Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0396d0da-0d50-49a7-bf6f-b7d6361f8eeb.roa
File:                     0396d0da-0d50-49a7-bf6f-b7d6361f8eeb.roa (raw, json)
Hash identifier:          r+IJVSwzR22wdC0h/NJ3Iq2sKImeKERSX+h6c7EsmQs=
Subject key identifier:   DF:E8:03:68:A1:E9:BA:E2:D9:C2:A2:37:19:F0:63:E8:A9:B4:E5:95
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       34029CED3B7FDA7BD94D4E1F23F4958F1D52B9A6
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0396d0da-0d50-49a7-bf6f-b7d6361f8eeb.roa
Signing time:             Tue 11 Nov 2025 01:41:17 +0000
ROA not before:           Tue 11 Nov 2025 01:41:17 +0000
ROA not after:            Tue 16 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1fff:4010::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:02:9c:ed:3b:7f:da:7b:d9:4d:4e:1f:23:f4:95:8f:1d:52:b9:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 11 01:41:17 2025 GMT
            Not After : Dec 16 23:59:59 2025 GMT
        Subject: serialNumber=0d6c5a217d760f7eb8091608f2e76cde559e0693ef615f94209b2e0c93186885, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:4a:7e:f9:08:c0:e4:ab:91:bf:07:5e:50:12:
                    08:ea:d5:3f:4f:ea:e6:53:ba:e9:f5:1f:10:ab:62:
                    c0:45:60:b0:a1:17:0d:c1:3e:6d:1d:fb:ae:9a:dd:
                    6f:83:bd:49:e6:a5:eb:af:23:12:0d:d2:49:fb:45:
                    c7:c4:0b:fe:0a:1d:13:73:1b:59:05:be:c5:8e:65:
                    1e:9d:8e:9c:99:be:24:f2:49:1b:df:a7:df:e5:31:
                    38:36:b8:d6:15:51:05:df:6d:80:80:17:fe:d5:7b:
                    c6:9f:e0:6e:a2:1b:63:de:e9:44:62:12:26:24:8e:
                    23:1f:fd:06:59:57:5c:9a:95:1c:04:94:c6:b6:fd:
                    b7:27:75:72:f7:0c:5d:ca:21:9e:22:b2:12:c5:99:
                    e9:ba:5b:3a:9d:a1:c3:01:71:05:75:0f:be:db:8c:
                    14:f5:5b:97:67:6b:d7:b0:f0:b5:b6:fc:ee:9f:5f:
                    9a:8b:bc:21:1c:95:87:79:d9:e9:b6:b0:55:2d:91:
                    da:25:c2:76:34:a1:c6:08:c0:4d:00:72:38:64:b3:
                    aa:d9:cd:c0:53:90:bc:dd:4c:d9:58:61:17:cf:dd:
                    e6:5d:c5:f7:b9:9c:e1:7f:7c:51:d6:31:29:06:4e:
                    5d:33:a6:3d:49:99:06:02:1e:3e:dc:f7:1e:bb:e4:
                    b0:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:E8:03:68:A1:E9:BA:E2:D9:C2:A2:37:19:F0:63:E8:A9:B4:E5:95
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0396d0da-0d50-49a7-bf6f-b7d6361f8eeb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fff:4010::/48

    Signature Algorithm: sha256WithRSAEncryption
         7a:96:0b:3f:7c:f7:dc:5b:07:bb:2c:c4:a2:33:54:c2:16:29:
         1c:48:be:8e:6f:4f:99:e3:7a:e9:26:fe:2c:52:65:8a:f5:a7:
         8c:cb:5b:e0:df:f4:59:bf:ba:d9:99:6c:59:24:f4:fb:f6:27:
         b7:d8:8c:4f:85:42:cb:34:31:7b:f9:fe:93:28:18:96:31:e3:
         6d:cf:7c:12:68:19:94:d7:12:60:0a:93:45:37:87:12:67:56:
         b3:25:95:37:76:de:7d:ef:b0:d3:ec:a0:25:6b:a4:f3:1e:9c:
         1b:89:31:d8:3b:21:25:1b:c7:80:3f:92:30:ab:2f:b1:29:6f:
         55:db:26:e6:0e:8b:be:b0:8e:93:3b:2b:58:b6:4d:e5:2d:57:
         2c:7d:a7:91:43:ff:72:64:42:78:8a:4d:cf:97:c4:4e:22:a0:
         2b:3a:b1:93:c4:be:11:b5:41:1f:78:0c:f3:12:60:4b:58:1b:
         12:63:7c:4d:3f:36:c8:15:86:f8:7d:be:94:de:23:55:e0:99:
         f5:4b:08:5a:22:82:75:19:9f:56:9f:83:02:48:7c:58:94:c6:
         14:82:5c:31:d4:b6:2b:0b:23:ce:12:b5:44:21:dc:de:c0:56:
         78:e8:dd:38:22:cb:c0:0c:84:e9:e5:d8:0a:f8:bf:a1:10:ce:
         e6:14:48:21
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUNAKc7Tt/2nvZTU4fI/SVjx1SuaYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDE0MTE3WhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0AwZDZjNWEyMTdkNzYwZjdlYjgwOTE2MDhmMmU3NmNkZTU1
OWUwNjkzZWY2MTVmOTQyMDliMmUwYzkzMTg2ODg1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCdSn75CMDkq5G/B15QEgjq1T9P6uZTuun1HxCrYsBFYLCh
Fw3BPm0d+66a3W+DvUnmpeuvIxIN0kn7RcfEC/4KHRNzG1kFvsWOZR6djpyZviTy
SRvfp9/lMTg2uNYVUQXfbYCAF/7Ve8af4G6iG2Pe6URiEiYkjiMf/QZZV1yalRwE
lMa2/bcndXL3DF3KIZ4ishLFmem6WzqdocMBcQV1D77bjBT1W5dna9ew8LW2/O6f
X5qLvCEclYd52em2sFUtkdolwnY0ocYIwE0Acjhks6rZzcBTkLzdTNlYYRfP3eZd
xfe5nOF/fFHWMSkGTl0zpj1JmQYCHj7c9x675LDVAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU3+gDaKHpuuLZwqI3GfBj6Km05ZUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzAzOTZkMGRhLTBkNTAtNDlhNy1iZjZmLWI3ZDYzNjFmOGVlYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB//QBAwDQYJKoZIhvcNAQELBQADggEBAHqWCz9899xbB7ssxKIzVMIW
KRxIvo5vT5njeukm/ixSZYr1p4zLW+Df9Fm/utmZbFkk9Pv2J7fYjE+FQss0MXv5
/pMoGJYx423PfBJoGZTXEmAKk0U3hxJnVrMllTd23n3vsNPsoCVrpPMenBuJMdg7
ISUbx4A/kjCrL7Epb1XbJuYOi76wjpM7K1i2TeUtVyx9p5FD/3JkQniKTc+XxE4i
oCs6sZPEvhG1QR94DPMSYEtYGxJjfE0/NsgVhvh9vpTeI1XgmfVLCFoignUZn1af
gwJIfFiUxhSCXDHUtisLI84StUQh3N7AVnjo3Tgiy8AMhOnl2Ar4v6EQzuYUSCE=
-----END CERTIFICATE-----