Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c96d5347-7bf9-4984-b298-4dee0ceb88ed.roa
File:                     c96d5347-7bf9-4984-b298-4dee0ceb88ed.roa (raw, json)
Hash identifier:          bC4+bNT0xwz2pi21wDBn1T5fO9BZz63v8SFs8mNSGgY=
Subject key identifier:   89:34:7C:DF:EC:22:50:1F:53:14:AE:B1:88:F8:AB:91:A6:A2:9F:79
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4DDAE96B5CA0788570A0112D0C200313C6E13C18
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c96d5347-7bf9-4984-b298-4dee0ceb88ed.roa
Signing time:             Fri 17 Oct 2025 21:31:27 +0000
ROA not before:           Fri 17 Oct 2025 21:31:27 +0000
ROA not after:            Fri 21 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1fff:8060::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:da:e9:6b:5c:a0:78:85:70:a0:11:2d:0c:20:03:13:c6:e1:3c:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 17 21:31:27 2025 GMT
            Not After : Nov 21 23:59:59 2025 GMT
        Subject: serialNumber=1ec1fc25bcae5784348e817a3644a0227687b03ee47068497968830353634851, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:70:5e:1b:69:7c:2d:e6:18:cd:03:ce:0d:14:
                    46:3a:a4:dc:17:a0:01:fa:b6:65:c9:3c:3c:f4:cb:
                    f1:32:48:52:12:ba:a4:45:85:3b:e9:47:6d:65:bb:
                    6f:25:fc:11:c4:74:5c:40:9c:46:21:b4:34:ef:53:
                    af:f6:12:0a:bc:c5:d6:f7:f0:9d:3a:b0:9b:1e:38:
                    3c:e4:48:06:16:9f:c7:54:12:7d:14:cc:e3:a4:fa:
                    e0:c9:27:da:fa:98:cb:f9:b0:b8:fa:46:53:56:5b:
                    1c:46:bd:0b:1b:ae:7e:47:e8:2d:f7:36:90:12:e4:
                    46:4c:bb:ee:96:38:8c:1c:ca:8e:74:83:9c:7d:c4:
                    d1:8c:f0:a6:2c:2a:46:3a:7a:de:45:bc:cf:08:ae:
                    19:dd:fb:31:f4:f8:b3:9a:1f:e3:cb:19:6a:2d:cd:
                    84:11:6a:f8:cc:0f:6f:df:4a:ee:a2:cb:1c:c1:a0:
                    10:68:38:7b:61:16:ed:4f:3d:7f:ff:cc:ff:b4:5d:
                    2d:cc:d9:2f:80:93:25:9f:00:85:88:b0:c2:b3:0c:
                    d7:5b:f6:4c:12:ac:8d:d6:4d:47:33:68:0f:f2:42:
                    ff:8c:54:d5:c8:62:db:63:76:fa:87:6f:fb:3b:04:
                    59:b9:45:da:1d:48:4f:3b:17:5a:77:13:2c:47:41:
                    5f:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:34:7C:DF:EC:22:50:1F:53:14:AE:B1:88:F8:AB:91:A6:A2:9F:79
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c96d5347-7bf9-4984-b298-4dee0ceb88ed.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fff:8060::/48

    Signature Algorithm: sha256WithRSAEncryption
         37:f6:37:97:d3:be:f0:1c:46:30:60:bd:fb:3f:b9:f5:15:16:
         39:eb:be:75:2b:73:c9:b6:a1:25:fb:c3:80:98:29:bc:49:96:
         b2:50:73:de:15:ec:00:63:24:38:57:ed:ea:ac:9e:d4:8d:97:
         ac:d1:6b:86:ec:2a:a2:69:10:74:79:40:9f:ba:d3:b5:b8:f3:
         90:63:ce:b3:fc:e1:bf:a6:61:9e:39:8b:91:06:38:66:bd:fb:
         e4:43:81:a4:8e:5f:1b:c1:40:8f:3e:d8:eb:59:f6:da:b5:60:
         5e:fd:fd:b6:36:a4:65:1c:8f:6a:12:fb:a0:c5:ca:0c:92:84:
         dc:38:80:31:ce:e2:69:e6:b9:c8:fe:1e:5a:30:a9:49:e7:5e:
         2d:80:b5:44:49:14:62:5c:49:c2:9a:c3:51:fd:e0:15:b8:ca:
         ce:71:08:a9:05:44:09:1e:3c:d4:5a:a5:95:c3:f9:01:3b:c7:
         d2:6d:47:97:37:50:a4:fa:d6:89:6e:d7:b9:53:df:ed:27:57:
         9a:db:f5:ae:c5:e2:b3:11:cb:72:85:17:c4:c4:ab:11:4a:bf:
         f4:03:83:4f:41:48:06:3c:b5:28:2b:26:9f:98:91:86:e2:15:
         2d:f9:92:d6:31:56:25:c8:9a:29:78:b0:6a:de:40:28:4a:dc:
         80:31:c5:77
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUTdrpa1ygeIVwoBEtDCADE8bhPBgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE3MjEzMTI3WhcNMjUxMTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0AxZWMxZmMyNWJjYWU1Nzg0MzQ4ZTgxN2EzNjQ0YTAyMjc2
ODdiMDNlZTQ3MDY4NDk3OTY4ODMwMzUzNjM0ODUxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2cF4baXwt5hjNA84NFEY6pNwXoAH6tmXJPDz0y/EySFIS
uqRFhTvpR21lu28l/BHEdFxAnEYhtDTvU6/2Egq8xdb38J06sJseODzkSAYWn8dU
En0UzOOk+uDJJ9r6mMv5sLj6RlNWWxxGvQsbrn5H6C33NpAS5EZMu+6WOIwcyo50
g5x9xNGM8KYsKkY6et5FvM8Irhnd+zH0+LOaH+PLGWotzYQRavjMD2/fSu6iyxzB
oBBoOHthFu1PPX//zP+0XS3M2S+AkyWfAIWIsMKzDNdb9kwSrI3WTUczaA/yQv+M
VNXIYttjdvqHb/s7BFm5RdodSE87F1p3EyxHQV99AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUiTR83+wiUB9TFK6xiPirkaain3kwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M5NmQ1MzQ3LTdiZjktNDk4NC1iMjk4LTRkZWUwY2ViODhlZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB//gGAwDQYJKoZIhvcNAQELBQADggEBADf2N5fTvvAcRjBgvfs/ufUV
FjnrvnUrc8m2oSX7w4CYKbxJlrJQc94V7ABjJDhX7eqsntSNl6zRa4bsKqJpEHR5
QJ+607W485BjzrP84b+mYZ45i5EGOGa9++RDgaSOXxvBQI8+2OtZ9tq1YF79/bY2
pGUcj2oS+6DFygyShNw4gDHO4mnmucj+HlowqUnnXi2AtURJFGJcScKaw1H94BW4
ys5xCKkFRAkePNRapZXD+QE7x9JtR5c3UKT61olu17lT3+0nV5rb9a7F4rMRy3KF
F8TEqxFKv/QDg09BSAY8tSgrJp+YkYbiFS35ktYxViXImil4sGreQChK3IAxxXc=
-----END CERTIFICATE-----