Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/35db25f9-c570-4660-adb0-06bc15c44481.roa
File:                     35db25f9-c570-4660-adb0-06bc15c44481.roa (raw, json)
Hash identifier:          qDyIbwkiLr/561BX2DZVM/J3cfQn5430xeKU94iof0E=
Subject key identifier:   4F:08:7D:F9:72:8F:B8:AB:DF:FD:EC:1C:D0:F1:43:D7:BB:66:F4:95
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2565911FBEFDC084B7413E5E90781A76210BA04D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/35db25f9-c570-4660-adb0-06bc15c44481.roa
Signing time:             Wed 12 Nov 2025 01:51:18 +0000
ROA not before:           Wed 12 Nov 2025 01:51:18 +0000
ROA not after:            Wed 17 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1fff:7400::/40 maxlen: 40
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:65:91:1f:be:fd:c0:84:b7:41:3e:5e:90:78:1a:76:21:0b:a0:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 12 01:51:18 2025 GMT
            Not After : Dec 17 23:59:59 2025 GMT
        Subject: serialNumber=0f1e6d9cd6f32d002950c8f5e5e8a51398c6a2e8d881a547109c7800ac952da1, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:5e:4d:9b:05:e6:42:b2:d7:4c:87:d2:b1:df:
                    38:60:63:99:16:33:13:dc:17:76:fe:06:fb:cd:88:
                    c3:bd:4f:f3:5f:b1:b5:cb:3f:bd:a3:c7:fd:05:f4:
                    aa:bb:27:ac:c6:91:3d:6d:9e:68:db:a8:5b:c3:67:
                    7c:40:47:72:a1:af:03:e5:59:29:e4:80:49:12:50:
                    a7:d1:4e:ff:5b:78:b8:bd:e8:76:0e:04:86:d7:01:
                    a9:5e:01:b2:6c:38:48:8d:9b:89:1c:33:2c:cb:b9:
                    5b:a5:7d:37:41:2e:c6:33:38:ff:8e:21:7f:4a:c7:
                    3d:e8:35:37:9e:15:d7:85:4d:d4:5a:a4:57:08:7f:
                    f5:85:ee:c2:6a:8b:f0:30:b8:3d:ec:cf:1f:ff:7e:
                    1b:4d:10:52:b5:83:1b:68:70:1f:8a:cb:4a:1c:06:
                    c2:f7:71:2f:fb:47:12:78:fd:61:35:b3:f7:67:6e:
                    9e:9d:03:69:c8:fe:d8:3a:ff:6f:d9:2d:5d:46:31:
                    e3:9d:3a:fd:cc:7e:e2:30:3d:db:8c:bf:51:ef:ce:
                    33:09:30:3d:98:f4:01:ff:dc:ba:a0:3c:e7:2b:38:
                    2b:7e:b2:a5:b7:67:e6:ee:5a:27:91:3d:da:a0:d0:
                    20:36:a4:9c:7b:10:23:86:97:8e:f0:58:25:5b:61:
                    d4:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:08:7D:F9:72:8F:B8:AB:DF:FD:EC:1C:D0:F1:43:D7:BB:66:F4:95
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/35db25f9-c570-4660-adb0-06bc15c44481.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fff:7400::/40

    Signature Algorithm: sha256WithRSAEncryption
         49:76:e6:29:80:bb:25:2a:3a:78:98:aa:5b:be:5a:44:ba:18:
         2a:cd:f0:aa:45:3d:57:a6:33:14:46:d0:07:7e:97:79:69:c2:
         4c:9a:96:71:65:c8:71:85:8a:94:36:f6:d0:14:98:66:8b:3f:
         2c:4d:00:9b:9d:19:32:a0:9d:85:0a:81:07:56:3c:98:c9:d8:
         2f:84:e3:37:98:0f:4d:b0:c3:f3:7e:f7:ad:90:ef:6b:26:d1:
         42:0a:eb:50:aa:bc:d9:f9:95:85:e8:fb:0d:5c:90:68:72:c8:
         73:ad:9d:0b:19:f2:e5:f3:86:b4:8e:d4:d1:24:ec:04:ae:f2:
         ef:04:1e:5e:0a:e5:e6:9a:47:1b:90:c9:ff:93:4e:4f:bf:6a:
         5a:ba:80:04:54:10:c3:a6:2f:fb:61:fa:b4:10:9d:67:9c:56:
         1c:0b:a5:e9:52:11:3e:7b:07:ea:21:ed:e0:8a:73:73:08:f0:
         14:43:15:72:0a:fe:74:a7:fd:fa:9c:28:aa:04:02:e5:d1:a4:
         2e:58:97:07:bc:61:3d:7a:09:8e:cc:1f:24:d3:f8:5d:04:51:
         c9:60:4a:c0:0c:42:fb:e0:39:96:9e:cd:72:87:bf:21:5d:10:
         7c:7f:1a:03:bd:a6:b7:bf:9d:a3:ea:88:1d:5b:0a:91:03:d8:
         f5:09:ac:b9
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUJWWRH779wIS3QT5ekHgadiELoE0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEyMDE1MTE4WhcNMjUxMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AwZjFlNmQ5Y2Q2ZjMyZDAwMjk1MGM4ZjVlNWU4YTUxMzk4
YzZhMmU4ZDg4MWE1NDcxMDljNzgwMGFjOTUyZGExMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0Xk2bBeZCstdMh9Kx3zhgY5kWMxPcF3b+BvvNiMO9T/Nf
sbXLP72jx/0F9Kq7J6zGkT1tnmjbqFvDZ3xAR3KhrwPlWSnkgEkSUKfRTv9beLi9
6HYOBIbXAaleAbJsOEiNm4kcMyzLuVulfTdBLsYzOP+OIX9Kxz3oNTeeFdeFTdRa
pFcIf/WF7sJqi/AwuD3szx//fhtNEFK1gxtocB+Ky0ocBsL3cS/7RxJ4/WE1s/dn
bp6dA2nI/tg6/2/ZLV1GMeOdOv3MfuIwPduMv1HvzjMJMD2Y9AH/3LqgPOcrOCt+
sqW3Z+buWieRPdqg0CA2pJx7ECOGl47wWCVbYdSTAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUTwh9+XKPuKvf/ewc0PFD17tm9JUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM1ZGIyNWY5LWM1NzAtNDY2MC1hZGIwLTA2YmMxNWM0NDQ4MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB//dDANBgkqhkiG9w0BAQsFAAOCAQEASXbmKYC7JSo6eJiqW75aRLoY
Ks3wqkU9V6YzFEbQB36XeWnCTJqWcWXIcYWKlDb20BSYZos/LE0Am50ZMqCdhQqB
B1Y8mMnYL4TjN5gPTbDD8373rZDvaybRQgrrUKq82fmVhej7DVyQaHLIc62dCxny
5fOGtI7U0STsBK7y7wQeXgrl5ppHG5DJ/5NOT79qWrqABFQQw6Yv+2H6tBCdZ5xW
HAul6VIRPnsH6iHt4IpzcwjwFEMVcgr+dKf9+pwoqgQC5dGkLliXB7xhPXoJjswf
JNP4XQRRyWBKwAxC++A5lp7Ncoe/IV0QfH8aA72mt7+do+qIHVsKkQPY9QmsuQ==
-----END CERTIFICATE-----