Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/06862e8d-0d1c-49d3-b5ab-59127edee178.roa
File:                     06862e8d-0d1c-49d3-b5ab-59127edee178.roa (raw, json)
Hash identifier:          NPMJ8+mEn/fBBjxJejUPXWfGjkM3kS41w9m/JQHHJYA=
Subject key identifier:   26:A6:E8:80:B7:6B:67:3B:02:A4:42:44:93:80:2F:88:7A:86:2E:B7
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       45A2B121EDFEFAF2BCD37316A8E88DEC0ABAC330
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/06862e8d-0d1c-49d3-b5ab-59127edee178.roa
Signing time:             Sat 08 Nov 2025 01:30:37 +0000
ROA not before:           Sat 08 Nov 2025 01:30:37 +0000
ROA not after:            Sat 13 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ff9:2c00::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:a2:b1:21:ed:fe:fa:f2:bc:d3:73:16:a8:e8:8d:ec:0a:ba:c3:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  8 01:30:37 2025 GMT
            Not After : Dec 13 23:59:59 2025 GMT
        Subject: serialNumber=84f602e90cbef316ad63696f17e16e63fa0ba5955b739ff6bd365b07d4c8b2be, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:cc:ee:d0:90:de:31:56:a5:10:a4:c2:76:2e:
                    a6:aa:04:37:4d:81:88:02:e5:f8:61:b1:3b:0b:3e:
                    4d:cb:ef:32:4a:52:ea:1f:95:da:60:9c:a3:32:66:
                    26:73:30:47:87:74:6d:f2:94:c0:58:54:89:af:ea:
                    53:90:26:be:81:84:6b:b1:a4:38:bc:dd:03:0b:96:
                    36:80:ae:c4:20:56:39:01:b8:e3:57:b0:72:f2:32:
                    ad:40:5f:d8:fd:51:25:28:fd:29:5c:a4:4b:a8:cd:
                    78:1b:f1:7c:5b:85:4f:86:d9:c7:66:c4:8e:fa:81:
                    db:c7:e1:e7:d1:d8:19:bc:29:a6:7c:d1:53:3f:33:
                    80:46:fe:b5:5e:04:26:db:82:b0:b9:c4:10:92:48:
                    d4:3c:8c:4c:bc:d0:f8:9e:e2:a7:96:0c:c3:64:a8:
                    55:21:25:9f:36:6b:37:00:95:fd:80:6f:4c:d4:44:
                    aa:d9:b0:31:25:a9:c5:78:24:7d:dd:22:97:3e:39:
                    fa:c7:d7:61:89:03:cc:09:0c:d9:04:72:5a:d5:70:
                    94:43:e5:2d:01:fa:e7:6a:98:b9:00:b8:47:b3:d8:
                    72:1b:c1:c1:4f:95:91:23:94:92:15:ed:8d:0d:93:
                    6c:f9:cd:df:61:b3:f1:4b:e3:43:49:3c:f5:ab:41:
                    d8:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:A6:E8:80:B7:6B:67:3B:02:A4:42:44:93:80:2F:88:7A:86:2E:B7
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/06862e8d-0d1c-49d3-b5ab-59127edee178.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff9:2c00::/40

    Signature Algorithm: sha256WithRSAEncryption
         19:4c:2f:8a:ea:40:1c:40:85:c2:3d:b9:28:36:f8:69:9e:55:
         fe:b7:a3:76:f1:0f:f2:ee:85:cc:46:e0:77:98:27:08:d6:85:
         6e:31:f9:9c:83:7f:86:51:4c:3e:8f:a5:64:02:51:98:4e:1b:
         f9:23:f5:9e:8a:28:22:05:e3:cb:63:03:de:fa:77:38:ad:41:
         aa:1b:fc:1f:e5:54:05:a7:80:13:24:b6:17:c6:e1:a3:5e:a9:
         cf:44:e8:e7:32:a4:13:cb:65:ba:ca:bf:e7:11:f8:56:a9:31:
         f3:c5:9c:f0:d8:37:c1:4e:df:11:f3:39:54:2e:3a:cf:01:6c:
         46:f7:ec:47:2c:33:f1:c3:65:95:45:f3:0c:48:0a:c0:9a:84:
         f7:96:e5:46:8c:21:e0:d2:a7:e8:1f:56:b1:b4:59:3c:0a:2c:
         f9:f5:6b:17:e2:f9:76:5b:1c:a5:da:11:98:fd:16:1c:18:4a:
         0f:94:12:b9:62:8f:2c:1c:72:f2:61:07:b4:cb:86:e2:79:a3:
         46:6f:c2:c9:16:5d:5b:20:34:b6:07:ac:0d:22:80:91:20:88:
         e3:0f:fe:16:0a:32:d2:4f:18:15:ec:b0:53:da:07:b0:99:f1:
         ad:6e:80:cf:14:1e:a3:d7:5e:5d:50:cf:34:5a:72:2f:b9:1c:
         08:7c:25:ef
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIURaKxIe3++vK803MWqOiN7Aq6wzAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTA4MDEzMDM3WhcNMjUxMjEzMjM1OTU5
WjB6MUkwRwYDVQQFE0A4NGY2MDJlOTBjYmVmMzE2YWQ2MzY5NmYxN2UxNmU2M2Zh
MGJhNTk1NWI3MzlmZjZiZDM2NWIwN2Q0YzhiMmJlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCtzO7QkN4xVqUQpMJ2LqaqBDdNgYgC5fhhsTsLPk3L7zJK
UuofldpgnKMyZiZzMEeHdG3ylMBYVImv6lOQJr6BhGuxpDi83QMLljaArsQgVjkB
uONXsHLyMq1AX9j9USUo/SlcpEuozXgb8XxbhU+G2cdmxI76gdvH4efR2Bm8KaZ8
0VM/M4BG/rVeBCbbgrC5xBCSSNQ8jEy80Pie4qeWDMNkqFUhJZ82azcAlf2Ab0zU
RKrZsDElqcV4JH3dIpc+OfrH12GJA8wJDNkEclrVcJRD5S0B+udqmLkAuEez2HIb
wcFPlZEjlJIV7Y0Nk2z5zd9hs/FL40NJPPWrQdgXAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUJqbogLdrZzsCpEJEk4AviHqGLrcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzA2ODYyZThkLTBkMWMtNDlkMy1iNWFiLTU5MTI3ZWRlZTE3OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/5LDANBgkqhkiG9w0BAQsFAAOCAQEAGUwviupAHECFwj25KDb4aZ5V
/rejdvEP8u6FzEbgd5gnCNaFbjH5nIN/hlFMPo+lZAJRmE4b+SP1noooIgXjy2MD
3vp3OK1Bqhv8H+VUBaeAEyS2F8bho16pz0To5zKkE8tlusq/5xH4Vqkx88Wc8Ng3
wU7fEfM5VC46zwFsRvfsRywz8cNllUXzDEgKwJqE95blRowh4NKn6B9WsbRZPAos
+fVrF+L5dlscpdoRmP0WHBhKD5QSuWKPLBxy8mEHtMuG4nmjRm/CyRZdWyA0tges
DSKAkSCI4w/+Fgoy0k8YFeywU9oHsJnxrW6AzxQeo9deXVDPNFpyL7kcCHwl7w==
-----END CERTIFICATE-----