Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3259f720-d976-494a-b049-c39cefc1daa6.roa
File:                     3259f720-d976-494a-b049-c39cefc1daa6.roa (raw, json)
Hash identifier:          FHS1SBOnDnhsK5Wj4COQVcBlmfWLd4/o9dfO9wKmUFo=
Subject key identifier:   8E:8F:23:B4:24:61:11:70:C6:99:07:33:62:E6:07:D4:8B:4C:DC:30
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       31E535CE780D4AAD665D0D22DD6130132A156F88
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3259f720-d976-494a-b049-c39cefc1daa6.roa
Signing time:             Tue 11 Nov 2025 02:00:05 +0000
ROA not before:           Tue 11 Nov 2025 02:00:05 +0000
ROA not after:            Tue 16 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1fff:7440::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:e5:35:ce:78:0d:4a:ad:66:5d:0d:22:dd:61:30:13:2a:15:6f:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 11 02:00:05 2025 GMT
            Not After : Dec 16 23:59:59 2025 GMT
        Subject: serialNumber=7a8d3ef0d133a79b0d94b00e7287060e7ec7fb4f9c51134058db527c75d3ae6f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:d8:e5:ab:43:5b:ba:82:b7:79:c2:c3:68:cf:
                    9f:06:95:90:09:cd:36:fa:a7:f5:c0:b1:cf:b9:a5:
                    01:d4:e1:0e:60:8b:85:71:e4:56:f1:d2:5d:73:17:
                    42:34:e4:a3:22:1b:11:b6:35:7d:76:39:df:fc:3d:
                    da:ab:97:4f:cb:d8:5c:44:ef:16:78:9f:a7:6b:d0:
                    03:72:dd:6c:80:09:3e:30:38:7b:7e:01:2b:60:1c:
                    a6:5c:b3:e8:2e:69:75:9e:57:fd:6e:07:77:7d:2c:
                    eb:4d:7c:a6:5f:d8:a3:8e:6d:43:5a:47:94:44:78:
                    25:2e:c6:28:0e:1f:28:e4:4d:a7:e5:88:f7:89:86:
                    35:8e:63:9e:db:d3:4c:f7:e4:40:16:9a:5c:13:e0:
                    56:b3:61:31:2a:14:16:ab:56:1f:2d:b0:9e:af:51:
                    aa:1e:1a:4d:4f:0a:e4:2e:6b:64:48:4d:2c:ae:26:
                    5a:69:f4:0b:3f:9d:d6:9e:6a:72:db:99:61:b3:73:
                    4e:34:fe:77:e9:88:86:d0:fb:f2:08:7e:92:5f:cc:
                    e1:99:6d:ca:d3:38:11:dc:93:3e:79:6d:a2:1b:ab:
                    72:0b:1a:a5:61:aa:48:39:d8:f5:a0:1f:c0:28:22:
                    53:10:c9:4a:15:df:fa:d9:99:8b:a8:c9:e2:cb:d4:
                    8d:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:8F:23:B4:24:61:11:70:C6:99:07:33:62:E6:07:D4:8B:4C:DC:30
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3259f720-d976-494a-b049-c39cefc1daa6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fff:7440::/48

    Signature Algorithm: sha256WithRSAEncryption
         1c:c2:ad:77:d2:40:1b:96:90:c6:ae:68:a6:4f:db:3d:d3:cd:
         1d:af:eb:cf:27:57:bc:bf:79:04:d9:8e:83:40:f5:49:a4:d7:
         36:a5:d3:b5:18:34:eb:c9:a4:ab:ee:ac:72:23:de:b9:34:0e:
         9a:82:b7:a3:94:d7:54:c6:c7:3f:46:46:ac:4c:3f:98:02:13:
         fc:59:f8:5d:d0:ae:0d:01:f6:24:5b:00:f7:fd:d2:b1:e3:1b:
         7f:42:fb:c4:6c:de:57:38:2b:ab:13:c2:4a:86:18:28:c3:c2:
         24:08:57:a7:e7:10:99:ae:30:cd:1e:0c:6d:fd:06:ef:c5:8f:
         e5:a0:8a:6a:d5:0c:c3:c6:01:98:1f:d8:3d:52:a9:e5:f0:e1:
         93:c4:01:cf:c6:c8:ad:ad:9c:44:52:e4:7c:5d:21:70:29:15:
         84:d7:8b:1b:aa:19:9e:e9:07:b5:ee:1c:b9:46:f2:2b:41:e9:
         4b:b9:2d:46:18:e1:7e:c9:ff:d3:af:59:43:ed:e1:79:ed:8f:
         0d:08:5f:3e:23:b2:d3:bf:41:43:b1:3c:6d:5b:a3:9b:58:40:
         f6:0f:75:0b:00:17:18:20:8b:a1:fb:f8:1f:6e:7f:85:f9:6b:
         9f:8f:1b:4a:77:2c:4e:32:f4:62:0a:63:3a:da:80:ca:66:ea:
         b4:33:e6:6c
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUMeU1zngNSq1mXQ0i3WEwEyoVb4gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDIwMDA1WhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A3YThkM2VmMGQxMzNhNzliMGQ5NGIwMGU3Mjg3MDYwZTdl
YzdmYjRmOWM1MTEzNDA1OGRiNTI3Yzc1ZDNhZTZmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCe2OWrQ1u6grd5wsNoz58GlZAJzTb6p/XAsc+5pQHU4Q5g
i4Vx5Fbx0l1zF0I05KMiGxG2NX12Od/8Pdqrl0/L2FxE7xZ4n6dr0ANy3WyACT4w
OHt+AStgHKZcs+guaXWeV/1uB3d9LOtNfKZf2KOObUNaR5REeCUuxigOHyjkTafl
iPeJhjWOY57b00z35EAWmlwT4FazYTEqFBarVh8tsJ6vUaoeGk1PCuQua2RITSyu
Jlpp9As/ndaeanLbmWGzc040/nfpiIbQ+/IIfpJfzOGZbcrTOBHckz55baIbq3IL
GqVhqkg52PWgH8AoIlMQyUoV3/rZmYuoyeLL1I0rAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUjo8jtCRhEXDGmQczYuYH1ItM3DAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzMyNTlmNzIwLWQ5NzYtNDk0YS1iMDQ5LWMzOWNlZmMxZGFhNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB//dEAwDQYJKoZIhvcNAQELBQADggEBABzCrXfSQBuWkMauaKZP2z3T
zR2v688nV7y/eQTZjoNA9Umk1zal07UYNOvJpKvurHIj3rk0DpqCt6OU11TGxz9G
RqxMP5gCE/xZ+F3Qrg0B9iRbAPf90rHjG39C+8Rs3lc4K6sTwkqGGCjDwiQIV6fn
EJmuMM0eDG39Bu/Fj+WgimrVDMPGAZgf2D1SqeXw4ZPEAc/GyK2tnERS5HxdIXAp
FYTXixuqGZ7pB7XuHLlG8itB6Uu5LUYY4X7J/9OvWUPt4Xntjw0IXz4jstO/QUOx
PG1bo5tYQPYPdQsAFxggi6H7+B9uf4X5a5+PG0p3LE4y9GIKYzragMpm6rQz5mw=
-----END CERTIFICATE-----