Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c6d20c73-e796-4efb-9469-1066893d0818.roa
File:                     c6d20c73-e796-4efb-9469-1066893d0818.roa (raw, json)
Hash identifier:          RoPv7KDNs7JDw225gcCLgR+C4oVvaaoMrtUJb1OS8wk=
Subject key identifier:   A7:48:C3:5D:00:71:E0:80:D6:E2:FB:E2:0F:00:A6:2C:BA:58:03:2D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       50DC7EA322559C31F2D5972597D58D1BBE20B398
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c6d20c73-e796-4efb-9469-1066893d0818.roa
Signing time:             Fri 03 Oct 2025 00:21:19 +0000
ROA not before:           Fri 03 Oct 2025 00:21:19 +0000
ROA not after:            Fri 07 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f24::/36 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:dc:7e:a3:22:55:9c:31:f2:d5:97:25:97:d5:8d:1b:be:20:b3:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  3 00:21:19 2025 GMT
            Not After : Nov  7 23:59:59 2025 GMT
        Subject: serialNumber=6b1fe87a6252c3d0ac2add6dbea6939b9eb6efa02789a9d3faed52987f077fcb, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:ed:0e:ea:ea:87:1b:fc:d5:b3:9a:d4:38:4d:
                    bf:dc:0e:af:82:b6:a2:31:08:5f:cc:c6:1c:5b:28:
                    ac:f8:ef:8a:0f:34:b8:95:26:21:05:14:2e:ef:db:
                    92:01:39:66:2c:e2:21:c9:94:52:56:6e:f0:5c:53:
                    bb:82:53:02:06:eb:71:90:b7:c2:2e:e1:70:32:3b:
                    21:4c:7b:fe:27:e6:f1:c8:63:49:dc:5c:48:c3:07:
                    60:39:29:64:73:55:e0:3e:0e:9d:6c:17:c8:6d:f8:
                    18:26:8b:f7:50:83:04:8b:27:02:4f:28:ae:f3:0d:
                    38:25:90:bc:56:87:68:b7:23:e2:f0:92:3a:9b:c4:
                    8d:f4:85:32:81:ec:84:98:9b:b5:23:7a:67:ec:3c:
                    01:01:68:53:80:3b:0d:b5:8d:1a:81:b6:dd:af:46:
                    45:8a:41:7b:ec:dc:07:5c:02:06:72:ff:6a:74:74:
                    65:30:3d:f7:fc:ea:46:8a:bf:3b:29:3c:64:5e:51:
                    9e:67:91:b0:48:df:7d:9d:3d:a9:96:3b:ef:6d:c3:
                    d3:1f:55:56:63:72:85:23:c6:d3:25:06:df:cb:95:
                    cd:31:14:a0:74:92:1f:a4:1f:8d:5a:cf:31:51:71:
                    56:99:da:b7:9e:10:25:f4:a3:ec:49:c0:92:49:3b:
                    6b:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:48:C3:5D:00:71:E0:80:D6:E2:FB:E2:0F:00:A6:2C:BA:58:03:2D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c6d20c73-e796-4efb-9469-1066893d0818.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f24::/36

    Signature Algorithm: sha256WithRSAEncryption
         0a:23:cf:36:e5:ac:b4:01:13:6e:e3:89:dc:cb:b1:66:fe:24:
         4c:d0:6c:a8:84:a3:9a:a6:94:27:d7:9c:b8:27:14:8e:05:04:
         79:80:9e:d9:af:42:51:3e:2c:35:df:c4:35:dc:58:b0:bc:ab:
         7b:15:cf:31:d7:a3:8f:ff:87:1d:66:10:98:1d:45:4d:e9:1d:
         71:da:85:85:b4:d4:d7:f9:b9:b7:83:77:85:48:5a:50:ba:32:
         d8:82:8c:1a:f1:6b:f0:e4:f9:7f:20:db:3d:0b:35:70:98:1f:
         64:a0:b4:a8:d3:ae:3e:84:a0:1a:27:db:10:1f:37:e6:df:06:
         de:eb:35:e0:99:36:28:64:59:1b:8c:4e:50:d1:69:12:34:33:
         5c:ca:ec:24:e4:28:1a:78:4f:3c:a5:73:17:94:83:b8:af:24:
         aa:15:5c:13:b5:80:18:46:d8:4a:e0:aa:eb:bb:9c:65:70:cd:
         02:5f:40:fb:c2:f5:44:d2:64:b4:42:e2:a6:aa:78:20:9f:95:
         bf:53:f8:1a:b3:67:23:f4:69:b7:ba:d4:0d:25:0e:60:ac:37:
         e5:de:a5:6f:74:29:c2:35:ed:7a:ac:34:ba:95:10:14:fe:a5:
         c1:64:23:37:fc:07:30:e1:16:e2:69:9e:4a:8b:c4:dc:91:8b:
         d9:bb:bc:c4
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUUNx+oyJVnDHy1Zcll9WNG74gs5gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAzMDAyMTE5WhcNMjUxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A2YjFmZTg3YTYyNTJjM2QwYWMyYWRkNmRiZWE2OTM5Yjll
YjZlZmEwMjc4OWE5ZDNmYWVkNTI5ODdmMDc3ZmNiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC17Q7q6ocb/NWzmtQ4Tb/cDq+CtqIxCF/MxhxbKKz474oP
NLiVJiEFFC7v25IBOWYs4iHJlFJWbvBcU7uCUwIG63GQt8Iu4XAyOyFMe/4n5vHI
Y0ncXEjDB2A5KWRzVeA+Dp1sF8ht+Bgmi/dQgwSLJwJPKK7zDTglkLxWh2i3I+Lw
kjqbxI30hTKB7ISYm7UjemfsPAEBaFOAOw21jRqBtt2vRkWKQXvs3AdcAgZy/2p0
dGUwPff86kaKvzspPGReUZ5nkbBI332dPamWO+9tw9MfVVZjcoUjxtMlBt/Llc0x
FKB0kh+kH41azzFRcVaZ2reeECX0o+xJwJJJO2sFAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUp0jDXQBx4IDW4vviDwCmLLpYAy0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M2ZDIwYzczLWU3OTYtNGVmYi05NDY5LTEwNjY4OTNkMDgxOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8kADANBgkqhkiG9w0BAQsFAAOCAQEACiPPNuWstAETbuOJ3MuxZv4k
TNBsqISjmqaUJ9ecuCcUjgUEeYCe2a9CUT4sNd/ENdxYsLyrexXPMdejj/+HHWYQ
mB1FTekdcdqFhbTU1/m5t4N3hUhaULoy2IKMGvFr8OT5fyDbPQs1cJgfZKC0qNOu
PoSgGifbEB835t8G3us14Jk2KGRZG4xOUNFpEjQzXMrsJOQoGnhPPKVzF5SDuK8k
qhVcE7WAGEbYSuCq67ucZXDNAl9A+8L1RNJktELipqp4IJ+Vv1P4GrNnI/Rpt7rU
DSUOYKw35d6lb3QpwjXteqw0upUQFP6lwWQjN/wHMOEW4mmeSovE3JGL2bu8xA==
-----END CERTIFICATE-----