Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1186eb64-ee57-4357-90a4-25d99e03e859.roa
File:                     1186eb64-ee57-4357-90a4-25d99e03e859.roa (raw, json)
Hash identifier:          QTMEqG8C3Si0eyB07E+dJj8ejOKsRzKJ/Is0ku3KbBw=
Subject key identifier:   9C:29:F9:95:FE:CC:50:A9:A2:32:C4:C6:6F:87:CC:98:F6:54:1F:C7
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4B4ABF687E6E2ED860998D5CCAE252F73CD8510D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1186eb64-ee57-4357-90a4-25d99e03e859.roa
Signing time:             Wed 12 Nov 2025 00:41:44 +0000
ROA not before:           Wed 12 Nov 2025 00:41:44 +0000
ROA not after:            Wed 17 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f11:4800::/37 maxlen: 37
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:4a:bf:68:7e:6e:2e:d8:60:99:8d:5c:ca:e2:52:f7:3c:d8:51:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 12 00:41:44 2025 GMT
            Not After : Dec 17 23:59:59 2025 GMT
        Subject: serialNumber=d170f7d5ed8d73a1297bccc416a2755bb18e76894098a40bc10b29fca8e256f3, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:41:7c:1e:f1:90:af:c2:a4:e9:96:2b:b4:6d:
                    ce:40:6b:d7:30:96:69:aa:5f:d9:2d:9d:1b:78:b4:
                    43:bb:ed:ea:75:07:b9:f8:d6:88:7d:ed:fb:ff:37:
                    82:ce:4e:7d:50:70:f6:e0:83:a2:d8:b8:80:23:a0:
                    d5:af:68:b3:2a:8e:a5:7f:29:a2:2e:d3:07:98:b1:
                    91:a6:0e:24:08:fc:ae:6e:4e:06:fe:b1:bb:89:c2:
                    25:7a:39:33:3f:73:a6:e0:18:98:3d:c7:c2:e2:13:
                    c3:8a:36:94:c9:1d:7f:3a:7c:5f:8c:9b:2a:7f:4b:
                    b0:ca:71:a4:a4:ee:4f:41:f3:55:5b:02:c5:44:7e:
                    8f:a3:82:f2:a0:1b:db:cf:bc:ff:f8:95:55:27:81:
                    62:f9:47:12:85:22:c8:07:1c:d8:35:31:4a:bc:7d:
                    3d:6d:13:78:fc:58:52:65:4a:78:08:7d:44:bf:71:
                    29:59:24:73:8f:fc:ef:29:fd:37:4c:19:73:78:5b:
                    ae:57:1c:f9:76:68:c5:e2:a2:45:06:18:82:b7:5b:
                    ac:42:d2:59:3b:c4:99:2d:40:97:6d:cf:4f:9b:36:
                    91:94:81:ec:d8:17:ea:05:6c:52:71:5a:53:6a:1a:
                    5f:61:23:de:bf:50:f6:48:cb:ec:c1:be:b0:a2:ea:
                    fb:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:29:F9:95:FE:CC:50:A9:A2:32:C4:C6:6F:87:CC:98:F6:54:1F:C7
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1186eb64-ee57-4357-90a4-25d99e03e859.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f11:4800::/37

    Signature Algorithm: sha256WithRSAEncryption
         1d:28:87:f8:d8:70:31:8e:d9:a7:20:4f:d3:c0:14:e8:99:eb:
         4d:32:60:2a:ac:ec:1f:59:a4:c9:98:07:d9:cf:b7:f1:fa:59:
         28:23:50:ec:49:0e:8e:c7:ae:d0:b2:77:f7:1b:9f:c4:14:24:
         38:f5:61:26:78:5d:9c:b1:64:a4:43:fc:af:f8:1f:11:8d:54:
         57:1f:3c:db:b9:e3:2c:2f:1b:c0:96:c3:4c:e0:84:ff:5f:54:
         ce:25:0c:b6:3c:0a:a2:0e:ad:b1:e5:e6:6d:55:d9:97:aa:b1:
         3b:45:4d:66:b6:36:0e:0b:7d:39:e2:56:1e:c0:82:12:a6:08:
         a3:af:ae:fd:c5:eb:13:37:e2:2f:cf:c6:c8:f0:19:f2:13:52:
         80:56:9d:aa:e8:d3:ca:3f:5a:8a:f0:33:4e:8b:31:7a:12:b3:
         d5:fb:63:fc:31:01:c2:de:5d:22:cd:3c:0b:17:61:73:97:60:
         d0:7e:01:b3:46:69:99:16:13:4c:a9:48:7e:94:d0:37:83:45:
         42:51:2f:b1:79:a0:79:48:1d:b3:85:cf:30:54:39:8e:00:41:
         8a:a5:96:0a:3f:3d:74:93:8e:64:c5:d8:5e:d9:c8:f7:67:e0:
         d7:d9:92:8a:62:dc:f1:af:20:2b:7d:b8:8d:5d:fb:24:cd:48:
         1b:3b:45:e4
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUS0q/aH5uLthgmY1cyuJS9zzYUQ0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEyMDA0MTQ0WhcNMjUxMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BkMTcwZjdkNWVkOGQ3M2ExMjk3YmNjYzQxNmEyNzU1YmIx
OGU3Njg5NDA5OGE0MGJjMTBiMjlmY2E4ZTI1NmYzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDEQXwe8ZCvwqTpliu0bc5Aa9cwlmmqX9ktnRt4tEO77ep1
B7n41oh97fv/N4LOTn1QcPbgg6LYuIAjoNWvaLMqjqV/KaIu0weYsZGmDiQI/K5u
Tgb+sbuJwiV6OTM/c6bgGJg9x8LiE8OKNpTJHX86fF+Mmyp/S7DKcaSk7k9B81Vb
AsVEfo+jgvKgG9vPvP/4lVUngWL5RxKFIsgHHNg1MUq8fT1tE3j8WFJlSngIfUS/
cSlZJHOP/O8p/TdMGXN4W65XHPl2aMXiokUGGIK3W6xC0lk7xJktQJdtz0+bNpGU
gezYF+oFbFJxWlNqGl9hI96/UPZIy+zBvrCi6vtJAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUnCn5lf7MUKmiMsTGb4fMmPZUH8cwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzExODZlYjY0LWVlNTctNDM1Ny05MGE0LTI1ZDk5ZTAzZTg1OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgMmAB8RSDANBgkqhkiG9w0BAQsFAAOCAQEAHSiH+NhwMY7ZpyBP08AU6Jnr
TTJgKqzsH1mkyZgH2c+38fpZKCNQ7EkOjseu0LJ39xufxBQkOPVhJnhdnLFkpEP8
r/gfEY1UVx8827njLC8bwJbDTOCE/19UziUMtjwKog6tseXmbVXZl6qxO0VNZrY2
Dgt9OeJWHsCCEqYIo6+u/cXrEzfiL8/GyPAZ8hNSgFadqujTyj9aivAzTosxehKz
1ftj/DEBwt5dIs08Cxdhc5dg0H4Bs0ZpmRYTTKlIfpTQN4NFQlEvsXmgeUgds4XP
MFQ5jgBBiqWWCj89dJOOZMXYXtnI92fg19mSimLc8a8gK324jV37JM1IGztF5A==
-----END CERTIFICATE-----