Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c229c308-822f-45de-8ac2-20ec90d0aa43.roa
File:                     c229c308-822f-45de-8ac2-20ec90d0aa43.roa (raw, json)
Hash identifier:          Ue3Y5fmfXnzaX4BbZhYVMAaHeFdqzYCXP/UAymFenyc=
Subject key identifier:   7A:C7:6C:59:7E:D9:3D:1E:F8:06:F4:72:84:04:28:37:54:EE:A5:32
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       568BCFDBC22C9AEC9E92A63C4783AFB9F256C8B4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c229c308-822f-45de-8ac2-20ec90d0aa43.roa
Signing time:             Tue 07 Oct 2025 00:42:50 +0000
ROA not before:           Tue 07 Oct 2025 00:42:50 +0000
ROA not after:            Tue 11 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1fee:2000::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:8b:cf:db:c2:2c:9a:ec:9e:92:a6:3c:47:83:af:b9:f2:56:c8:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  7 00:42:50 2025 GMT
            Not After : Nov 11 23:59:59 2025 GMT
        Subject: serialNumber=d0f939a7a04879d978b4b06c57d373b030cef80e77c4bd66e86117d2b3b3f84d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:e1:06:01:be:e4:32:a3:0b:b6:57:07:d8:06:
                    8e:d6:72:15:2f:4f:de:2f:1b:8a:9e:24:7f:b4:31:
                    95:5b:cf:36:41:ff:10:2f:e1:a1:43:db:94:1a:92:
                    d9:12:54:f2:e9:0b:32:56:fd:d2:7a:2a:26:76:d9:
                    bb:9c:44:41:35:11:80:53:79:8f:1f:9e:c5:74:df:
                    63:9d:06:20:1e:e0:a4:22:dd:0e:04:db:72:ce:26:
                    30:2a:a4:05:dc:c1:c3:21:19:ca:ba:32:34:26:d5:
                    e7:41:93:be:39:27:b0:0c:17:15:73:da:3c:f1:00:
                    88:af:b9:98:ae:71:d4:36:22:b8:01:33:bb:17:69:
                    28:c9:32:45:3e:c4:eb:24:69:50:d7:0c:bd:d8:eb:
                    61:42:c7:dc:ab:42:b7:ed:7e:6c:f2:4a:96:97:47:
                    9b:5e:97:db:90:fe:7e:e1:a7:3c:cb:12:18:ff:66:
                    a9:c7:42:5d:28:7c:47:a0:1b:63:01:67:f2:55:49:
                    89:61:b8:a9:49:6c:94:bb:84:4a:a1:90:1e:94:6b:
                    57:ab:67:e4:73:ec:29:06:ef:b3:62:1f:4f:9c:1e:
                    88:76:75:58:b5:f8:e8:1f:db:3a:31:fb:66:14:76:
                    b0:f1:0e:de:db:6f:1a:71:70:2b:ce:b8:1c:f8:62:
                    cc:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:C7:6C:59:7E:D9:3D:1E:F8:06:F4:72:84:04:28:37:54:EE:A5:32
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c229c308-822f-45de-8ac2-20ec90d0aa43.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fee:2000::/40

    Signature Algorithm: sha256WithRSAEncryption
         78:f0:9d:24:2e:3a:02:6a:0d:0e:3c:5e:ce:6a:9a:56:91:76:
         88:89:40:40:88:2a:38:c7:5f:27:31:51:a6:86:3f:23:10:e4:
         52:d1:9e:cf:d2:d8:da:ab:7a:03:2b:92:0d:6f:52:de:1f:b6:
         fe:69:cb:14:ac:24:d8:6a:c2:20:c1:6e:ff:5c:48:f2:e6:ae:
         ff:78:b1:fe:5d:4b:0d:3f:92:c0:ea:78:65:d4:f3:a2:fe:45:
         e1:ec:83:82:01:9c:4a:be:b4:ff:7c:14:65:b4:5b:21:0e:d4:
         ad:99:9f:ee:81:8d:d8:79:7d:9d:56:f4:ac:c5:2d:3e:0f:6f:
         63:eb:d9:a6:78:df:23:f7:57:19:60:62:47:c5:c9:bf:6d:a3:
         78:b3:fb:71:76:36:5d:57:e3:c5:10:05:e4:c8:8e:44:1f:2f:
         c9:a2:bc:c2:d6:9d:31:9f:20:04:01:71:62:82:01:de:cb:25:
         c8:0e:c4:1b:e2:d3:11:a9:10:58:e0:72:fd:20:3b:bb:4d:98:
         0b:76:e6:4b:19:2f:e1:21:2f:4c:19:9c:39:a3:cc:f9:ef:1f:
         74:9f:34:76:bc:47:af:ab:30:51:cd:42:ae:43:79:e9:80:ab:
         fd:95:d8:dc:07:7d:80:3f:f2:ef:95:ab:e1:83:be:88:f4:78:
         71:74:b9:33
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUVovP28IsmuyekqY8R4OvufJWyLQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA3MDA0MjUwWhcNMjUxMTExMjM1OTU5
WjB6MUkwRwYDVQQFE0BkMGY5MzlhN2EwNDg3OWQ5NzhiNGIwNmM1N2QzNzNiMDMw
Y2VmODBlNzdjNGJkNjZlODYxMTdkMmIzYjNmODRkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDL4QYBvuQyowu2VwfYBo7WchUvT94vG4qeJH+0MZVbzzZB
/xAv4aFD25QaktkSVPLpCzJW/dJ6KiZ22bucREE1EYBTeY8fnsV032OdBiAe4KQi
3Q4E23LOJjAqpAXcwcMhGcq6MjQm1edBk745J7AMFxVz2jzxAIivuZiucdQ2IrgB
M7sXaSjJMkU+xOskaVDXDL3Y62FCx9yrQrftfmzySpaXR5tel9uQ/n7hpzzLEhj/
ZqnHQl0ofEegG2MBZ/JVSYlhuKlJbJS7hEqhkB6Ua1erZ+Rz7CkG77NiH0+cHoh2
dVi1+Ogf2zox+2YUdrDxDt7bbxpxcCvOuBz4YszBAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUesdsWX7ZPR74BvRyhAQoN1TupTIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2MyMjljMzA4LTgyMmYtNDVkZS04YWMyLTIwZWM5MGQwYWE0My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/uIDANBgkqhkiG9w0BAQsFAAOCAQEAePCdJC46AmoNDjxezmqaVpF2
iIlAQIgqOMdfJzFRpoY/IxDkUtGez9LY2qt6AyuSDW9S3h+2/mnLFKwk2GrCIMFu
/1xI8uau/3ix/l1LDT+SwOp4ZdTzov5F4eyDggGcSr60/3wUZbRbIQ7UrZmf7oGN
2Hl9nVb0rMUtPg9vY+vZpnjfI/dXGWBiR8XJv22jeLP7cXY2XVfjxRAF5MiORB8v
yaK8wtadMZ8gBAFxYoIB3sslyA7EG+LTEakQWOBy/SA7u02YC3bmSxkv4SEvTBmc
OaPM+e8fdJ80drxHr6swUc1CrkN56YCr/ZXY3Ad9gD/y75Wr4YO+iPR4cXS5Mw==
-----END CERTIFICATE-----