Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98a4f4f7-0f38-4f2e-8855-ef7c11d857cb.roa
File:                     98a4f4f7-0f38-4f2e-8855-ef7c11d857cb.roa (raw, json)
Hash identifier:          czMBP08NVgr9NI21/FUOvuD9WZg410kvoAoyOOUOO8w=
Subject key identifier:   E2:18:23:8E:80:75:89:EA:0D:49:FB:F4:A5:C9:AB:D7:B1:DA:7F:1A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3101ED109469975680105D838A39BC3C6E91F62D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98a4f4f7-0f38-4f2e-8855-ef7c11d857cb.roa
Signing time:             Mon 06 Oct 2025 16:01:14 +0000
ROA not before:           Mon 06 Oct 2025 16:01:14 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ff1::/32 maxlen: 32
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:01:ed:10:94:69:97:56:80:10:5d:83:8a:39:bc:3c:6e:91:f6:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  6 16:01:14 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=e86a6c67626cc46d9a80c00502e55e82ab9037d6c6350cd94517d89a97d03428, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:6b:44:b2:62:72:8b:59:3f:03:1b:fd:09:57:
                    85:ae:10:04:7d:73:b3:f1:fe:4c:15:43:6d:b4:04:
                    14:7b:90:38:46:d7:8a:77:49:54:9c:6e:a2:01:cd:
                    be:2f:41:3f:a3:41:4b:42:b5:01:07:3e:a5:2f:c1:
                    57:07:d8:de:6c:f7:b9:28:0e:ad:28:f3:0d:9a:45:
                    0b:ec:db:ef:ff:ce:db:d8:5d:26:5f:94:da:c5:78:
                    77:e1:e6:27:9c:89:c2:81:ef:64:dd:31:32:00:44:
                    72:fd:8b:e0:6a:18:f3:f9:6d:80:0f:36:0b:fc:89:
                    3c:71:c7:01:a6:3b:9e:b4:e0:d9:50:aa:c9:70:ef:
                    36:1d:d1:07:04:ef:12:b5:d1:9a:92:16:f3:32:e5:
                    5c:1d:2f:ff:74:de:e9:1e:26:f1:ad:4f:a2:4d:e3:
                    92:44:da:10:1e:6e:b1:67:bf:bc:05:1c:e9:26:e8:
                    5d:ad:f9:f9:82:f3:da:56:bc:9a:e9:b2:cd:be:7d:
                    14:56:3a:14:97:e3:aa:fd:8f:d3:4b:bd:f4:b6:fb:
                    7f:49:43:10:58:9a:49:86:15:6a:0b:0a:6b:d0:7f:
                    06:14:f7:6c:aa:bb:b0:17:c2:5f:f5:c5:87:0c:82:
                    e6:4c:b7:8c:9c:0d:24:22:02:3a:8d:04:73:da:74:
                    1c:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:18:23:8E:80:75:89:EA:0D:49:FB:F4:A5:C9:AB:D7:B1:DA:7F:1A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98a4f4f7-0f38-4f2e-8855-ef7c11d857cb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff1::/32

    Signature Algorithm: sha256WithRSAEncryption
         d7:88:93:f2:52:dd:34:6e:c5:d7:2b:20:54:00:df:5c:82:94:
         a2:6b:a5:b4:93:a7:9a:03:d9:51:46:17:45:a2:e6:62:9c:8b:
         61:d9:95:69:ba:33:81:d5:45:c9:ef:6f:72:b3:43:fd:f3:f3:
         ae:a3:e7:67:56:2f:37:04:08:e9:d7:13:6e:df:02:cc:52:4e:
         5b:ab:73:78:f8:bb:95:14:96:b6:74:6d:4c:10:9e:69:94:b2:
         1d:a8:98:0d:d0:8e:3a:12:5b:bf:28:b9:a3:00:c3:09:0e:94:
         28:94:d5:4c:48:b3:82:fb:b6:bc:f0:20:c7:1e:27:a6:e8:b4:
         eb:21:c0:69:98:a4:c3:3a:60:be:a6:ce:cc:0e:4c:17:c6:98:
         bd:af:d7:b8:bf:78:3b:74:b0:95:fd:eb:30:c4:9c:15:a8:5a:
         0e:c7:21:27:fe:a5:74:f9:d6:26:2c:a8:18:b8:af:13:5b:3c:
         98:c9:b7:10:ac:a0:b0:43:7b:0e:fe:c4:fa:a5:ed:10:df:87:
         a2:02:fe:de:98:d1:59:54:db:0a:dd:86:5e:b1:a0:f0:f9:90:
         fc:75:4d:a1:38:4a:fc:54:66:f4:88:9d:50:57:5c:e2:d5:e2:
         51:2a:01:47:29:2e:d2:26:b0:a4:45:50:d5:54:da:9c:99:c3:
         0a:48:44:6f
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIUMQHtEJRpl1aAEF2Dijm8PG6R9i0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA2MTYwMTE0WhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BlODZhNmM2NzYyNmNjNDZkOWE4MGMwMDUwMmU1NWU4MmFi
OTAzN2Q2YzYzNTBjZDk0NTE3ZDg5YTk3ZDAzNDI4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDNa0SyYnKLWT8DG/0JV4WuEAR9c7Px/kwVQ220BBR7kDhG
14p3SVScbqIBzb4vQT+jQUtCtQEHPqUvwVcH2N5s97koDq0o8w2aRQvs2+//ztvY
XSZflNrFeHfh5iecicKB72TdMTIARHL9i+BqGPP5bYAPNgv8iTxxxwGmO5604NlQ
qslw7zYd0QcE7xK10ZqSFvMy5VwdL/903ukeJvGtT6JN45JE2hAebrFnv7wFHOkm
6F2t+fmC89pWvJrpss2+fRRWOhSX46r9j9NLvfS2+39JQxBYmkmGFWoLCmvQfwYU
92yqu7AXwl/1xYcMguZMt4ycDSQiAjqNBHPadBw3AgMBAAGjggKyMIICrjAdBgNV
HQ4EFgQU4hgjjoB1ieoNSfv0pcmr17HafxowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk4YTRmNGY3LTBmMzgtNGYyZS04ODU1LWVmN2MxMWQ4NTdjYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC
MAcDBQAmAB/xMA0GCSqGSIb3DQEBCwUAA4IBAQDXiJPyUt00bsXXKyBUAN9cgpSi
a6W0k6eaA9lRRhdFouZinIth2ZVpujOB1UXJ729ys0P98/Ouo+dnVi83BAjp1xNu
3wLMUk5bq3N4+LuVFJa2dG1MEJ5plLIdqJgN0I46Elu/KLmjAMMJDpQolNVMSLOC
+7a88CDHHiem6LTrIcBpmKTDOmC+ps7MDkwXxpi9r9e4v3g7dLCV/eswxJwVqFoO
xyEn/qV0+dYmLKgYuK8TWzyYybcQrKCwQ3sO/sT6pe0Q34eiAv7emNFZVNsK3YZe
saDw+ZD8dU2hOEr8VGb0iJ1QV1zi1eJRKgFHKS7SJrCkRVDVVNqcmcMKSERv
-----END CERTIFICATE-----