Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e5820bae-05d9-4969-ba5c-057ac64a8fa5.roa
File:                     e5820bae-05d9-4969-ba5c-057ac64a8fa5.roa (raw, json)
Hash identifier:          o1IXUJ02z94N3t+IAeqz2bxaciDDdJjniZ3NZP8/ONQ=
Subject key identifier:   2B:86:60:F6:21:7D:F4:2A:FB:F0:46:EC:91:B1:71:FB:43:33:FA:56
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2DEEDD99B60317069A69DF3E450C8AB8826F7B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e5820bae-05d9-4969-ba5c-057ac64a8fa5.roa
Signing time:             Tue 11 Nov 2025 01:20:12 +0000
ROA not before:           Tue 11 Nov 2025 01:20:12 +0000
ROA not after:            Tue 16 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f00:50c0::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:ee:dd:99:b6:03:17:06:9a:69:df:3e:45:0c:8a:b8:82:6f:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 11 01:20:12 2025 GMT
            Not After : Dec 16 23:59:59 2025 GMT
        Subject: serialNumber=6d304d12cfc50549cf52f4cdedd6e415031a7d41e7174bc63d42f01f867ffe13, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:c9:df:9f:ff:f6:7c:ac:a0:66:2c:d0:53:ef:
                    78:d0:3c:37:1d:2f:ad:12:db:73:fa:d8:20:ed:f0:
                    fb:30:3a:ab:07:41:ad:7d:dc:fb:86:cf:0b:0c:0a:
                    62:e2:56:d1:10:dd:2c:f1:70:7b:47:41:14:e3:e6:
                    bd:9c:fa:82:0a:58:9b:aa:f2:3c:ca:b2:b7:bd:8f:
                    98:dd:89:bd:5c:3c:eb:71:54:0c:bb:b5:8d:b4:31:
                    ef:3c:4f:3c:82:5e:46:a3:cf:d7:c0:86:99:57:3c:
                    4b:d0:39:b9:58:96:69:8b:b8:8d:6f:ac:7b:bb:8a:
                    9f:be:07:06:28:31:4f:01:e2:1f:c6:ce:60:a0:78:
                    ec:bb:fa:3a:94:a1:54:dc:23:58:38:a5:5f:f4:43:
                    11:19:6d:ac:11:37:99:dc:ad:cf:cd:89:0f:8b:80:
                    22:33:b6:b0:bc:85:dd:f5:a6:36:0d:fb:42:e3:42:
                    78:13:b9:cc:28:f8:12:84:b0:fb:6e:ea:25:59:ab:
                    38:66:f1:8d:03:fb:eb:77:bb:de:1b:d7:d4:0b:eb:
                    89:25:dd:81:f6:9c:a4:06:cc:9f:17:56:ca:08:ba:
                    52:db:37:59:36:32:f1:af:dd:6d:5a:ec:2e:82:e9:
                    32:a1:e9:f5:86:8c:b1:48:30:36:53:ea:13:4b:63:
                    36:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:86:60:F6:21:7D:F4:2A:FB:F0:46:EC:91:B1:71:FB:43:33:FA:56
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e5820bae-05d9-4969-ba5c-057ac64a8fa5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f00:50c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         6a:18:d9:71:04:1d:dc:dc:b2:66:4c:16:6f:44:d9:50:8a:76:
         c0:a6:85:54:87:24:a4:67:d3:af:72:af:09:f1:77:5a:cf:ba:
         5b:2d:58:6c:a4:b7:9e:44:04:6c:4e:95:d1:f5:42:e9:62:27:
         02:6f:84:a0:5a:a1:bc:73:08:ad:3a:a9:38:83:9f:94:11:95:
         82:08:d6:69:a4:9b:ca:47:f3:08:b9:c7:04:af:31:23:38:0d:
         55:f1:15:2f:9b:d8:49:4c:33:f0:a2:07:56:c6:7d:cd:74:1e:
         09:ca:e2:2f:37:00:12:0f:3f:ea:3a:1d:15:e8:ff:7b:8b:b3:
         1b:bd:a0:9d:2a:ad:fc:16:10:f4:25:83:83:07:96:40:fe:0d:
         73:52:4e:1c:46:c4:1a:a8:8f:c6:3f:71:fe:bc:17:98:a5:77:
         b1:ea:df:b6:a1:95:39:c7:1e:3b:30:90:0f:d9:d4:ad:83:d2:
         a1:e0:c0:cb:92:93:04:68:c7:d4:ba:30:d0:1b:a4:fd:e3:50:
         e3:d4:cd:c3:18:fc:49:d9:7a:80:6f:be:06:9a:63:c4:5f:13:
         38:b1:45:20:76:0f:55:1e:28:a7:7a:00:59:e2:60:42:b4:16:
         3e:7f:4f:a8:8b:b8:0b:61:ac:7f:d1:3f:a6:3f:80:9a:72:9f:
         ea:19:6f:70
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgITLe7dmbYDFwaaad8+RQyKuIJvezANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzI2ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAxOGQ0MmJlMzU4ZWIz
NzEwN2RiZThjYjcxZDBhNzAeFw0yNTExMTEwMTIwMTJaFw0yNTEyMTYyMzU5NTla
MHoxSTBHBgNVBAUTQDZkMzA0ZDEyY2ZjNTA1NDljZjUyZjRjZGVkZDZlNDE1MDMx
YTdkNDFlNzE3NGJjNjNkNDJmMDFmODY3ZmZlMTMxLTArBgNVBAMTJGIyNWM5NzBm
LWQ4MTMtNDQ1Yy1iZmUyLTYyNjY4NTE4Yzg3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALHJ35//9nysoGYs0FPveNA8Nx0vrRLbc/rYIO3w+zA6qwdB
rX3c+4bPCwwKYuJW0RDdLPFwe0dBFOPmvZz6ggpYm6ryPMqyt72PmN2JvVw863FU
DLu1jbQx7zxPPIJeRqPP18CGmVc8S9A5uViWaYu4jW+se7uKn74HBigxTwHiH8bO
YKB47Lv6OpShVNwjWDilX/RDERltrBE3mdytz82JD4uAIjO2sLyF3fWmNg37QuNC
eBO5zCj4EoSw+27qJVmrOGbxjQP763e73hvX1AvriSXdgfacpAbMnxdWygi6Uts3
WTYy8a/dbVrsLoLpMqHp9YaMsUgwNlPqE0tjNv8CAwEAAaOCArQwggKwMB0GA1Ud
DgQWBBQrhmD2IX30KvvwRuyRsXH7QzP6VjAfBgNVHSMEGDAWgBQQXdeNVXhAq0Nd
vRUhII8p+kk/rjAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzFiYTMwMmI4LThk
YWItNDkxZC1iOWVkLWQ3YzkyZDAzMGQ4Mi82ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAx
OGQ0MmJlMzU4ZWIzNzEwN2RiZThjYjcxZDBhNy5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8yMGFhMzI5Yi1mYzUyLTRjNjEtYmY1My0wOTcy
NWMwNDI5NDIvZTU4MjBiYWUtMDVkOS00OTY5LWJhNWMtMDU3YWM2NGE4ZmE1LnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMt
MDk3MjVjMDQyOTQyL19xeDNSSjhCalVLLU5ZNnpjUWZiNk10eDBLYy5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACYAHwBQwDANBgkqhkiG9w0BAQsFAAOCAQEAahjZcQQd3NyyZkwWb0TZUIp2
wKaFVIckpGfTr3KvCfF3Ws+6Wy1YbKS3nkQEbE6V0fVC6WInAm+EoFqhvHMIrTqp
OIOflBGVggjWaaSbykfzCLnHBK8xIzgNVfEVL5vYSUwz8KIHVsZ9zXQeCcriLzcA
Eg8/6jodFej/e4uzG72gnSqt/BYQ9CWDgweWQP4Nc1JOHEbEGqiPxj9x/rwXmKV3
serftqGVOcceOzCQD9nUrYPSoeDAy5KTBGjH1Low0Buk/eNQ49TNwxj8Sdl6gG++
BppjxF8TOLFFIHYPVR4op3oAWeJgQrQWPn9PqIu4C2Gsf9E/pj+AmnKf6hlvcA==
-----END CERTIFICATE-----