Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/adaa4791-2396-4651-8851-2a7cbc3cb36f.roa
File:                     adaa4791-2396-4651-8851-2a7cbc3cb36f.roa (raw, json)
Hash identifier:          C6oE1CSjiQ1v4i2v6GUeyGyFp+bnRegSlwt9l4RM+wo=
Subject key identifier:   25:E5:D6:E1:FD:CF:A0:2F:4E:65:E8:DC:D7:07:79:E8:24:66:99:80
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       551FFA7B387A2F291738CF6AEE367A10A713B8F1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/adaa4791-2396-4651-8851-2a7cbc3cb36f.roa
Signing time:             Tue 11 Nov 2025 00:41:21 +0000
ROA not before:           Tue 11 Nov 2025 00:41:21 +0000
ROA not after:            Tue 16 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f00:40d0::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:1f:fa:7b:38:7a:2f:29:17:38:cf:6a:ee:36:7a:10:a7:13:b8:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 11 00:41:21 2025 GMT
            Not After : Dec 16 23:59:59 2025 GMT
        Subject: serialNumber=5f20c4885846067fe3f6b2338cf1a7ad2b76eeb2dc1700a9f98bc6d50e796fa8, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:99:95:0f:5e:33:b3:a8:26:e7:97:d7:08:c3:
                    79:ec:2f:aa:40:71:f1:ef:44:a3:5b:c5:03:6d:be:
                    18:fb:e5:eb:99:f7:4f:f9:04:84:c6:2f:b6:9c:0f:
                    90:f6:d1:d6:3a:55:19:21:05:87:21:6b:88:9f:07:
                    15:c7:91:8f:0a:54:b5:36:86:47:fc:b7:1a:9b:52:
                    70:f0:13:69:16:42:ad:3c:60:0f:0c:f3:1a:7a:1f:
                    13:44:f7:cc:d0:b4:ec:13:6a:74:ea:b8:0e:b6:4b:
                    90:ab:f5:47:d6:6c:4c:54:92:bc:79:06:04:42:82:
                    fc:d0:4a:02:a7:8b:af:01:14:f2:c7:41:68:3b:96:
                    ba:48:9f:86:dd:c1:c1:b7:00:d9:9a:86:82:e9:b8:
                    24:52:1c:ec:b1:68:50:09:29:25:f2:22:5d:a7:e8:
                    07:3b:1d:5b:fa:3d:0f:0d:6c:6d:28:a9:d4:67:86:
                    09:b7:72:1f:f7:96:60:77:06:6d:b7:57:66:bd:8a:
                    f7:6d:3c:54:19:ec:e0:45:54:c9:e9:bb:35:f8:fc:
                    fb:e9:3b:e8:7c:d4:a0:63:83:10:6d:36:97:22:c7:
                    ef:ae:c6:4e:94:8e:01:ae:9d:ee:fa:26:9e:b4:bf:
                    ba:38:78:e2:3d:37:ad:4b:15:34:6b:56:38:07:bf:
                    52:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:E5:D6:E1:FD:CF:A0:2F:4E:65:E8:DC:D7:07:79:E8:24:66:99:80
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/adaa4791-2396-4651-8851-2a7cbc3cb36f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f00:40d0::/48

    Signature Algorithm: sha256WithRSAEncryption
         35:8a:16:c4:94:9d:c4:9f:fa:51:a6:b7:ed:db:3e:0a:49:bb:
         5a:70:29:4a:d3:37:cb:f7:2d:76:43:32:3a:ad:99:75:51:18:
         e9:f9:b2:61:bf:c4:68:31:a7:ba:59:da:78:7b:5a:de:5c:20:
         5c:eb:bd:1d:40:23:c7:1e:43:83:3a:f0:01:97:00:a6:c7:a7:
         6e:82:20:0c:56:71:1a:8b:c2:83:c6:b3:97:8e:1d:de:5a:88:
         5a:b6:4e:d9:80:b9:e6:57:23:73:10:04:58:3a:1e:f9:b1:72:
         cb:77:2d:c2:bd:57:20:e4:14:d0:f2:30:4b:c8:2c:16:33:3b:
         ae:c2:ed:94:51:c0:b7:eb:b5:aa:40:93:9e:89:75:06:9e:c2:
         07:44:20:e1:e6:2b:df:bd:e8:43:2e:1a:9c:d8:a8:cc:57:80:
         df:17:e9:d8:dc:14:45:80:60:70:da:56:82:5b:7f:00:f1:5e:
         fe:93:d8:1b:3a:13:c6:10:55:54:4e:5a:52:78:03:61:b0:f0:
         9a:4e:31:8a:9b:4b:b9:e1:99:dd:0b:b9:cc:5a:86:7b:0b:6f:
         ff:a6:7d:93:8d:c4:6e:4c:b9:29:d1:1d:c8:8b:bc:d5:fe:08:
         06:d2:e4:7c:fc:4d:18:d3:32:2c:b3:56:10:98:c4:97:c3:4e:
         de:d9:3c:f8
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUVR/6ezh6LykXOM9q7jZ6EKcTuPEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDA0MTIxWhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A1ZjIwYzQ4ODU4NDYwNjdmZTNmNmIyMzM4Y2YxYTdhZDJi
NzZlZWIyZGMxNzAwYTlmOThiYzZkNTBlNzk2ZmE4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQClmZUPXjOzqCbnl9cIw3nsL6pAcfHvRKNbxQNtvhj75euZ
90/5BITGL7acD5D20dY6VRkhBYcha4ifBxXHkY8KVLU2hkf8txqbUnDwE2kWQq08
YA8M8xp6HxNE98zQtOwTanTquA62S5Cr9UfWbExUkrx5BgRCgvzQSgKni68BFPLH
QWg7lrpIn4bdwcG3ANmahoLpuCRSHOyxaFAJKSXyIl2n6Ac7HVv6PQ8NbG0oqdRn
hgm3ch/3lmB3Bm23V2a9ivdtPFQZ7OBFVMnpuzX4/PvpO+h81KBjgxBtNpcix++u
xk6UjgGune76Jp60v7o4eOI9N61LFTRrVjgHv1KtAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUJeXW4f3PoC9OZejc1wd56CRmmYAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FkYWE0NzkxLTIzOTYtNDY1MS04ODUxLTJhN2NiYzNjYjM2Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB8AQNAwDQYJKoZIhvcNAQELBQADggEBADWKFsSUncSf+lGmt+3bPgpJ
u1pwKUrTN8v3LXZDMjqtmXVRGOn5smG/xGgxp7pZ2nh7Wt5cIFzrvR1AI8ceQ4M6
8AGXAKbHp26CIAxWcRqLwoPGs5eOHd5aiFq2TtmAueZXI3MQBFg6Hvmxcst3LcK9
VyDkFNDyMEvILBYzO67C7ZRRwLfrtapAk56JdQaewgdEIOHmK9+96EMuGpzYqMxX
gN8X6djcFEWAYHDaVoJbfwDxXv6T2Bs6E8YQVVROWlJ4A2Gw8JpOMYqbS7nhmd0L
ucxahnsLb/+mfZONxG5MuSnRHciLvNX+CAbS5Hz8TRjTMiyzVhCYxJfDTt7ZPPg=
-----END CERTIFICATE-----