:ca:13:4a:7d:7f:f7:
                    8d:00:75:4b:4a:56:56:4c:60:2e:7c:6f:c8:a0:da:
                    b6:c6:bd:43:2d:d4:db:63:ca:a5:a9:f0:f1:88:a3:
                    36:75:5d:f2:06:00:1b:8d:64:50:07:83:c4:93:1a:
                    06:17:9c:6e:52:59:ee:5f:3a:af:ef:dc:e1:6b:66:
                    cf:9c:9f:22:3a:8b:e7:98:e2:39:4b:34:f7:66:91:
                    74:74:3a:48:d4:d0:19:40:24:09:25:56:9f:1c:d6:
                    d0:10:26:19:8f:c5:44:94:93:75:65:08:7e:e3:20:
                    01:be:ff:db:d5:af:5f:42:16:77:23:83:3e:4f:c3:
                    c3:4d:8e:9c:0c:ab:e6:98:51:c7:99:a5:bd:53:a2:
                    47:cf:82:5d:84:f0:cc:67:7c:66:5d:1b:0f:73:47:
                    b1:62:4d:6f:09:8f:47:61:4f:0d:21:c2:10:01:aa:
                    4d:78:68:19:00:97:25:36:75:36:a4:58:cf:dd:6a:
                    74:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:94:DF:46:3B:62:B8:D6:CC:9C:29:D0:9D:CC:47:F3:0A:74:8B:B8
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7c84c8b4-b6fd-476d-84bf-094c6f9e6769.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fbb::/32

    Signature Algorithm: sha256WithRSAEncryption
         80:78:8b:f9:0f:76:f9:51:ed:95:ca:25:1a:9c:a6:5f:56:1e:
         57:3f:ee:b9:b8:b8:b6:10:99:f5:7b:6a:15:d4:97:92:10:80:
         c0:1e:a4:5f:4a:aa:57:a5:df:d9:c5:4c:41:8f:25:8c:6a:cc:
         07:2c:6a:66:1b:36:3d:cc:00:c6:21:3b:f4:94:fc:ac:8c:d4:
         26:2f:31:ce:0d:82:cf:f9:0b:80:3e:7e:0c:bb:46:92:91:dc:
         f8:11:ee:1e:6f:74:8a:93:5d:66:8c:40:ad:5e:07:16:9e:46:
         a3:7d:0c:eb:d1:52:3c:4a:01:47:af:a5:59:a0:78:6b:5f:b9:
         12:c2:6b:bb:9f:11:c1:b7:ae:2f:cc:8b:0b:b9:ca:0f:b0:0d:
         b0:22:10:17:88:c7:81:ee:51:42:a0:0b:18:36:bb:e4:a1:f2:
         a2:31:33:87:9c:7c:e4:36:fc:ba:b2:be:de:b6:f4:69:4e:8d:
         42:53:db:d2:a4:e6:cf:88:cc:5d:5b:0e:c0:4e:7b:40:40:06:
         b4:79:8a:67:ef:e0:67:07:dc:07:ab:77:5a:95:28:6f:7e:0a:
         dc:8f:83:13:67:dd:55:8e:29:e7:cb:34:9b:69:c8:69:b9:76:
         27:69:7b:cf:ac:00:5b:06:c7:65:3e:42:a7:0d:ff:f2:33:62:
         b1:26:f6:65
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIUAi2H3j+yFRuO+OEQavQs88ogmFcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA3MDA1MTA4WhcNMjUxMTExMjM1OTU5
WjB6MUkwRwYDVQQFE0A1MmYyMjJmY2NlZjFhZGE4YTZkODFhNWZhN2Y2MmU5Zjcy
YTY5YTlkYzU4YmE1MGI1ZWQ4OGVjMGRmYWM3ODFmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCi58JH0ZZOr8+SSCSVIvgDybvcEf1xzBbn358qjcHvaIpk
nqx62S7vfY4Sw5lKUPD/2XxjvPGQT/Vc5hjq00Rx69gLHMoTSn1/940AdUtKVlZM
YC58b8ig2rbGvUMt1NtjyqWp8PGIozZ1XfIGABuNZFAHg8STGgYXnG5SWe5fOq/v
3OFrZs+cnyI6i+eY4jlLNPdmkXR0OkjU0BlAJAklVp8c1tAQJhmPxUSUk3VlCH7j
IAG+/9vVr19CFncjgz5Pw8NNjpwMq+aYUceZpb1TokfPgl2E8MxnfGZdGw9zR7Fi
TW8Jj0dhTw0hwhABqk14aBkAlyU2dTakWM/danS9AgMBAAGjggKyMIICrjAdBgNV
HQ4EFgQUu5TfRjtiuNbMnCnQncxH8wp0i7gwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdjODRjOGI0LWI2ZmQtNDc2ZC04NGJmLTA5NGM2ZjllNjc2OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC
MAcDBQAmAB+7MA0GCSqGSIb3DQEBCwUAA4IBAQCAeIv5D3b5Ue2VyiUanKZfVh5X
P+65uLi2EJn1e2oV1JeSEIDAHqRfSqpXpd/ZxUxBjyWMaswHLGpmGzY9zADGITv0
lPysjNQmLzHODYLP+QuAPn4Mu0aSkdz4Ee4eb3SKk11mjECtXgcWnkajfQzr0VI8
SgFHr6VZoHhrX7kSwmu7nxHBt64vzIsLucoPsA2wIhAXiMeB7lFCoAsYNrvkofKi
MTOHnHzkNvy6sr7etvRpTo1CU9vSpObPiMxdWw7ATntAQAa0eYpn7+BnB9wHq3da
lShvfgrcj4MTZ91VjinnyzSbachpuXYnaXvPrABbBsdlPkKnDf/yM2KxJvZl
-----END CERTIFICATE-----