Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/39d7aacd-f349-4a6b-a4b8-d829e9d29a4f.roa
File:                     39d7aacd-f349-4a6b-a4b8-d829e9d29a4f.roa (raw, json)
Hash identifier:          Tv2qv6flmb3Yr1V+ncTLdMGzkzMzyV/XXekfeDW4Ajw=
Subject key identifier:   0B:19:5A:4F:E6:9E:16:9F:EE:2E:80:74:E6:47:EE:CB:C8:78:EC:4E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1362EE944B213AA0033E60BFF09EFC5B2848C51D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/39d7aacd-f349-4a6b-a4b8-d829e9d29a4f.roa
Signing time:             Wed 12 Nov 2025 02:30:17 +0000
ROA not before:           Wed 12 Nov 2025 02:30:17 +0000
ROA not after:            Wed 17 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1fff:40a0::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:62:ee:94:4b:21:3a:a0:03:3e:60:bf:f0:9e:fc:5b:28:48:c5:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 12 02:30:17 2025 GMT
            Not After : Dec 17 23:59:59 2025 GMT
        Subject: serialNumber=b49540ceaed47bb53ba9ea3b47aadcba0adddd2ed83e9958033b43b8e0261a0f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:a0:15:9c:e3:cb:aa:5f:ce:5e:a5:e6:c3:6d:
                    ed:c6:9a:fa:30:82:30:90:35:89:66:73:ec:87:f9:
                    43:84:57:a3:0f:c3:79:67:2c:bd:c8:19:5a:33:ca:
                    6e:01:86:d8:4b:60:96:18:d4:21:d3:95:d8:d9:08:
                    43:c2:ef:b4:6d:90:0f:cd:25:91:b8:11:1a:35:be:
                    be:76:9a:32:0c:19:49:4e:b3:85:99:07:38:5b:7a:
                    33:ef:45:85:ec:41:2a:9f:7d:34:3f:ad:6c:62:13:
                    f8:cf:8d:a0:5b:15:9b:de:38:c5:a2:51:de:76:8a:
                    72:20:e2:b6:b6:e9:fb:dc:f0:22:09:05:d8:0c:28:
                    e3:be:36:3e:fc:3e:e8:2f:53:33:56:ac:80:04:35:
                    f0:23:be:ef:bf:b0:a7:b0:1f:80:6c:6b:4f:3b:be:
                    4d:8e:dd:38:05:d0:9f:b0:16:e6:b7:63:40:cf:ac:
                    ce:7e:8d:8a:c6:1d:00:14:0c:50:ad:60:e9:5f:b6:
                    87:4e:63:7a:58:7c:ed:06:fe:05:06:c0:32:ab:6f:
                    d1:5e:fa:fd:95:18:3a:87:e7:ec:ba:84:15:16:c9:
                    66:c6:7a:1f:f5:00:61:72:73:a9:d7:12:3d:5c:d4:
                    1d:9f:49:ff:77:d6:72:b4:ac:19:e3:ef:27:64:2d:
                    31:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:19:5A:4F:E6:9E:16:9F:EE:2E:80:74:E6:47:EE:CB:C8:78:EC:4E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/39d7aacd-f349-4a6b-a4b8-d829e9d29a4f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fff:40a0::/48

    Signature Algorithm: sha256WithRSAEncryption
         b8:6f:97:69:bf:e8:60:02:c4:2c:64:cc:6f:0c:26:78:18:28:
         7e:10:8f:20:30:d3:c1:61:30:0f:02:4a:12:99:7c:85:ad:89:
         04:e8:2d:e3:27:c0:ee:88:40:d7:93:2a:1d:7f:c0:71:b7:b5:
         22:92:9a:0b:c7:0b:9d:db:33:08:8a:bf:43:ca:f0:fb:75:2c:
         8b:d7:37:fe:9b:f7:5e:1c:aa:39:3b:c1:62:22:2f:cf:89:43:
         14:fb:d8:17:f1:95:df:e4:22:f7:ed:ba:34:81:43:be:36:55:
         20:07:0c:c7:a4:89:cf:22:5f:47:64:49:1d:02:f2:a9:5f:05:
         6c:f2:69:88:c4:86:58:34:61:0c:44:0f:4b:67:16:02:ba:72:
         98:8f:85:e5:d5:09:a5:c1:a8:a0:93:cd:5e:50:f4:1f:34:d7:
         28:de:6d:d2:ca:61:0a:a3:1b:c4:fc:69:c8:12:fb:ac:04:97:
         e0:32:05:06:5d:25:c3:75:95:6d:71:28:95:45:1f:5f:7a:c4:
         3c:c9:b7:96:ee:a7:cd:0e:68:19:5b:5a:1f:40:02:cd:42:1e:
         6a:0c:19:fb:be:01:6a:60:f9:08:48:3e:51:1a:d5:fd:6a:2b:
         1c:f0:bc:2e:d7:52:8a:e0:da:de:2a:58:27:55:33:27:f8:7d:
         32:ca:7d:d4
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUE2LulEshOqADPmC/8J78WyhIxR0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEyMDIzMDE3WhcNMjUxMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BiNDk1NDBjZWFlZDQ3YmI1M2JhOWVhM2I0N2FhZGNiYTBh
ZGRkZDJlZDgzZTk5NTgwMzNiNDNiOGUwMjYxYTBmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC8oBWc48uqX85epebDbe3GmvowgjCQNYlmc+yH+UOEV6MP
w3lnLL3IGVozym4BhthLYJYY1CHTldjZCEPC77RtkA/NJZG4ERo1vr52mjIMGUlO
s4WZBzhbejPvRYXsQSqffTQ/rWxiE/jPjaBbFZveOMWiUd52inIg4ra26fvc8CIJ
BdgMKOO+Nj78PugvUzNWrIAENfAjvu+/sKewH4Bsa087vk2O3TgF0J+wFua3Y0DP
rM5+jYrGHQAUDFCtYOlftodOY3pYfO0G/gUGwDKrb9Fe+v2VGDqH5+y6hBUWyWbG
eh/1AGFyc6nXEj1c1B2fSf931nK0rBnj7ydkLTGNAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUCxlaT+aeFp/uLoB05kfuy8h47E4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM5ZDdhYWNkLWYzNDktNGE2Yi1hNGI4LWQ4MjllOWQyOWE0Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB//QKAwDQYJKoZIhvcNAQELBQADggEBALhvl2m/6GACxCxkzG8MJngY
KH4QjyAw08FhMA8CShKZfIWtiQToLeMnwO6IQNeTKh1/wHG3tSKSmgvHC53bMwiK
v0PK8Pt1LIvXN/6b914cqjk7wWIiL8+JQxT72Bfxld/kIvftujSBQ742VSAHDMek
ic8iX0dkSR0C8qlfBWzyaYjEhlg0YQxED0tnFgK6cpiPheXVCaXBqKCTzV5Q9B80
1yjebdLKYQqjG8T8acgS+6wEl+AyBQZdJcN1lW1xKJVFH196xDzJt5bup80OaBlb
Wh9AAs1CHmoMGfu+AWpg+QhIPlEa1f1qKxzwvC7XUorg2t4qWCdVMyf4fTLKfdQ=
-----END CERTIFICATE-----