Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6cb01528-0863-4282-b29c-5d2322edb608.roa
File:                     6cb01528-0863-4282-b29c-5d2322edb608.roa (raw, json)
Hash identifier:          2k+7KXkdSMm7iP04QjfxioONApBCqPldOPBRXvHpmGU=
Subject key identifier:   AC:B6:89:0B:D0:2F:32:21:C9:80:E9:83:48:47:90:B7:3D:8A:FF:39
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1C2EF209D692DC668675D6A82DE2D005D3A97C5B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6cb01528-0863-4282-b29c-5d2322edb608.roa
Signing time:             Tue 23 Sep 2025 16:22:24 +0000
ROA not before:           Tue 23 Sep 2025 16:22:24 +0000
ROA not after:            Tue 28 Oct 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f21:8000::/36 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1c:2e:f2:09:d6:92:dc:66:86:75:d6:a8:2d:e2:d0:05:d3:a9:7c:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 23 16:22:24 2025 GMT
            Not After : Oct 28 23:59:59 2025 GMT
        Subject: serialNumber=3647235cd450afd620b9e14db083bce16339bd2a1f8800df52aff14d603402d6, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:bb:65:da:b4:3a:72:89:0b:57:c6:86:17:72:
                    da:ef:89:01:7f:13:f9:96:fc:39:50:38:c9:91:87:
                    45:3b:0a:f0:8f:5a:57:da:96:42:40:aa:1f:d8:2b:
                    52:c1:4e:51:7d:87:76:84:cd:b4:f4:71:1e:cd:f7:
                    b2:3a:41:08:62:e6:bd:53:51:45:55:8e:96:93:89:
                    20:44:43:b2:fe:5a:d6:07:0a:3e:59:24:3c:a1:51:
                    6a:e6:48:96:e6:b6:6f:be:c0:41:f6:2d:a6:60:17:
                    86:fa:a3:a2:92:96:8e:ae:03:1b:f4:c4:de:c7:6d:
                    1b:05:be:4b:49:96:57:0f:85:8a:24:6f:cf:b8:35:
                    b9:e9:9e:8b:5d:f9:45:7c:79:6a:0b:64:9c:78:23:
                    89:f8:b6:4e:c7:c4:76:86:d2:e4:4f:91:9a:12:e1:
                    fc:92:c8:56:28:5f:a6:b7:d7:42:42:c7:9e:41:e5:
                    c6:55:3d:98:48:ad:af:95:f2:19:13:54:79:b7:a1:
                    8e:e5:14:01:a6:8b:5a:88:c2:cb:42:30:29:79:a8:
                    ac:21:c0:1a:0f:34:de:db:04:66:1e:aa:3b:38:c4:
                    2d:97:d8:7e:55:17:ba:31:10:66:dc:1c:7a:b4:65:
                    9c:9c:6c:50:25:b8:35:4d:f1:0e:aa:96:2f:0a:f5:
                    39:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:B6:89:0B:D0:2F:32:21:C9:80:E9:83:48:47:90:B7:3D:8A:FF:39
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6cb01528-0863-4282-b29c-5d2322edb608.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f21:8000::/36

    Signature Algorithm: sha256WithRSAEncryption
         18:02:fc:b1:5b:06:5a:cc:13:d3:7e:d6:66:bd:cf:be:47:2f:
         06:a7:c3:17:d4:a4:0c:91:d0:f0:79:91:a6:a2:87:d0:22:c8:
         29:b9:56:e8:83:43:70:66:c1:d8:ae:42:cc:86:49:85:4f:25:
         e4:b9:c8:d1:4b:4f:2c:0d:57:ff:5b:41:a8:49:7c:cb:8e:08:
         80:65:8a:bc:43:77:97:fa:30:e1:13:c3:d9:86:8c:e8:54:71:
         01:b3:c3:0b:ed:15:f3:30:f4:5c:98:37:23:dd:52:9a:99:8e:
         bf:7a:7b:ba:30:39:68:9d:cf:14:75:25:0a:e6:62:7a:79:3c:
         71:6d:1f:0c:82:e2:07:7a:12:29:e9:ad:41:0f:4a:61:8d:7e:
         b6:83:7f:71:b9:0c:8e:a4:40:4e:2a:b3:36:c3:62:f7:12:ec:
         48:b4:14:42:ea:6c:a9:96:23:e9:f1:a0:8e:ca:d7:07:15:06:
         24:50:96:ba:a4:d5:3d:d7:b9:f1:24:68:44:ac:0c:e4:dd:a5:
         4a:e0:52:16:43:ae:43:c7:fe:bf:ea:58:68:1f:d4:5b:6f:38:
         cb:0a:7f:9c:e6:dd:0e:fc:f8:30:4f:ca:d2:b8:e0:df:b1:b3:
         7f:26:4b:8d:49:8e:c9:45:c8:59:10:3e:4c:13:20:ef:66:16:
         47:c2:b3:9e
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUHC7yCdaS3GaGddaoLeLQBdOpfFswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTIzMTYyMjI0WhcNMjUxMDI4MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNjQ3MjM1Y2Q0NTBhZmQ2MjBiOWUxNGRiMDgzYmNlMTYz
MzliZDJhMWY4ODAwZGY1MmFmZjE0ZDYwMzQwMmQ2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQClu2XatDpyiQtXxoYXctrviQF/E/mW/DlQOMmRh0U7CvCP
WlfalkJAqh/YK1LBTlF9h3aEzbT0cR7N97I6QQhi5r1TUUVVjpaTiSBEQ7L+WtYH
Cj5ZJDyhUWrmSJbmtm++wEH2LaZgF4b6o6KSlo6uAxv0xN7HbRsFvktJllcPhYok
b8+4Nbnpnotd+UV8eWoLZJx4I4n4tk7HxHaG0uRPkZoS4fySyFYoX6a310JCx55B
5cZVPZhIra+V8hkTVHm3oY7lFAGmi1qIwstCMCl5qKwhwBoPNN7bBGYeqjs4xC2X
2H5VF7oxEGbcHHq0ZZycbFAluDVN8Q6qli8K9Tn7AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUrLaJC9AvMiHJgOmDSEeQtz2K/zkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZjYjAxNTI4LTA4NjMtNDI4Mi1iMjljLTVkMjMyMmVkYjYwOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8hgDANBgkqhkiG9w0BAQsFAAOCAQEAGAL8sVsGWswT037WZr3Pvkcv
BqfDF9SkDJHQ8HmRpqKH0CLIKblW6INDcGbB2K5CzIZJhU8l5LnI0UtPLA1X/1tB
qEl8y44IgGWKvEN3l/ow4RPD2YaM6FRxAbPDC+0V8zD0XJg3I91SmpmOv3p7ujA5
aJ3PFHUlCuZienk8cW0fDILiB3oSKemtQQ9KYY1+toN/cbkMjqRATiqzNsNi9xLs
SLQUQupsqZYj6fGgjsrXBxUGJFCWuqTVPde58SRoRKwM5N2lSuBSFkOuQ8f+v+pY
aB/UW284ywp/nObdDvz4ME/K0rjg37GzfyZLjUmOyUXIWRA+TBMg72YWR8Kzng==
-----END CERTIFICATE-----