Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c9868705-9902-4e3c-8621-591fc3d61f79.roa
File:                     c9868705-9902-4e3c-8621-591fc3d61f79.roa (raw, json)
Hash identifier:          O2HkiQZX2RP96uvC64o0rRI/YP2Sg8zz2X8Sge1XXgk=
Subject key identifier:   58:0F:A7:56:8F:33:C8:4D:03:02:06:0C:4C:78:00:0D:87:ED:89:87
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       199890B3149D2421313AE55C0B08EFCD50A94F35
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c9868705-9902-4e3c-8621-591fc3d61f79.roa
Signing time:             Sat 04 Oct 2025 00:38:17 +0000
ROA not before:           Sat 04 Oct 2025 00:38:17 +0000
ROA not after:            Sat 08 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f38:8090::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:98:90:b3:14:9d:24:21:31:3a:e5:5c:0b:08:ef:cd:50:a9:4f:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  4 00:38:17 2025 GMT
            Not After : Nov  8 23:59:59 2025 GMT
        Subject: serialNumber=bb373d3e970784cb0c5f8e2bc88df7b1e72b53d1a8295d227c644e5d54fb2815, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:b0:c6:a2:5e:48:aa:75:6a:4c:13:69:10:c1:
                    92:35:7b:cd:cf:ee:6d:74:18:fd:83:33:47:fa:23:
                    00:7e:1b:fd:ef:7d:25:f7:75:11:48:b5:9d:5a:60:
                    e6:37:65:98:ac:ab:da:a1:ef:89:18:66:0e:c8:4d:
                    cc:fc:72:b4:a6:15:f7:74:fa:56:8b:e4:40:10:62:
                    cd:54:a0:cb:57:44:52:c9:da:c8:db:26:1f:c4:a3:
                    f0:46:d3:03:38:03:06:55:d5:36:7e:b5:86:79:ed:
                    df:cf:9c:e3:e1:a8:41:ba:06:b3:fb:ea:0b:d8:57:
                    5c:00:b4:5d:fd:93:23:fe:80:b5:04:56:15:97:6d:
                    4e:9e:25:88:60:d3:b9:cd:33:95:28:ba:f9:26:53:
                    2b:23:53:76:4a:5b:c6:a4:23:bd:f9:d0:72:39:81:
                    ab:23:28:e7:0a:ae:a4:02:f9:a4:9a:1a:e6:25:92:
                    16:27:57:06:97:7e:4f:bf:ac:ba:58:42:91:3a:1f:
                    52:4e:ec:cc:ad:ba:52:81:08:63:49:72:42:31:26:
                    5b:8c:2b:20:0d:bf:7d:4c:58:21:ff:95:3c:f8:3f:
                    60:38:36:7a:cf:11:57:39:9b:86:a3:bc:f7:33:6d:
                    08:dc:12:d5:a9:05:58:3f:85:44:a3:5f:64:21:59:
                    4e:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:0F:A7:56:8F:33:C8:4D:03:02:06:0C:4C:78:00:0D:87:ED:89:87
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c9868705-9902-4e3c-8621-591fc3d61f79.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f38:8090::/48

    Signature Algorithm: sha256WithRSAEncryption
         02:da:f2:bd:72:7e:0d:ef:03:9b:ba:be:f1:04:9e:64:76:20:
         d3:23:34:c1:d2:d1:16:ba:56:b9:4e:bf:36:f1:54:f0:18:57:
         16:56:c5:56:85:67:1d:26:dd:7f:cb:6e:89:5f:a2:4f:f6:05:
         b8:a2:6d:95:5b:af:d2:d4:78:0f:42:da:63:5f:e5:c2:88:37:
         32:64:95:66:be:fd:e0:e2:f7:61:0a:7a:a4:14:ed:b4:fb:91:
         e6:11:e0:f6:d5:3b:9f:6c:85:4d:8d:b7:6e:af:1b:e6:66:6c:
         95:65:6c:22:e5:af:6e:fd:cb:08:a6:e6:f6:0c:53:2c:23:a2:
         02:dc:5a:37:6c:9b:88:23:74:12:9f:fa:9e:c6:ea:3c:7a:78:
         74:f5:d5:65:bc:64:c6:e7:bc:9a:f1:8d:5d:a2:93:b5:37:6f:
         ba:31:23:76:80:ad:dd:67:5f:36:98:e7:05:be:44:b7:ed:3d:
         55:08:2e:d2:da:96:fe:46:77:75:06:91:c4:8c:27:52:2f:f4:
         10:c9:21:08:71:71:c4:5e:58:5b:6a:34:5d:8e:1f:7d:b4:c1:
         ff:e3:d0:ea:e8:f4:bc:79:3f:fe:5c:1b:cf:52:d6:57:df:fa:
         c8:39:85:b5:53:13:56:78:1f:d5:0e:39:3c:71:b7:48:b3:41:
         62:de:3a:ee
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUGZiQsxSdJCExOuVcCwjvzVCpTzUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA0MDAzODE3WhcNMjUxMTA4MjM1OTU5
WjB6MUkwRwYDVQQFE0BiYjM3M2QzZTk3MDc4NGNiMGM1ZjhlMmJjODhkZjdiMWU3
MmI1M2QxYTgyOTVkMjI3YzY0NGU1ZDU0ZmIyODE1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDAsMaiXkiqdWpME2kQwZI1e83P7m10GP2DM0f6IwB+G/3v
fSX3dRFItZ1aYOY3ZZisq9qh74kYZg7ITcz8crSmFfd0+laL5EAQYs1UoMtXRFLJ
2sjbJh/Eo/BG0wM4AwZV1TZ+tYZ57d/PnOPhqEG6BrP76gvYV1wAtF39kyP+gLUE
VhWXbU6eJYhg07nNM5UouvkmUysjU3ZKW8akI7350HI5gasjKOcKrqQC+aSaGuYl
khYnVwaXfk+/rLpYQpE6H1JO7MytulKBCGNJckIxJluMKyANv31MWCH/lTz4P2A4
NnrPEVc5m4ajvPczbQjcEtWpBVg/hUSjX2QhWU47AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUWA+nVo8zyE0DAgYMTHgADYftiYcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M5ODY4NzA1LTk5MDItNGUzYy04NjIxLTU5MWZjM2Q2MWY3OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB84gJAwDQYJKoZIhvcNAQELBQADggEBAALa8r1yfg3vA5u6vvEEnmR2
INMjNMHS0Ra6VrlOvzbxVPAYVxZWxVaFZx0m3X/Lbolfok/2BbiibZVbr9LUeA9C
2mNf5cKINzJklWa+/eDi92EKeqQU7bT7keYR4PbVO59shU2Nt26vG+ZmbJVlbCLl
r279ywim5vYMUywjogLcWjdsm4gjdBKf+p7G6jx6eHT11WW8ZMbnvJrxjV2ik7U3
b7oxI3aArd1nXzaY5wW+RLftPVUILtLalv5Gd3UGkcSMJ1Iv9BDJIQhxccReWFtq
NF2OH320wf/j0Oro9Lx5P/5cG89S1lff+sg5hbVTE1Z4H9UOOTxxt0izQWLeOu4=
-----END CERTIFICATE-----