Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ab46f61c-c8b0-4cea-811a-40e5b23b04dd.roa
File:                     ab46f61c-c8b0-4cea-811a-40e5b23b04dd.roa (raw, json)
Hash identifier:          xnuX+A3K8VaiT8I4DxisnuZEF167MWGVuMNo8alI2nw=
Subject key identifier:   18:E6:89:AB:6D:66:3A:78:4E:21:87:3B:79:F4:78:1E:C3:38:DE:46
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       38163178CC7CBD0E85E444D1E29D0727D1FEA22E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ab46f61c-c8b0-4cea-811a-40e5b23b04dd.roa
Signing time:             Sat 18 Oct 2025 03:00:08 +0000
ROA not before:           Sat 18 Oct 2025 03:00:08 +0000
ROA not after:            Sat 22 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f18::/35 maxlen: 35
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:16:31:78:cc:7c:bd:0e:85:e4:44:d1:e2:9d:07:27:d1:fe:a2:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 18 03:00:08 2025 GMT
            Not After : Nov 22 23:59:59 2025 GMT
        Subject: serialNumber=99dbfdc021784a848cdb3b2612373a6997927aaffc9baeeb6124d3393b1150c3, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:70:c4:91:63:ec:50:e3:87:69:08:6a:27:6f:
                    45:60:05:06:75:74:83:f2:3b:58:de:9d:99:64:ec:
                    5f:1c:7e:c2:1f:ed:a5:37:0b:ec:e4:b1:c8:ad:29:
                    a9:43:45:26:08:af:c6:8f:ad:8f:d9:96:c6:97:bd:
                    2c:7d:68:cf:30:22:27:ca:81:48:97:49:89:d9:3a:
                    3e:fd:ec:a4:b4:ae:b2:2a:48:04:de:95:bc:d1:85:
                    d9:e6:7b:0a:e2:9b:3d:14:89:4c:8e:e0:cc:94:c6:
                    41:7a:da:f6:fd:7b:e5:ba:81:3c:6d:95:40:a7:bd:
                    6c:c2:6b:04:c1:c2:dd:40:2f:2d:16:c2:4d:df:5b:
                    3b:ba:06:b8:ea:a2:96:bc:a5:57:a6:ba:27:ec:4f:
                    71:f3:bf:cd:9e:5c:17:af:b5:6e:28:22:1e:30:39:
                    32:e8:8b:60:3d:24:0d:1e:97:37:ad:7d:5b:32:c6:
                    ad:c4:94:1d:ea:27:90:7f:71:a3:e1:f2:a8:3c:fd:
                    3d:8c:90:61:9b:e7:7f:36:3f:c4:31:c7:37:a5:25:
                    22:ed:40:2e:5d:2a:b5:8e:84:62:e1:82:e6:89:96:
                    cd:80:44:d5:7e:af:f3:75:b2:fc:ea:8c:02:06:61:
                    66:25:88:63:d9:42:75:4b:9c:7a:4e:d9:7b:5b:e0:
                    ec:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:E6:89:AB:6D:66:3A:78:4E:21:87:3B:79:F4:78:1E:C3:38:DE:46
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ab46f61c-c8b0-4cea-811a-40e5b23b04dd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f18::/35

    Signature Algorithm: sha256WithRSAEncryption
         73:59:e6:68:86:d4:e4:77:93:79:ee:b5:35:af:9d:a8:2a:2b:
         b5:1e:4a:a7:28:18:f7:32:cf:ba:75:2c:c4:e2:89:29:0b:9d:
         42:42:6a:4f:01:44:de:8e:c2:46:91:c7:81:f8:3f:ab:8f:fa:
         17:28:1b:b9:6c:84:cf:72:9f:83:53:d3:5e:0a:e9:e3:19:a1:
         8a:70:f7:6c:93:b8:f3:f9:27:4c:c2:90:2a:fc:b0:07:2d:8f:
         9b:50:c0:f1:53:3e:a0:9c:84:64:8a:56:29:79:58:a2:9b:09:
         bb:03:02:ad:2b:f7:67:65:2b:fa:1c:ad:d9:d3:95:f2:57:f7:
         1b:7a:6a:8d:82:80:8f:43:05:1a:c1:08:c4:44:3b:11:6c:f1:
         76:bc:eb:fe:1f:35:f1:c2:99:0f:23:b9:01:eb:01:b9:68:52:
         e6:5e:c7:3a:a0:b6:82:77:1d:9b:6e:e0:5d:11:91:f2:40:73:
         c9:d6:6d:e7:bf:ad:55:26:75:32:a2:c4:d7:c3:c7:d6:b5:d8:
         14:7a:e1:c8:22:75:cf:9f:fa:3e:0b:d2:2f:0c:e5:63:22:6a:
         8c:c7:ce:e0:fc:05:3c:da:ef:71:f7:05:d1:56:dd:da:69:6e:
         98:af:ec:b5:14:e7:63:f0:1c:1b:99:d6:22:11:b7:91:c6:83:
         4f:15:ac:c3
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUOBYxeMx8vQ6F5ETR4p0HJ9H+oi4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE4MDMwMDA4WhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A5OWRiZmRjMDIxNzg0YTg0OGNkYjNiMjYxMjM3M2E2OTk3
OTI3YWFmZmM5YmFlZWI2MTI0ZDMzOTNiMTE1MGMzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDocMSRY+xQ44dpCGonb0VgBQZ1dIPyO1jenZlk7F8cfsIf
7aU3C+zkscitKalDRSYIr8aPrY/ZlsaXvSx9aM8wIifKgUiXSYnZOj797KS0rrIq
SATelbzRhdnmewrimz0UiUyO4MyUxkF62vb9e+W6gTxtlUCnvWzCawTBwt1ALy0W
wk3fWzu6Brjqopa8pVemuifsT3Hzv82eXBevtW4oIh4wOTLoi2A9JA0elzetfVsy
xq3ElB3qJ5B/caPh8qg8/T2MkGGb5382P8QxxzelJSLtQC5dKrWOhGLhguaJls2A
RNV+r/N1svzqjAIGYWYliGPZQnVLnHpO2Xtb4OxfAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUGOaJq21mOnhOIYc7efR4HsM43kYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FiNDZmNjFjLWM4YjAtNGNlYS04MTFhLTQwZTViMjNiMDRkZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgUmAB8YADANBgkqhkiG9w0BAQsFAAOCAQEAc1nmaIbU5HeTee61Na+dqCor
tR5KpygY9zLPunUsxOKJKQudQkJqTwFE3o7CRpHHgfg/q4/6FygbuWyEz3Kfg1PT
Xgrp4xmhinD3bJO48/knTMKQKvywBy2Pm1DA8VM+oJyEZIpWKXlYopsJuwMCrSv3
Z2Ur+hyt2dOV8lf3G3pqjYKAj0MFGsEIxEQ7EWzxdrzr/h818cKZDyO5AesBuWhS
5l7HOqC2gncdm27gXRGR8kBzydZt57+tVSZ1MqLE18PH1rXYFHrhyCJ1z5/6PgvS
LwzlYyJqjMfO4PwFPNrvcfcF0Vbd2mlumK/stRTnY/AcG5nWIhG3kcaDTxWsww==
-----END CERTIFICATE-----