Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/83dcb0f4-8c84-4084-a564-98b99b2911ea.roa
File:                     83dcb0f4-8c84-4084-a564-98b99b2911ea.roa (raw, json)
Hash identifier:          kcfp/lu+fUUBJpjtdFDbQqURb8SjNuEIiWl0VQVyxog=
Subject key identifier:   3C:D5:8C:7B:C5:19:99:5F:A7:40:8B:7C:FD:2E:44:9A:6E:2D:7D:D6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4227CD5E6923EE777DD9279DEED833C4F0DDFD04
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/83dcb0f4-8c84-4084-a564-98b99b2911ea.roa
Signing time:             Tue 11 Nov 2025 01:30:56 +0000
ROA not before:           Tue 11 Nov 2025 01:30:56 +0000
ROA not after:            Tue 16 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f61:3400::/40 maxlen: 40
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:27:cd:5e:69:23:ee:77:7d:d9:27:9d:ee:d8:33:c4:f0:dd:fd:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 11 01:30:56 2025 GMT
            Not After : Dec 16 23:59:59 2025 GMT
        Subject: serialNumber=faeada2fc562d0ae6ee4e32e63075d23233935c4866a44774ea3a2c5ca58fe67, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:90:8b:c0:7a:49:bd:b5:f6:7b:74:20:ec:14:
                    7b:e9:4f:4c:b9:b6:57:53:38:86:8f:54:4d:93:b1:
                    93:82:a3:60:7e:fb:94:24:8b:93:52:37:a9:0d:32:
                    cd:e4:2d:c4:f3:31:73:22:4a:04:a7:c4:d6:49:8c:
                    4b:81:92:66:39:70:99:b7:30:d4:10:15:84:9c:a1:
                    4c:ff:8d:f8:b3:21:f0:c4:44:a4:72:7f:56:35:0a:
                    82:49:ac:f5:f5:ac:f8:0b:2a:c0:92:d3:dd:ca:2a:
                    4d:99:7f:bf:80:6b:0c:4b:d3:4f:67:02:3f:3d:64:
                    20:02:e3:f5:a1:85:87:ba:a5:8c:98:36:d0:b0:76:
                    d0:c7:f0:d7:a3:01:79:94:35:ca:37:33:1c:34:fb:
                    33:35:c7:f8:df:e5:bf:d4:a2:72:02:6d:b8:8d:07:
                    f3:2c:50:a6:31:0a:18:c7:f9:11:d9:48:41:cf:c8:
                    04:b3:09:cc:c1:96:7f:c6:de:72:be:e7:22:45:ae:
                    19:bb:97:f6:e3:e7:41:cc:92:70:5f:4d:5a:fb:b6:
                    c1:21:0b:c0:8c:2e:81:ac:19:03:b7:1d:86:56:34:
                    83:ba:e2:be:84:b5:31:d1:31:07:58:46:07:47:ea:
                    96:2f:68:71:4e:57:3e:4a:86:99:27:16:2e:3c:b8:
                    b1:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:D5:8C:7B:C5:19:99:5F:A7:40:8B:7C:FD:2E:44:9A:6E:2D:7D:D6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/83dcb0f4-8c84-4084-a564-98b99b2911ea.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f61:3400::/40

    Signature Algorithm: sha256WithRSAEncryption
         a1:ba:ff:0b:41:fe:66:2c:f2:b7:78:0f:39:a7:ec:ad:1e:04:
         72:37:bc:39:7c:3d:6a:87:b0:45:6b:ef:5a:00:6a:ac:49:df:
         b7:31:98:ff:7b:fe:d0:3d:6e:fe:da:50:53:95:ad:f2:c8:ff:
         78:75:10:3a:87:e8:7d:5b:c0:0e:ba:1f:d8:7b:0a:bf:8a:cd:
         46:18:89:1d:d1:29:ce:fe:b0:f5:d7:f4:5c:5d:fb:b2:af:7a:
         68:ce:11:37:8d:a4:6f:8b:61:3c:b7:45:74:f1:90:08:e6:27:
         d3:1a:18:e5:de:e9:f1:eb:89:f1:ab:fb:de:61:b9:a2:21:0e:
         73:87:5f:58:1a:78:5f:07:14:36:3b:4b:e1:b2:64:44:83:e6:
         2e:f0:f5:71:83:86:19:8a:fb:54:f7:20:6c:b8:cf:80:03:f7:
         29:e1:cb:5a:fb:17:f2:1c:45:87:44:6f:4c:e7:b3:ac:b2:60:
         c3:db:83:c8:3e:fe:a7:ba:58:8c:5d:1a:ba:cf:03:92:f4:f6:
         20:2b:61:e0:52:cf:c9:20:bc:4b:18:96:9f:b3:00:70:90:6f:
         4b:19:68:1b:27:d5:a0:c0:f6:3f:0a:99:7e:80:b5:3b:14:d7:
         00:18:8f:b0:90:77:37:c1:1a:26:90:ef:04:e1:58:14:a2:80:
         4e:45:ad:2d
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUQifNXmkj7nd92Sed7tgzxPDd/QQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDEzMDU2WhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BmYWVhZGEyZmM1NjJkMGFlNmVlNGUzMmU2MzA3NWQyMzIz
MzkzNWM0ODY2YTQ0Nzc0ZWEzYTJjNWNhNThmZTY3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCWkIvAekm9tfZ7dCDsFHvpT0y5tldTOIaPVE2TsZOCo2B+
+5Qki5NSN6kNMs3kLcTzMXMiSgSnxNZJjEuBkmY5cJm3MNQQFYScoUz/jfizIfDE
RKRyf1Y1CoJJrPX1rPgLKsCS093KKk2Zf7+AawxL009nAj89ZCAC4/WhhYe6pYyY
NtCwdtDH8NejAXmUNco3Mxw0+zM1x/jf5b/UonICbbiNB/MsUKYxChjH+RHZSEHP
yASzCczBln/G3nK+5yJFrhm7l/bj50HMknBfTVr7tsEhC8CMLoGsGQO3HYZWNIO6
4r6EtTHRMQdYRgdH6pYvaHFOVz5KhpknFi48uLELAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUPNWMe8UZmV+nQIt8/S5Emm4tfdYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzgzZGNiMGY0LThjODQtNDA4NC1hNTY0LTk4Yjk5YjI5MTFlYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB9hNDANBgkqhkiG9w0BAQsFAAOCAQEAobr/C0H+Zizyt3gPOafsrR4E
cje8OXw9aoewRWvvWgBqrEnftzGY/3v+0D1u/tpQU5Wt8sj/eHUQOofofVvADrof
2HsKv4rNRhiJHdEpzv6w9df0XF37sq96aM4RN42kb4thPLdFdPGQCOYn0xoY5d7p
8euJ8av73mG5oiEOc4dfWBp4XwcUNjtL4bJkRIPmLvD1cYOGGYr7VPcgbLjPgAP3
KeHLWvsX8hxFh0RvTOezrLJgw9uDyD7+p7pYjF0aus8DkvT2ICth4FLPySC8SxiW
n7MAcJBvSxloGyfVoMD2PwqZfoC1OxTXABiPsJB3N8EaJpDvBOFYFKKATkWtLQ==
-----END CERTIFICATE-----