Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/94ea3336-2ba3-4ecb-94e5-756a8bbbcaec.roa
File:                     94ea3336-2ba3-4ecb-94e5-756a8bbbcaec.roa (raw, json)
Hash identifier:          sw9aVX3f/1xlI74msQsXaVHHQgGpLhwYx+0u3SlLmos=
Subject key identifier:   46:72:03:22:F8:4B:A7:82:42:73:9F:22:6D:DB:B6:96:AB:C0:FC:B9
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       55425333F80C2FA143BCC538AC68195D8B2E21C9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/94ea3336-2ba3-4ecb-94e5-756a8bbbcaec.roa
Signing time:             Sat 04 Oct 2025 00:42:42 +0000
ROA not before:           Sat 04 Oct 2025 00:42:42 +0000
ROA not after:            Sat 08 Nov 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2600:1ff3:5000::/40 maxlen: 40
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:42:53:33:f8:0c:2f:a1:43:bc:c5:38:ac:68:19:5d:8b:2e:21:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  4 00:42:42 2025 GMT
            Not After : Nov  8 23:59:59 2025 GMT
        Subject: serialNumber=b15e106bac5a8be9b10c5ab96d9a7f06677d842ef0a24065c459326d8292e15a, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:b8:bd:6e:2c:0a:d4:b2:ac:ab:8e:66:ab:eb:
                    e9:c5:ab:55:22:1e:88:2b:da:4c:bf:b5:67:22:44:
                    ce:f4:5d:3b:9a:17:15:78:7e:78:4b:fd:1b:9d:78:
                    95:5c:13:91:a0:70:95:7e:9e:13:2a:cf:ad:d7:49:
                    c0:91:92:a9:4e:77:88:9d:a8:ef:67:e4:39:13:bc:
                    59:61:4e:33:39:2f:1b:2e:8a:5c:e9:56:91:cb:47:
                    6e:f2:ac:c1:8f:96:b6:ad:e8:c7:24:19:f7:6e:f7:
                    6b:9f:9b:2e:b1:34:f5:28:e3:b7:2d:15:5e:9a:db:
                    d9:0a:35:9b:4f:02:c0:f2:fb:6f:e0:9d:b4:93:2b:
                    2b:49:f8:b3:14:b4:89:00:80:f3:6a:5c:35:4f:90:
                    f2:8f:3e:7e:be:48:2e:f6:a5:a6:c8:3b:5b:c0:f7:
                    cd:5b:69:37:8b:9a:36:70:4b:62:0a:ca:79:a8:56:
                    99:97:f3:ea:34:f6:ec:d8:25:0c:c8:a4:7e:2a:14:
                    3f:9c:4d:11:bb:21:4a:7a:f7:58:cc:27:c9:96:25:
                    88:62:77:a9:75:d6:29:8f:57:c9:7c:c2:2a:0a:a7:
                    98:f5:73:62:63:14:92:e7:68:17:4e:83:1c:60:e9:
                    4d:b3:ac:6d:fd:9e:3e:b2:fb:ba:96:95:84:85:64:
                    e4:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:72:03:22:F8:4B:A7:82:42:73:9F:22:6D:DB:B6:96:AB:C0:FC:B9
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/94ea3336-2ba3-4ecb-94e5-756a8bbbcaec.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff3:5000::/40

    Signature Algorithm: sha256WithRSAEncryption
         93:71:3f:7a:b5:86:2d:f4:a5:f7:9d:96:a8:b6:a4:7a:f3:b4:
         98:67:b0:87:d1:70:1e:d2:18:c9:2e:e7:9f:14:e8:65:42:05:
         36:70:a6:94:ac:bc:26:0c:3a:2d:a1:70:34:c4:e6:e2:ba:b2:
         67:f7:bd:fc:0c:31:3e:2f:4a:7a:cc:30:b4:af:6d:2e:33:d8:
         ce:61:43:af:d6:aa:49:8e:cf:de:5c:87:1a:2c:64:37:bd:6a:
         96:e0:22:d4:c3:db:e8:fa:9b:79:53:69:07:24:10:f5:1c:4e:
         eb:58:e5:ca:c8:a1:55:c6:86:2c:6d:ab:97:b8:bf:af:2a:36:
         38:77:6d:5b:ff:de:46:06:e0:74:fc:1a:69:a2:c8:56:e5:7d:
         4a:2e:a3:ba:50:1c:47:88:c4:cf:16:98:2d:51:0d:f3:a9:06:
         6d:45:25:e9:2f:22:6c:2a:9b:84:fe:d9:3c:0f:52:b8:0f:c3:
         cd:4f:74:44:17:cf:bc:f9:f4:4d:8e:2a:ae:3e:90:ee:a9:a8:
         66:0f:19:13:60:84:38:b7:4e:d0:01:d5:60:6c:cb:21:6d:17:
         2b:22:51:c9:c2:52:72:44:f7:c7:f6:94:3d:3e:e3:8a:5f:2e:
         f9:92:69:ac:ce:86:be:a4:7d:cb:3a:01:a7:f8:49:f3:fe:18:
         71:ed:77:db
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUVUJTM/gML6FDvMU4rGgZXYsuIckwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA0MDA0MjQyWhcNMjUxMTA4MjM1OTU5
WjB6MUkwRwYDVQQFE0BiMTVlMTA2YmFjNWE4YmU5YjEwYzVhYjk2ZDlhN2YwNjY3
N2Q4NDJlZjBhMjQwNjVjNDU5MzI2ZDgyOTJlMTVhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCquL1uLArUsqyrjmar6+nFq1UiHogr2ky/tWciRM70XTua
FxV4fnhL/RudeJVcE5GgcJV+nhMqz63XScCRkqlOd4idqO9n5DkTvFlhTjM5Lxsu
ilzpVpHLR27yrMGPlrat6MckGfdu92ufmy6xNPUo47ctFV6a29kKNZtPAsDy+2/g
nbSTKytJ+LMUtIkAgPNqXDVPkPKPPn6+SC72pabIO1vA981baTeLmjZwS2IKynmo
VpmX8+o09uzYJQzIpH4qFD+cTRG7IUp691jMJ8mWJYhid6l11imPV8l8wioKp5j1
c2JjFJLnaBdOgxxg6U2zrG39nj6y+7qWlYSFZORlAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQURnIDIvhLp4JCc58ibdu2lqvA/LkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk0ZWEzMzM2LTJiYTMtNGVjYi05NGU1LTc1NmE4YmJiY2FlYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/zUDANBgkqhkiG9w0BAQsFAAOCAQEAk3E/erWGLfSl952WqLakevO0
mGewh9FwHtIYyS7nnxToZUIFNnCmlKy8Jgw6LaFwNMTm4rqyZ/e9/AwxPi9Kesww
tK9tLjPYzmFDr9aqSY7P3lyHGixkN71qluAi1MPb6PqbeVNpByQQ9RxO61jlysih
VcaGLG2rl7i/ryo2OHdtW//eRgbgdPwaaaLIVuV9Si6julAcR4jEzxaYLVEN86kG
bUUl6S8ibCqbhP7ZPA9SuA/DzU90RBfPvPn0TY4qrj6Q7qmoZg8ZE2CEOLdO0AHV
YGzLIW0XKyJRycJSckT3x/aUPT7jil8u+ZJprM6GvqR9yzoBp/hJ8/4Yce132w==
-----END CERTIFICATE-----