Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8e056f55-6a1d-461d-a258-f4c8e81748a1.roa
File:                     8e056f55-6a1d-461d-a258-f4c8e81748a1.roa (raw, json)
Hash identifier:          y6jJF26FY83jyXixxpbKzYPwKx7PYgM13/iTE8CxdHk=
Subject key identifier:   F4:DF:2B:3B:F2:A0:F8:7F:34:A6:6D:4A:1A:B2:BB:B8:FF:89:17:58
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4269050BA893D6292E68F116922F434FB82C53F3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8e056f55-6a1d-461d-a258-f4c8e81748a1.roa
Signing time:             Sat 18 Oct 2025 01:30:14 +0000
ROA not before:           Sat 18 Oct 2025 01:30:14 +0000
ROA not after:            Sat 22 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f15:4000::/37 maxlen: 37
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:69:05:0b:a8:93:d6:29:2e:68:f1:16:92:2f:43:4f:b8:2c:53:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 18 01:30:14 2025 GMT
            Not After : Nov 22 23:59:59 2025 GMT
        Subject: serialNumber=30841d7e73e5d31e18030586cc5da25ed1ba78a96b90a2db6d3606b3da7ea353, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:1f:5d:57:88:b2:4c:d0:9c:af:3c:30:87:44:
                    62:df:be:09:a7:a8:ef:a1:a4:e8:71:76:b3:63:c7:
                    5a:9e:6e:07:56:b1:dc:22:49:6f:ec:9d:ea:5f:77:
                    03:e7:b7:2d:2d:8b:da:fc:46:6f:5c:cd:02:30:40:
                    f3:fc:ed:65:72:7c:a7:fc:79:85:47:bb:4b:6f:42:
                    8d:c9:ee:55:67:f0:42:d0:4e:94:9e:97:9a:7d:c6:
                    9b:ce:69:d3:92:b2:da:4b:03:eb:37:01:3e:0b:88:
                    dc:fa:8f:c6:d6:58:97:72:b8:f4:a5:8f:8a:12:ca:
                    82:2d:ce:fa:cc:a6:b4:4e:8b:5e:03:64:a2:76:a0:
                    8c:e8:45:a6:49:8f:8f:50:ae:93:15:02:b4:f8:4d:
                    26:68:f5:0e:8b:5e:2e:5a:ac:40:6c:5e:a5:91:c0:
                    71:d8:b9:01:8c:70:c8:c2:6e:e7:7c:f1:0d:8d:ee:
                    37:00:d0:50:fe:5d:88:b4:d3:7e:63:79:59:ee:a8:
                    8f:7f:d1:ca:de:80:a1:65:0e:a9:5c:1c:ed:11:61:
                    44:c1:6b:6e:d5:c2:4f:1b:6d:80:5f:42:21:b4:25:
                    1f:06:76:f9:c3:f4:4f:3f:11:46:fa:11:99:fc:d7:
                    e6:39:16:47:a6:69:26:2d:7d:62:cb:bc:72:ba:e6:
                    65:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:DF:2B:3B:F2:A0:F8:7F:34:A6:6D:4A:1A:B2:BB:B8:FF:89:17:58
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8e056f55-6a1d-461d-a258-f4c8e81748a1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f15:4000::/37

    Signature Algorithm: sha256WithRSAEncryption
         8c:4c:ec:27:65:90:04:71:5d:0e:f5:91:de:d3:bf:9e:27:43:
         87:5a:7c:43:11:81:7f:10:16:1e:17:e1:16:82:14:70:69:57:
         55:67:17:78:fb:36:6f:14:b8:fc:3f:a2:f1:d9:11:43:af:b5:
         14:8c:31:d3:d5:18:26:2a:95:6e:98:c2:63:4c:0b:b5:62:34:
         81:e4:75:7c:67:b3:72:77:c6:52:bc:2e:a0:f6:0d:5f:05:80:
         0b:b4:20:73:f1:3d:61:ef:19:78:1e:15:92:ad:94:be:f4:00:
         c9:a2:20:75:98:d5:ff:65:bd:f6:38:b3:b5:34:99:2f:06:7e:
         8d:34:a3:c7:00:48:54:50:5d:a4:f2:3f:ce:ec:17:36:35:7e:
         14:15:71:45:05:13:24:e4:5c:9e:81:a6:a3:23:be:01:bf:c2:
         2c:d2:61:90:4c:c0:32:72:e7:db:28:85:45:c2:cb:e3:ec:32:
         ba:b6:3b:df:dd:2b:dc:d6:12:cd:ae:e3:eb:dc:8d:7f:80:21:
         11:70:a0:82:fe:ec:34:6d:07:84:d8:58:28:d8:b5:8f:86:70:
         b6:52:75:22:5f:55:d7:fb:2e:86:bf:1b:69:d5:2f:c6:db:25:
         27:0b:86:0c:f6:61:61:7b:03:12:1b:77:53:43:f6:5c:5e:4d:
         2a:41:8a:f6
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUQmkFC6iT1ikuaPEWki9DT7gsU/MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE4MDEzMDE0WhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0AzMDg0MWQ3ZTczZTVkMzFlMTgwMzA1ODZjYzVkYTI1ZWQx
YmE3OGE5NmI5MGEyZGI2ZDM2MDZiM2RhN2VhMzUzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDiH11XiLJM0JyvPDCHRGLfvgmnqO+hpOhxdrNjx1qebgdW
sdwiSW/snepfdwPnty0ti9r8Rm9czQIwQPP87WVyfKf8eYVHu0tvQo3J7lVn8ELQ
TpSel5p9xpvOadOSstpLA+s3AT4LiNz6j8bWWJdyuPSlj4oSyoItzvrMprROi14D
ZKJ2oIzoRaZJj49QrpMVArT4TSZo9Q6LXi5arEBsXqWRwHHYuQGMcMjCbud88Q2N
7jcA0FD+XYi0035jeVnuqI9/0cregKFlDqlcHO0RYUTBa27Vwk8bbYBfQiG0JR8G
dvnD9E8/EUb6EZn81+Y5FkemaSYtfWLLvHK65mUNAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU9N8rO/Kg+H80pm1KGrK7uP+JF1gwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhlMDU2ZjU1LTZhMWQtNDYxZC1hMjU4LWY0YzhlODE3NDhhMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgMmAB8VQDANBgkqhkiG9w0BAQsFAAOCAQEAjEzsJ2WQBHFdDvWR3tO/nidD
h1p8QxGBfxAWHhfhFoIUcGlXVWcXePs2bxS4/D+i8dkRQ6+1FIwx09UYJiqVbpjC
Y0wLtWI0geR1fGezcnfGUrwuoPYNXwWAC7Qgc/E9Ye8ZeB4Vkq2UvvQAyaIgdZjV
/2W99jiztTSZLwZ+jTSjxwBIVFBdpPI/zuwXNjV+FBVxRQUTJORcnoGmoyO+Ab/C
LNJhkEzAMnLn2yiFRcLL4+wyurY7390r3NYSza7j69yNf4AhEXCggv7sNG0HhNhY
KNi1j4ZwtlJ1Il9V1/suhr8badUvxtslJwuGDPZhYXsDEht3U0P2XF5NKkGK9g==
-----END CERTIFICATE-----