Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f9a12a27-7ddf-482b-ba7b-0899146109a1.roa
File:                     f9a12a27-7ddf-482b-ba7b-0899146109a1.roa (raw, json)
Hash identifier:          l9nYtZAn9EQc6sxU8Wv9hT79NjPPV3rOQHc/FM6Qc/g=
Subject key identifier:   01:1E:05:53:95:B5:36:BD:07:AD:57:5C:22:B2:6D:5B:0E:68:A2:B0
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       13945B4B5926C0A22E2AE748761162132F88F0A1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f9a12a27-7ddf-482b-ba7b-0899146109a1.roa
Signing time:             Fri 17 Oct 2025 20:50:25 +0000
ROA not before:           Fri 17 Oct 2025 20:50:25 +0000
ROA not after:            Fri 21 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1ff2:80a0::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:94:5b:4b:59:26:c0:a2:2e:2a:e7:48:76:11:62:13:2f:88:f0:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 17 20:50:25 2025 GMT
            Not After : Nov 21 23:59:59 2025 GMT
        Subject: serialNumber=10665b5ff5c04a57e61102b851720f0240f9af95391b19214eec01e3d37e7826, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:34:4a:9b:74:ad:08:1b:a6:91:f5:ec:d4:79:
                    1f:7b:5c:3b:ed:dd:8c:2a:81:09:67:ac:d7:89:64:
                    b9:e6:fa:2c:19:97:6c:56:f4:04:c3:e2:c5:7d:af:
                    48:92:06:ba:e4:54:79:29:dc:fa:7d:71:c8:1d:d2:
                    5d:2a:aa:3f:9b:0e:c6:e0:91:c4:be:49:73:33:ee:
                    bb:b5:cd:b9:17:31:50:78:36:7c:77:35:5f:b5:4e:
                    2a:e1:79:5f:a6:75:43:ce:dc:35:06:55:1c:f0:81:
                    de:31:aa:eb:e1:9a:6d:89:d8:9e:ec:69:9f:c7:8e:
                    ce:02:d6:0b:ad:80:29:ec:6c:b9:e1:34:7d:88:2f:
                    fd:73:64:c8:74:3b:73:66:b3:d0:4e:5f:d2:74:8a:
                    e9:3f:50:e8:ce:1a:ff:3f:94:06:c7:9c:21:60:26:
                    2a:b8:9c:f7:a4:57:2a:03:7e:02:b5:e6:92:72:3b:
                    3d:0b:63:ac:fc:ab:ea:c5:c8:3c:1d:db:d9:3e:b1:
                    68:dc:38:d9:04:cd:eb:99:1d:37:76:ac:6f:d8:3e:
                    ef:8b:64:88:ed:95:04:3a:55:00:3a:7d:69:38:86:
                    49:44:d8:88:fb:ba:31:35:cd:5c:55:e5:69:d6:41:
                    95:6d:09:cf:8d:8b:84:07:a2:15:1d:94:98:a2:79:
                    4e:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:1E:05:53:95:B5:36:BD:07:AD:57:5C:22:B2:6D:5B:0E:68:A2:B0
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f9a12a27-7ddf-482b-ba7b-0899146109a1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff2:80a0::/48

    Signature Algorithm: sha256WithRSAEncryption
         40:1e:22:0d:2a:0e:eb:07:1e:58:a2:d2:f0:e7:07:09:9c:21:
         db:55:d8:1f:fb:44:da:2c:d6:c0:ea:44:c4:89:2d:92:b2:bb:
         9f:4a:3b:72:8a:5c:fa:1e:55:99:b9:0d:33:79:f1:3a:7a:b8:
         28:7a:f1:9a:46:2e:26:3c:04:2e:10:6b:26:95:20:e5:11:ff:
         c4:1f:bf:98:ac:e4:d3:e0:33:a6:68:95:79:7b:aa:87:c7:b4:
         08:43:bc:fa:e4:bb:66:f8:7c:cd:dd:6c:13:d8:4c:59:e9:3d:
         90:12:20:04:ad:1b:c7:e1:c8:4e:5e:28:d5:a0:ab:6d:d2:f1:
         7e:55:5e:ed:95:90:30:f1:d6:22:a6:01:cb:09:38:98:d9:f9:
         30:1a:4b:51:c8:a1:26:de:ff:76:d8:78:ed:ce:7c:f8:fe:a9:
         55:55:9c:ce:d5:a0:a7:b1:ed:09:f5:93:68:70:62:4d:74:3b:
         e0:d5:67:12:2a:9a:ae:c3:d2:fe:8d:3a:2b:02:99:e2:36:ed:
         10:38:7c:18:62:33:93:6d:fb:b6:c8:1c:3e:2b:59:3e:cf:ef:
         9a:06:9b:fa:56:9d:46:ca:6e:a0:f0:1d:0b:b4:c4:f8:7b:c3:
         cb:44:f2:bb:12:ac:80:3a:60:8a:cc:e3:be:7f:c4:60:0b:b3:
         c9:2a:eb:fc
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUE5RbS1kmwKIuKudIdhFiEy+I8KEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE3MjA1MDI1WhcNMjUxMTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0AxMDY2NWI1ZmY1YzA0YTU3ZTYxMTAyYjg1MTcyMGYwMjQw
ZjlhZjk1MzkxYjE5MjE0ZWVjMDFlM2QzN2U3ODI2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCYNEqbdK0IG6aR9ezUeR97XDvt3YwqgQlnrNeJZLnm+iwZ
l2xW9ATD4sV9r0iSBrrkVHkp3Pp9ccgd0l0qqj+bDsbgkcS+SXMz7ru1zbkXMVB4
Nnx3NV+1TirheV+mdUPO3DUGVRzwgd4xquvhmm2J2J7saZ/Hjs4C1gutgCnsbLnh
NH2IL/1zZMh0O3Nms9BOX9J0iuk/UOjOGv8/lAbHnCFgJiq4nPekVyoDfgK15pJy
Oz0LY6z8q+rFyDwd29k+sWjcONkEzeuZHTd2rG/YPu+LZIjtlQQ6VQA6fWk4hklE
2Ij7ujE1zVxV5WnWQZVtCc+Ni4QHohUdlJiieU5DAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUAR4FU5W1Nr0HrVdcIrJtWw5oorAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Y5YTEyYTI3LTdkZGYtNDgyYi1iYTdiLTA4OTkxNDYxMDlhMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB/ygKAwDQYJKoZIhvcNAQELBQADggEBAEAeIg0qDusHHlii0vDnBwmc
IdtV2B/7RNos1sDqRMSJLZKyu59KO3KKXPoeVZm5DTN58Tp6uCh68ZpGLiY8BC4Q
ayaVIOUR/8Qfv5is5NPgM6ZolXl7qofHtAhDvPrku2b4fM3dbBPYTFnpPZASIASt
G8fhyE5eKNWgq23S8X5VXu2VkDDx1iKmAcsJOJjZ+TAaS1HIoSbe/3bYeO3OfPj+
qVVVnM7VoKex7Qn1k2hwYk10O+DVZxIqmq7D0v6NOisCmeI27RA4fBhiM5Nt+7bI
HD4rWT7P75oGm/pWnUbKbqDwHQu0xPh7w8tE8rsSrIA6YIrM475/xGALs8kq6/w=
-----END CERTIFICATE-----