Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bd071994-2f6d-4abe-9d59-0adb3a6c8a49.roa
File:                     bd071994-2f6d-4abe-9d59-0adb3a6c8a49.roa (raw, json)
Hash identifier:          vspIM94gSpO/QS9HPBEpFVLmIbpOjvcZspSDXHeNkqs=
Subject key identifier:   95:76:47:65:97:5E:1D:F7:CD:89:CE:52:EC:D0:7B:73:71:B7:E9:D8
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       16FBADA8B6559A6E835E4BCB9932522F47778454
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bd071994-2f6d-4abe-9d59-0adb3a6c8a49.roa
Signing time:             Wed 12 Nov 2025 01:50:55 +0000
ROA not before:           Wed 12 Nov 2025 01:50:55 +0000
ROA not after:            Wed 17 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f14:4000::/37 maxlen: 37
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:fb:ad:a8:b6:55:9a:6e:83:5e:4b:cb:99:32:52:2f:47:77:84:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 12 01:50:55 2025 GMT
            Not After : Dec 17 23:59:59 2025 GMT
        Subject: serialNumber=491981b30dcd07673533f00f88ec8611d7a8e690580ab01eda4b27b071b1e9d3, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:23:1c:c8:a2:03:9f:ef:e9:99:c6:bb:96:b8:
                    55:3d:a6:bb:8c:a4:b0:a0:14:03:0f:6f:e7:ff:8c:
                    9c:96:5c:2b:d4:1d:5d:17:9f:10:6c:08:7a:79:21:
                    99:d3:a2:eb:96:ad:cb:a7:ff:30:5c:10:c1:c6:22:
                    c6:25:d7:b8:a5:e6:b7:46:67:50:72:ff:25:2f:ca:
                    cd:30:d4:5e:9b:d9:a7:ab:05:3a:50:df:61:5d:03:
                    82:86:7b:2c:ee:2b:f7:be:12:34:1d:42:c0:dd:86:
                    a2:68:02:87:46:94:4c:98:d6:ec:8a:b9:74:19:4e:
                    2a:31:46:33:63:de:75:aa:0c:5f:82:7b:50:f4:80:
                    70:78:95:85:fb:6c:5e:04:62:97:0d:69:93:31:25:
                    6a:99:7c:2b:17:a3:b8:b7:03:b0:3d:57:5c:6a:db:
                    14:62:bf:0f:d9:75:bb:e2:f9:1b:d7:7f:58:e0:2b:
                    75:bd:da:f4:10:07:9a:18:9e:f9:ee:f3:20:35:bc:
                    99:2f:35:0a:25:05:3d:56:46:a4:51:c9:11:eb:9c:
                    47:dd:6c:db:40:11:aa:5d:14:29:60:79:6d:7c:27:
                    a4:60:81:77:dd:8c:fb:be:d8:99:36:9a:95:a1:d7:
                    9d:16:4d:03:c8:30:18:bc:11:57:53:68:5f:3d:d9:
                    de:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:76:47:65:97:5E:1D:F7:CD:89:CE:52:EC:D0:7B:73:71:B7:E9:D8
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bd071994-2f6d-4abe-9d59-0adb3a6c8a49.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f14:4000::/37

    Signature Algorithm: sha256WithRSAEncryption
         48:44:a5:1a:14:15:52:94:6c:78:d7:cd:1e:76:8b:f9:52:2e:
         c5:7e:a8:56:d8:00:ae:4e:03:75:40:6d:31:f3:21:2b:a5:62:
         27:78:f8:13:54:6b:cf:13:8f:c4:09:bf:99:b6:b7:4a:5c:33:
         9e:ea:35:65:b9:f0:9f:66:f1:8b:e8:52:21:e6:d9:63:e2:17:
         a3:06:72:24:e1:da:8f:dd:0a:22:73:26:be:d4:f8:dc:4e:7e:
         2d:e9:a7:3a:eb:fd:2f:df:32:01:79:8d:d9:65:b2:a3:51:29:
         2c:6c:88:bb:94:79:79:a8:f8:41:45:c9:3e:16:78:d6:32:b5:
         43:bd:9f:71:34:7a:24:99:80:24:4b:c8:1b:76:65:7a:22:b9:
         68:21:0a:87:5c:3e:bb:a1:68:3a:28:11:0c:79:c7:1d:c1:4d:
         5f:94:fa:f8:34:b7:62:0d:c9:77:ba:cc:ce:4d:69:5f:3f:ab:
         99:e0:90:21:47:6a:59:58:57:7d:09:f5:fd:a1:69:bd:9c:ce:
         a8:39:ad:3a:c9:0c:d0:b5:6c:99:a8:a9:6a:d0:13:74:6a:5f:
         7a:2d:08:ee:47:9c:9e:dd:39:79:de:f7:55:7d:7c:19:2b:b6:
         a1:b8:9b:e4:13:a7:49:0f:c5:62:5d:a9:35:eb:58:ae:88:2b:
         43:a0:59:74
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUFvutqLZVmm6DXkvLmTJSL0d3hFQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEyMDE1MDU1WhcNMjUxMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A0OTE5ODFiMzBkY2QwNzY3MzUzM2YwMGY4OGVjODYxMWQ3
YThlNjkwNTgwYWIwMWVkYTRiMjdiMDcxYjFlOWQzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCfIxzIogOf7+mZxruWuFU9pruMpLCgFAMPb+f/jJyWXCvU
HV0XnxBsCHp5IZnTouuWrcun/zBcEMHGIsYl17il5rdGZ1By/yUvys0w1F6b2aer
BTpQ32FdA4KGeyzuK/e+EjQdQsDdhqJoAodGlEyY1uyKuXQZTioxRjNj3nWqDF+C
e1D0gHB4lYX7bF4EYpcNaZMxJWqZfCsXo7i3A7A9V1xq2xRivw/Zdbvi+RvXf1jg
K3W92vQQB5oYnvnu8yA1vJkvNQolBT1WRqRRyRHrnEfdbNtAEapdFClgeW18J6Rg
gXfdjPu+2Jk2mpWh150WTQPIMBi8EVdTaF892d6ZAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUlXZHZZdeHffNic5S7NB7c3G36dgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JkMDcxOTk0LTJmNmQtNGFiZS05ZDU5LTBhZGIzYTZjOGE0OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgMmAB8UQDANBgkqhkiG9w0BAQsFAAOCAQEASESlGhQVUpRseNfNHnaL+VIu
xX6oVtgArk4DdUBtMfMhK6ViJ3j4E1RrzxOPxAm/mba3Slwznuo1Zbnwn2bxi+hS
IebZY+IXowZyJOHaj90KInMmvtT43E5+LemnOuv9L98yAXmN2WWyo1EpLGyIu5R5
eaj4QUXJPhZ41jK1Q72fcTR6JJmAJEvIG3ZleiK5aCEKh1w+u6FoOigRDHnHHcFN
X5T6+DS3Yg3Jd7rMzk1pXz+rmeCQIUdqWVhXfQn1/aFpvZzOqDmtOskM0LVsmaip
atATdGpfei0I7kecnt05ed73VX18GSu2obib5BOnSQ/FYl2pNetYrogrQ6BZdA==
-----END CERTIFICATE-----