Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cc79b728-6509-4ac0-bcf7-f83bbe125322.roa
File:                     cc79b728-6509-4ac0-bcf7-f83bbe125322.roa (raw, json)
Hash identifier:          67JUT77HVzNIpY/3Zt0DYBpl7cdtZelHwDF0jfHGZBU=
Subject key identifier:   CA:F9:85:77:73:9E:11:35:BB:05:FE:AA:C9:CE:63:FA:7D:63:EB:9B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0BE36019641B0095B63BB6068F255C4F689D3428
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cc79b728-6509-4ac0-bcf7-f83bbe125322.roa
Signing time:             Sat 18 Oct 2025 03:10:57 +0000
ROA not before:           Sat 18 Oct 2025 03:10:57 +0000
ROA not after:            Sat 22 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f1a:8000::/36 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:e3:60:19:64:1b:00:95:b6:3b:b6:06:8f:25:5c:4f:68:9d:34:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 18 03:10:57 2025 GMT
            Not After : Nov 22 23:59:59 2025 GMT
        Subject: serialNumber=f6e6eed5bcec474418e1a62ee3e2191de4645b73dc5b7cc372de8070b54eded7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:ab:60:1f:f3:f0:1f:cc:c6:39:bd:57:ae:62:
                    44:fd:20:1e:47:95:19:01:fb:69:ff:80:81:61:05:
                    32:5e:b6:cc:66:3b:53:bf:92:91:d1:bb:4e:d1:6b:
                    bd:c5:65:f3:57:ed:66:f0:0f:a2:4a:3b:c2:95:4c:
                    ff:4a:1b:68:c5:e4:b1:77:fb:d2:61:ee:59:84:07:
                    c5:f8:c8:c9:a7:3e:8b:70:df:19:33:59:f3:65:c5:
                    6d:5a:e1:29:e2:53:70:5c:2c:cf:44:3a:b7:fa:93:
                    91:fc:50:0d:97:a2:a4:94:9a:ad:a9:9a:b7:f8:60:
                    52:d2:79:d2:fe:0a:2c:60:d2:95:0c:33:c4:95:d7:
                    87:7c:1f:32:dd:a3:a3:d7:90:6e:76:c0:0c:71:58:
                    fb:b3:bd:86:0f:70:ab:7d:7f:be:4b:4e:45:85:4d:
                    c7:08:29:29:69:9f:d7:1f:43:68:3f:01:9e:e4:68:
                    dc:60:23:94:13:37:74:7c:56:60:0a:50:3c:78:08:
                    45:12:5b:f3:f4:ee:ea:f4:9a:d8:47:f2:72:19:d8:
                    66:db:e4:a2:18:d2:9f:57:01:f9:cb:36:3d:1f:74:
                    02:54:97:9a:b1:7a:28:50:8c:fa:3a:6f:e3:e4:02:
                    7b:19:21:65:74:05:cd:98:31:88:86:72:5a:c6:69:
                    e1:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:F9:85:77:73:9E:11:35:BB:05:FE:AA:C9:CE:63:FA:7D:63:EB:9B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cc79b728-6509-4ac0-bcf7-f83bbe125322.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f1a:8000::/36

    Signature Algorithm: sha256WithRSAEncryption
         22:2d:ca:e9:f0:53:15:b3:52:91:e7:e3:50:ac:a9:08:cd:47:
         d8:96:65:a8:90:c5:00:cf:b6:f7:e8:89:8a:53:b8:91:24:55:
         7b:d7:82:ef:bc:cd:f2:21:12:61:5b:37:69:ed:6c:b1:13:cd:
         a2:2d:55:cc:66:c5:61:24:df:46:aa:b3:4d:c2:c0:57:6d:31:
         b5:77:aa:9e:e6:6a:fe:14:c4:f1:41:43:92:cc:dd:fd:2d:27:
         12:ab:86:67:5e:37:66:f6:ad:20:3f:b6:68:6e:07:db:40:ae:
         67:d5:fa:90:1b:7d:8f:ce:91:22:b6:21:07:82:0c:f1:35:f5:
         cd:b7:07:cc:c4:0f:9f:da:7c:78:8b:79:9e:68:98:b2:8b:41:
         5d:27:23:50:6b:04:19:67:79:77:53:d2:cd:10:82:c6:fb:cb:
         2c:16:21:7d:90:fc:fb:44:01:d6:c4:cf:9d:a0:b6:e2:36:32:
         96:1c:d2:8b:8b:55:80:84:82:9f:ff:2e:01:cc:03:18:68:ea:
         fe:07:87:f6:ee:7d:e3:be:b4:97:a7:14:df:a4:1d:11:76:6c:
         e3:ca:5f:e8:a8:aa:b9:bb:1a:f5:ae:d3:99:96:a3:c0:7c:24:
         63:b6:6d:dc:02:87:e4:0f:48:90:ea:3d:ff:d7:ef:f9:79:37:
         b2:0d:fa:21
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUC+NgGWQbAJW2O7YGjyVcT2idNCgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE4MDMxMDU3WhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0BmNmU2ZWVkNWJjZWM0NzQ0MThlMWE2MmVlM2UyMTkxZGU0
NjQ1YjczZGM1YjdjYzM3MmRlODA3MGI1NGVkZWQ3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDXq2Af8/AfzMY5vVeuYkT9IB5HlRkB+2n/gIFhBTJetsxm
O1O/kpHRu07Ra73FZfNX7WbwD6JKO8KVTP9KG2jF5LF3+9Jh7lmEB8X4yMmnPotw
3xkzWfNlxW1a4SniU3BcLM9EOrf6k5H8UA2XoqSUmq2pmrf4YFLSedL+Cixg0pUM
M8SV14d8HzLdo6PXkG52wAxxWPuzvYYPcKt9f75LTkWFTccIKSlpn9cfQ2g/AZ7k
aNxgI5QTN3R8VmAKUDx4CEUSW/P07ur0mthH8nIZ2Gbb5KIY0p9XAfnLNj0fdAJU
l5qxeihQjPo6b+PkAnsZIWV0Bc2YMYiGclrGaeHHAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUyvmFd3OeETW7Bf6qyc5j+n1j65swHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NjNzliNzI4LTY1MDktNGFjMC1iY2Y3LWY4M2JiZTEyNTMyMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8agDANBgkqhkiG9w0BAQsFAAOCAQEAIi3K6fBTFbNSkefjUKypCM1H
2JZlqJDFAM+29+iJilO4kSRVe9eC77zN8iESYVs3ae1ssRPNoi1VzGbFYSTfRqqz
TcLAV20xtXeqnuZq/hTE8UFDkszd/S0nEquGZ143ZvatID+2aG4H20CuZ9X6kBt9
j86RIrYhB4IM8TX1zbcHzMQPn9p8eIt5nmiYsotBXScjUGsEGWd5d1PSzRCCxvvL
LBYhfZD8+0QB1sTPnaC24jYylhzSi4tVgISCn/8uAcwDGGjq/geH9u594760l6cU
36QdEXZs48pf6Kiqubsa9a7TmZajwHwkY7Zt3AKH5A9IkOo9/9fv+Xk3sg36IQ==
-----END CERTIFICATE-----