Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d1922148-0081-4f06-b9be-a02446d66975.roa
File:                     d1922148-0081-4f06-b9be-a02446d66975.roa (raw, json)
Hash identifier:          +NyS1B2Jo8EOxIE3eHygjkMP7vn0Udfx4M6mz+q6wXw=
Subject key identifier:   F8:02:78:64:F4:0F:1E:6B:85:E4:18:E6:92:EF:69:CB:8C:C8:43:CE
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4FC8474E19F9D9390C385A743FFE3DFDEA5477A3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d1922148-0081-4f06-b9be-a02446d66975.roa
Signing time:             Wed 01 Oct 2025 00:21:15 +0000
ROA not before:           Wed 01 Oct 2025 00:21:15 +0000
ROA not after:            Wed 05 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f2c:4000::/36 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:c8:47:4e:19:f9:d9:39:0c:38:5a:74:3f:fe:3d:fd:ea:54:77:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  1 00:21:15 2025 GMT
            Not After : Nov  5 23:59:59 2025 GMT
        Subject: serialNumber=cadc6f2fa37acbbdab4ba0974dd47a2495e64fe6aa4b97df60fce0c0a0fae699, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:42:2a:5c:62:a2:34:c8:3a:40:3b:a4:f3:97:
                    e6:bd:2c:5c:18:bf:a0:a1:7d:4c:82:88:99:b3:f9:
                    27:85:43:6e:75:29:ba:b8:7d:3e:ae:0b:6b:dc:5f:
                    cf:c7:15:50:3a:51:9a:92:3e:b5:57:8b:e4:2e:cc:
                    41:1a:ef:42:d8:45:d9:f7:02:08:e3:f3:44:2e:28:
                    80:91:c4:59:f8:79:7f:38:24:d5:4a:53:bd:cd:7f:
                    7d:a4:cf:46:f0:dc:d9:03:72:f3:02:ee:b8:dd:12:
                    f5:03:40:04:21:b4:53:e0:99:a0:bd:e7:29:dc:36:
                    63:4e:69:a3:c8:a6:61:d2:ef:3e:8d:80:b8:64:5a:
                    e5:84:2c:d9:f5:fd:d6:c2:b5:69:b1:a7:df:c5:2c:
                    d6:7b:32:a2:b6:86:ef:5b:f3:f5:28:b3:b3:34:56:
                    9c:eb:c5:1a:63:24:43:fd:f1:3e:d4:dd:85:f8:40:
                    9d:23:6d:1a:5e:03:f6:95:82:69:04:ed:ef:44:58:
                    49:99:cb:9c:4b:ac:65:4f:eb:a7:fa:c6:32:e9:a7:
                    17:0f:15:b5:1e:28:e0:b1:33:1a:14:4f:27:52:2b:
                    66:bb:7a:8e:be:12:56:c8:a7:16:6f:00:21:c8:48:
                    30:2b:71:ec:d8:b1:18:ac:22:a1:cf:67:09:fa:75:
                    75:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:02:78:64:F4:0F:1E:6B:85:E4:18:E6:92:EF:69:CB:8C:C8:43:CE
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d1922148-0081-4f06-b9be-a02446d66975.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f2c:4000::/36

    Signature Algorithm: sha256WithRSAEncryption
         2e:01:a5:28:82:0e:de:bf:c7:4d:89:56:83:46:04:fb:66:45:
         04:38:44:7f:4f:58:20:46:dc:2d:8a:3a:73:d0:ee:4e:bc:47:
         d8:ec:01:3b:24:bb:b5:aa:4e:be:da:f9:0e:cd:d0:76:02:df:
         24:f5:4d:95:a9:d1:2d:f1:ab:72:88:27:91:8b:2e:cc:f4:5a:
         ed:79:b8:60:73:a4:48:de:6a:3a:a8:ff:fe:9c:b7:f1:09:88:
         19:4e:a8:b8:ee:4d:4e:23:b0:ce:55:29:71:cb:83:df:f5:58:
         5c:d6:6c:0c:78:d7:c3:3a:21:cc:66:6b:03:23:5d:01:ad:35:
         78:b3:a2:d0:dc:00:d0:43:50:e2:59:9d:e9:43:85:0f:e1:73:
         3c:8a:d7:f1:cd:56:5a:90:6f:38:2f:7b:1a:e1:2d:ac:0f:8d:
         77:7a:c6:dd:8b:5d:36:e1:1a:e9:3e:da:ba:b9:f0:3d:50:c6:
         ca:25:0d:4f:1a:bc:8c:ce:ca:2b:3d:33:5e:f9:4d:a1:17:80:
         a0:15:98:1c:89:1e:f6:0e:08:20:aa:f7:9a:34:82:2f:6c:9e:
         a7:74:b7:89:6b:ae:29:a5:ab:50:89:0d:d3:48:c2:41:26:3e:
         86:b8:e5:6b:f7:a5:aa:18:5e:c0:c4:1a:bc:9b:26:c3:1a:6f:
         4a:c9:79:5b
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUT8hHThn52TkMOFp0P/49/epUd6MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAxMDAyMTE1WhcNMjUxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BjYWRjNmYyZmEzN2FjYmJkYWI0YmEwOTc0ZGQ0N2EyNDk1
ZTY0ZmU2YWE0Yjk3ZGY2MGZjZTBjMGEwZmFlNjk5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDSQipcYqI0yDpAO6Tzl+a9LFwYv6ChfUyCiJmz+SeFQ251
Kbq4fT6uC2vcX8/HFVA6UZqSPrVXi+QuzEEa70LYRdn3Agjj80QuKICRxFn4eX84
JNVKU73Nf32kz0bw3NkDcvMC7rjdEvUDQAQhtFPgmaC95yncNmNOaaPIpmHS7z6N
gLhkWuWELNn1/dbCtWmxp9/FLNZ7MqK2hu9b8/Uos7M0VpzrxRpjJEP98T7U3YX4
QJ0jbRpeA/aVgmkE7e9EWEmZy5xLrGVP66f6xjLppxcPFbUeKOCxMxoUTydSK2a7
eo6+ElbIpxZvACHISDArcezYsRisIqHPZwn6dXWJAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU+AJ4ZPQPHmuF5Bjmku9py4zIQ84wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2QxOTIyMTQ4LTAwODEtNGYwNi1iOWJlLWEwMjQ0NmQ2Njk3NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8sQDANBgkqhkiG9w0BAQsFAAOCAQEALgGlKIIO3r/HTYlWg0YE+2ZF
BDhEf09YIEbcLYo6c9DuTrxH2OwBOyS7tapOvtr5Ds3QdgLfJPVNlanRLfGrcogn
kYsuzPRa7Xm4YHOkSN5qOqj//py38QmIGU6ouO5NTiOwzlUpccuD3/VYXNZsDHjX
wzohzGZrAyNdAa01eLOi0NwA0ENQ4lmd6UOFD+FzPIrX8c1WWpBvOC97GuEtrA+N
d3rG3YtdNuEa6T7aurnwPVDGyiUNTxq8jM7KKz0zXvlNoReAoBWYHIke9g4IIKr3
mjSCL2yep3S3iWuuKaWrUIkN00jCQSY+hrjla/elqhhewMQavJsmwxpvSsl5Ww==
-----END CERTIFICATE-----