Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/af587f49-38bf-4b30-8bc9-8c7823a6b805.roa
File:                     af587f49-38bf-4b30-8bc9-8c7823a6b805.roa (raw, json)
Hash identifier:          mt3ukRsIH5q7g4WlWwIbbmb9BVVJGaJoYTXyT9JtCA4=
Subject key identifier:   76:D8:21:B8:6A:BF:D5:CA:0E:20:57:69:53:5B:BD:58:16:02:21:C9
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3BCBE13212AFD84F069C79CD20EF3D5C952BC8F7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/af587f49-38bf-4b30-8bc9-8c7823a6b805.roa
Signing time:             Fri 17 Oct 2025 20:11:20 +0000
ROA not before:           Fri 17 Oct 2025 20:11:20 +0000
ROA not after:            Fri 21 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1fff:8120::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:cb:e1:32:12:af:d8:4f:06:9c:79:cd:20:ef:3d:5c:95:2b:c8:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 17 20:11:20 2025 GMT
            Not After : Nov 21 23:59:59 2025 GMT
        Subject: serialNumber=25a58e9fd49a2266c52a2a162dcc501de04846792f2b45240b88117a66ecb645, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:1a:e7:54:df:eb:c8:a4:a3:4c:ce:e8:1e:a5:
                    73:e8:59:2e:0e:7d:bf:bd:54:7f:95:80:96:83:30:
                    88:7b:ba:de:78:57:a3:1e:0e:28:40:d5:9d:6a:4e:
                    42:38:3d:5f:a3:dc:c0:44:24:1e:c9:64:e1:82:11:
                    4a:08:31:80:b0:38:07:70:8d:ac:a8:cd:ac:ed:a3:
                    35:1f:70:64:20:91:de:bb:01:89:12:26:ae:64:f9:
                    ee:bc:a4:ce:1e:d5:b7:2b:4b:ab:d1:f8:1e:ac:d3:
                    90:f5:40:7f:c5:e1:81:f5:1e:9c:db:62:c1:cf:2a:
                    95:33:91:8a:aa:98:dc:63:22:0f:97:b3:e9:4b:85:
                    2e:18:bb:da:53:5d:ad:1b:81:44:12:d8:a4:0b:24:
                    73:b5:a4:28:dd:ab:b1:d4:f0:11:2a:67:d6:de:03:
                    bb:8b:e2:11:3c:4b:2e:0c:75:70:58:03:5a:4c:cb:
                    93:6c:ec:16:44:29:14:b7:7c:fd:51:45:13:a3:16:
                    93:f0:17:53:06:58:0a:51:11:e9:56:6f:90:9c:5e:
                    f7:b3:ae:44:dd:56:04:3b:65:ae:c3:ae:a3:9c:5f:
                    9a:b3:8e:58:b6:71:a8:6f:d2:2f:c6:36:09:2b:df:
                    35:d9:28:65:bf:c2:71:a3:e7:5c:dc:17:74:d9:6a:
                    82:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:D8:21:B8:6A:BF:D5:CA:0E:20:57:69:53:5B:BD:58:16:02:21:C9
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/af587f49-38bf-4b30-8bc9-8c7823a6b805.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fff:8120::/48

    Signature Algorithm: sha256WithRSAEncryption
         0e:12:e6:e4:73:7f:9c:04:61:fa:60:b0:8a:c4:19:e7:9e:0d:
         c6:27:dc:30:f4:e1:91:bb:26:c7:97:f6:b4:09:20:e2:24:61:
         a5:ca:ca:5a:00:b2:36:67:38:25:97:2a:85:26:4a:b3:d3:a6:
         54:3e:57:e5:24:94:37:62:66:f0:0e:c8:a3:62:96:a5:e3:c2:
         3a:94:d4:eb:1f:86:82:5a:07:cb:4e:34:a2:47:23:26:39:72:
         e7:86:40:96:bd:d2:cd:13:0d:6c:67:08:c7:e7:71:e7:8d:c0:
         af:84:c4:0c:0f:14:ca:ba:07:11:b5:b5:55:5c:f5:e6:a8:76:
         7e:39:3a:5b:9a:5d:7d:6b:be:f4:17:e7:6a:cc:c3:89:7a:41:
         eb:50:9d:a8:35:9a:95:9f:28:aa:5b:7f:9b:af:fc:24:25:17:
         80:7d:86:b5:7e:38:46:03:05:56:44:ff:07:42:67:1b:dd:91:
         e1:d4:53:be:e1:db:66:63:ad:9d:e5:14:fe:b2:58:92:d0:b6:
         81:ba:d6:40:7f:78:1c:b7:84:8d:b6:c0:17:2c:8b:cb:e4:1a:
         ce:b7:b1:3f:75:f4:44:89:40:8a:ee:2b:57:24:2f:12:f6:d9:
         d9:66:b6:6e:88:7e:51:40:2e:58:ec:0d:e0:50:a2:aa:c1:1b:
         d8:3f:0f:69
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUO8vhMhKv2E8GnHnNIO89XJUryPcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE3MjAxMTIwWhcNMjUxMTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0AyNWE1OGU5ZmQ0OWEyMjY2YzUyYTJhMTYyZGNjNTAxZGUw
NDg0Njc5MmYyYjQ1MjQwYjg4MTE3YTY2ZWNiNjQ1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4GudU3+vIpKNMzugepXPoWS4Ofb+9VH+VgJaDMIh7ut54
V6MeDihA1Z1qTkI4PV+j3MBEJB7JZOGCEUoIMYCwOAdwjayozaztozUfcGQgkd67
AYkSJq5k+e68pM4e1bcrS6vR+B6s05D1QH/F4YH1HpzbYsHPKpUzkYqqmNxjIg+X
s+lLhS4Yu9pTXa0bgUQS2KQLJHO1pCjdq7HU8BEqZ9beA7uL4hE8Sy4MdXBYA1pM
y5Ns7BZEKRS3fP1RRROjFpPwF1MGWApREelWb5CcXvezrkTdVgQ7Za7DrqOcX5qz
jli2cahv0i/GNgkr3zXZKGW/wnGj51zcF3TZaoKLAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUdtghuGq/1coOIFdpU1u9WBYCIckwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FmNTg3ZjQ5LTM4YmYtNGIzMC04YmM5LThjNzgyM2E2YjgwNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB//gSAwDQYJKoZIhvcNAQELBQADggEBAA4S5uRzf5wEYfpgsIrEGeee
DcYn3DD04ZG7JseX9rQJIOIkYaXKyloAsjZnOCWXKoUmSrPTplQ+V+UklDdiZvAO
yKNilqXjwjqU1OsfhoJaB8tONKJHIyY5cueGQJa90s0TDWxnCMfnceeNwK+ExAwP
FMq6BxG1tVVc9eaodn45OluaXX1rvvQX52rMw4l6QetQnag1mpWfKKpbf5uv/CQl
F4B9hrV+OEYDBVZE/wdCZxvdkeHUU77h22ZjrZ3lFP6yWJLQtoG61kB/eBy3hI22
wBcsi8vkGs63sT919ESJQIruK1ckLxL22dlmtm6IflFALljsDeBQoqrBG9g/D2k=
-----END CERTIFICATE-----