Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5dc411d9-6915-49ea-8d8e-e0fbdb7782a2.roa
File:                     5dc411d9-6915-49ea-8d8e-e0fbdb7782a2.roa (raw, json)
Hash identifier:          cqBgLJMyGd7jyvsEoMaWncTFp9ASYbBly8fSRQaQznI=
Subject key identifier:   E2:1D:8E:9C:FD:FB:80:8B:FC:B4:44:12:8B:A1:B5:4C:7E:42:1D:F2
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5911C5CA13B9E4A77FD06126625111565B91AD20
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5dc411d9-6915-49ea-8d8e-e0fbdb7782a2.roa
Signing time:             Wed 12 Nov 2025 01:20:57 +0000
ROA not before:           Wed 12 Nov 2025 01:20:57 +0000
ROA not after:            Wed 17 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ff1:8000::/40 maxlen: 40
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:11:c5:ca:13:b9:e4:a7:7f:d0:61:26:62:51:11:56:5b:91:ad:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 12 01:20:57 2025 GMT
            Not After : Dec 17 23:59:59 2025 GMT
        Subject: serialNumber=fe805f9def31630c1330991000aec997b344493e266ee1e460cd1f9e5836548d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:61:f6:c4:4d:97:9b:85:f2:01:f3:48:14:1b:
                    92:cb:2b:76:6c:0c:42:af:a0:c8:07:d8:74:7f:35:
                    c4:98:45:d5:30:d6:7f:d9:c9:a5:e3:75:33:32:0b:
                    8a:34:c1:1c:43:3a:c3:49:17:51:07:d5:fe:fb:cb:
                    55:f4:55:54:5c:1f:97:cf:8a:cc:2c:65:03:72:d0:
                    52:b4:98:33:85:a5:18:44:b5:2f:5f:c5:d6:1a:e3:
                    e4:17:37:0a:38:f5:8e:8e:e3:ca:1a:ef:46:6f:e3:
                    c2:7c:af:58:63:3d:11:ee:c3:82:65:f1:8a:18:c2:
                    c4:8e:88:35:f4:7e:9a:6b:11:86:71:96:63:2e:d6:
                    8d:1b:48:a4:82:dd:6a:13:75:41:11:0b:47:bd:85:
                    e5:6f:02:c5:7e:e8:76:eb:41:e3:02:3f:e8:fc:b8:
                    27:28:a0:ca:27:dc:4e:af:10:11:8d:dd:4e:81:76:
                    3e:ce:24:41:c0:ce:c5:2c:37:6f:c7:5b:c5:f5:ac:
                    51:d6:34:a9:c9:6f:a6:1d:a1:c7:4d:90:0d:0d:2e:
                    36:6c:8e:78:11:d5:ca:fd:22:69:66:a8:72:69:ff:
                    3d:ec:e8:ec:42:c1:90:17:24:f0:00:c8:ad:14:79:
                    43:d6:4b:dd:ff:9c:a1:18:1f:de:40:47:5c:b7:65:
                    07:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:1D:8E:9C:FD:FB:80:8B:FC:B4:44:12:8B:A1:B5:4C:7E:42:1D:F2
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5dc411d9-6915-49ea-8d8e-e0fbdb7782a2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff1:8000::/40

    Signature Algorithm: sha256WithRSAEncryption
         25:e6:66:14:55:3b:70:6d:3d:d0:04:c0:3c:23:76:44:12:54:
         76:58:3b:6d:45:70:8e:0a:96:97:fb:cc:5f:d4:d8:07:d5:11:
         89:37:c6:69:ce:16:ae:1b:b7:3e:fe:bc:8a:1f:ca:e0:5c:11:
         a7:7d:7e:f2:4a:b8:63:71:55:52:fd:59:5d:0a:3b:bd:b8:64:
         c7:a1:2c:68:65:e1:af:37:56:0e:c5:af:85:41:3f:37:fe:de:
         65:51:0a:84:e1:ec:dd:cf:81:e5:3e:c6:eb:f4:a1:57:38:c7:
         7e:f8:be:5d:9e:0f:e3:07:3d:53:d6:22:8f:d3:0f:74:d8:6d:
         de:36:2d:e3:51:9d:cf:6d:8b:7c:95:1f:79:d9:4b:42:29:7f:
         ca:89:8d:af:5e:ef:53:1d:fb:c1:30:08:f8:9c:16:8f:f8:89:
         37:08:03:90:23:91:7a:d7:78:b6:a4:31:6c:7a:17:8a:cf:be:
         38:db:13:f8:7c:45:e0:b6:c0:34:af:ce:fd:10:5b:ff:c6:b5:
         dc:13:8f:7d:e5:0c:16:2d:85:fc:ac:3c:fc:cf:de:69:b1:ef:
         6c:f8:08:7d:e5:7b:66:13:da:19:ea:93:86:f5:87:a9:31:e5:
         e8:e6:a2:ce:69:c0:15:2e:81:8e:8f:e1:38:2c:e2:d0:60:dd:
         06:36:c2:d9
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUWRHFyhO55Kd/0GEmYlERVluRrSAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEyMDEyMDU3WhcNMjUxMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BmZTgwNWY5ZGVmMzE2MzBjMTMzMDk5MTAwMGFlYzk5N2Iz
NDQ0OTNlMjY2ZWUxZTQ2MGNkMWY5ZTU4MzY1NDhkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD0YfbETZebhfIB80gUG5LLK3ZsDEKvoMgH2HR/NcSYRdUw
1n/ZyaXjdTMyC4o0wRxDOsNJF1EH1f77y1X0VVRcH5fPiswsZQNy0FK0mDOFpRhE
tS9fxdYa4+QXNwo49Y6O48oa70Zv48J8r1hjPRHuw4Jl8YoYwsSOiDX0fpprEYZx
lmMu1o0bSKSC3WoTdUERC0e9heVvAsV+6HbrQeMCP+j8uCcooMon3E6vEBGN3U6B
dj7OJEHAzsUsN2/HW8X1rFHWNKnJb6YdocdNkA0NLjZsjngR1cr9ImlmqHJp/z3s
6OxCwZAXJPAAyK0UeUPWS93/nKEYH95AR1y3ZQdXAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU4h2OnP37gIv8tEQSi6G1TH5CHfIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzVkYzQxMWQ5LTY5MTUtNDllYS04ZDhlLWUwZmJkYjc3ODJhMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/xgDANBgkqhkiG9w0BAQsFAAOCAQEAJeZmFFU7cG090ATAPCN2RBJU
dlg7bUVwjgqWl/vMX9TYB9URiTfGac4Wrhu3Pv68ih/K4FwRp31+8kq4Y3FVUv1Z
XQo7vbhkx6EsaGXhrzdWDsWvhUE/N/7eZVEKhOHs3c+B5T7G6/ShVzjHfvi+XZ4P
4wc9U9Yij9MPdNht3jYt41Gdz22LfJUfedlLQil/yomNr17vUx37wTAI+JwWj/iJ
NwgDkCORetd4tqQxbHoXis++ONsT+HxF4LbANK/O/RBb/8a13BOPfeUMFi2F/Kw8
/M/eabHvbPgIfeV7ZhPaGeqThvWHqTHl6OaizmnAFS6Bjo/hOCzi0GDdBjbC2Q==
-----END CERTIFICATE-----