Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3356d24b-fc8c-4c45-9f79-7168e2b6ee25.roa
File:                     3356d24b-fc8c-4c45-9f79-7168e2b6ee25.roa (raw, json)
Hash identifier:          RE9LPuenFBVLFZnux07ID5u80gFHvrQIM200N31RRoo=
Subject key identifier:   AE:74:6F:08:6E:04:2D:E0:FF:94:E0:24:BD:FC:7E:27:33:92:78:1A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4B34F2D5C456A5B98ABEF67E5294887926E57C1F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3356d24b-fc8c-4c45-9f79-7168e2b6ee25.roa
Signing time:             Tue 11 Nov 2025 02:10:31 +0000
ROA not before:           Tue 11 Nov 2025 02:10:31 +0000
ROA not after:            Tue 16 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f00:4050::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:34:f2:d5:c4:56:a5:b9:8a:be:f6:7e:52:94:88:79:26:e5:7c:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 11 02:10:31 2025 GMT
            Not After : Dec 16 23:59:59 2025 GMT
        Subject: serialNumber=7a4f2798dac0bc4add88e87d87171362a22854c8ed054028834fbfe52cd9cf95, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:96:e2:8e:13:2d:9e:e8:ea:bb:f2:c0:54:f4:
                    1d:e8:7a:0a:99:81:1f:12:f7:b8:60:7b:cd:36:0d:
                    63:bc:ea:ea:bb:54:d8:b1:27:0b:50:ae:11:fe:4a:
                    54:89:cb:e3:e8:cc:cf:bb:ea:1a:b8:74:4a:54:57:
                    e3:a7:18:17:16:e1:3f:82:42:28:6b:9f:29:1a:ef:
                    d2:d5:e4:ed:c5:8f:3c:e4:62:ee:1b:c2:7e:3b:58:
                    f0:4d:a8:44:12:1c:f7:1b:9c:5b:d4:39:a5:27:91:
                    bc:d4:70:e5:db:3b:75:e6:b3:61:0a:58:2c:80:81:
                    1d:19:f9:25:b9:00:ad:42:2f:72:53:be:d2:54:8b:
                    45:86:53:2d:16:1a:5a:92:7a:d0:ec:5f:cc:7f:66:
                    fc:a3:90:3d:cc:e2:17:b5:39:0c:12:f0:1e:aa:e0:
                    49:77:8f:7b:56:4a:ec:54:2b:4c:a5:d7:0b:49:6c:
                    a6:27:e4:aa:03:11:4c:6e:cb:0f:71:aa:60:c2:7f:
                    2f:4d:70:5e:df:40:77:bd:bc:c6:3d:b2:e7:da:b8:
                    88:a7:08:28:7a:89:58:42:07:c4:45:73:9d:1f:67:
                    97:5b:ab:e1:c1:19:ae:6a:03:56:3b:c4:03:da:38:
                    49:97:e3:23:00:aa:9c:90:73:85:62:19:04:e9:50:
                    c9:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:74:6F:08:6E:04:2D:E0:FF:94:E0:24:BD:FC:7E:27:33:92:78:1A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3356d24b-fc8c-4c45-9f79-7168e2b6ee25.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f00:4050::/48

    Signature Algorithm: sha256WithRSAEncryption
         d7:54:93:2c:1b:b0:dd:eb:60:61:27:55:ed:88:29:3c:4b:c6:
         ce:8f:e7:8e:d0:e2:17:da:24:b5:f1:43:8e:4d:5e:a7:d9:38:
         55:9d:30:6a:ee:e0:e2:af:4e:46:93:f8:c9:92:13:05:fb:ce:
         db:0e:bb:26:1d:00:62:44:e5:cf:39:50:0f:b8:f0:99:de:31:
         28:fd:70:09:b0:98:ea:e9:b5:fe:3b:4d:21:95:7c:e2:dd:8c:
         4a:61:67:6d:03:e6:d6:29:e7:11:ba:51:b5:57:f3:ca:ab:6c:
         65:8b:ef:61:83:4f:58:76:60:f4:79:75:d3:e3:12:92:d5:20:
         68:e5:32:a0:3b:f8:84:57:f7:02:07:22:26:4e:19:76:7a:4b:
         97:9e:22:ed:d1:48:1c:65:59:15:9f:5d:8b:b8:0d:c1:ef:f5:
         39:3e:4d:f2:d1:89:24:76:a9:0f:eb:b9:7f:eb:86:23:57:7a:
         20:67:e5:5b:5e:09:a7:b1:75:28:63:24:b4:65:83:dd:5a:4b:
         87:c8:2c:d2:0b:eb:2d:89:f8:d7:3b:0e:c9:e8:aa:2b:96:1f:
         31:13:3e:de:4c:8e:47:86:f4:5c:74:bc:18:52:da:12:b7:06:
         08:81:77:5b:a9:a6:ca:87:50:2f:8e:b4:79:7c:46:12:6e:b8:
         e4:f7:17:5f
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUSzTy1cRWpbmKvvZ+UpSIeSblfB8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDIxMDMxWhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A3YTRmMjc5OGRhYzBiYzRhZGQ4OGU4N2Q4NzE3MTM2MmEy
Mjg1NGM4ZWQwNTQwMjg4MzRmYmZlNTJjZDljZjk1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDCluKOEy2e6Oq78sBU9B3oegqZgR8S97hge802DWO86uq7
VNixJwtQrhH+SlSJy+PozM+76hq4dEpUV+OnGBcW4T+CQihrnyka79LV5O3Fjzzk
Yu4bwn47WPBNqEQSHPcbnFvUOaUnkbzUcOXbO3Xms2EKWCyAgR0Z+SW5AK1CL3JT
vtJUi0WGUy0WGlqSetDsX8x/ZvyjkD3M4he1OQwS8B6q4El3j3tWSuxUK0yl1wtJ
bKYn5KoDEUxuyw9xqmDCfy9NcF7fQHe9vMY9sufauIinCCh6iVhCB8RFc50fZ5db
q+HBGa5qA1Y7xAPaOEmX4yMAqpyQc4ViGQTpUMlfAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUrnRvCG4ELeD/lOAkvfx+JzOSeBowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzMzNTZkMjRiLWZjOGMtNGM0NS05Zjc5LTcxNjhlMmI2ZWUyNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB8AQFAwDQYJKoZIhvcNAQELBQADggEBANdUkywbsN3rYGEnVe2IKTxL
xs6P547Q4hfaJLXxQ45NXqfZOFWdMGru4OKvTkaT+MmSEwX7ztsOuyYdAGJE5c85
UA+48JneMSj9cAmwmOrptf47TSGVfOLdjEphZ20D5tYp5xG6UbVX88qrbGWL72GD
T1h2YPR5ddPjEpLVIGjlMqA7+IRX9wIHIiZOGXZ6S5eeIu3RSBxlWRWfXYu4DcHv
9Tk+TfLRiSR2qQ/ruX/rhiNXeiBn5VteCaexdShjJLRlg91aS4fILNIL6y2J+Nc7
DsnoqiuWHzETPt5MjkeG9Fx0vBhS2hK3BgiBd1uppsqHUC+OtHl8RhJuuOT3F18=
-----END CERTIFICATE-----