Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f7fd3545-77f1-4387-9569-710d9169bc6e.roa
File:                     f7fd3545-77f1-4387-9569-710d9169bc6e.roa (raw, json)
Hash identifier:          0Twk0MveD46mG5l0LVOgKhhfSCz3ZNQ7k6b8kiuSLoo=
Subject key identifier:   35:FB:33:43:73:0C:8B:14:FD:CB:47:49:61:64:1A:2B:3F:55:00:08
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4F947F01F8FA1D70F73768DB2AEE4508996A67AB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f7fd3545-77f1-4387-9569-710d9169bc6e.roa
Signing time:             Fri 31 Oct 2025 00:50:39 +0000
ROA not before:           Fri 31 Oct 2025 00:50:39 +0000
ROA not after:            Fri 05 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ffd:8000::/36 maxlen: 36
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:94:7f:01:f8:fa:1d:70:f7:37:68:db:2a:ee:45:08:99:6a:67:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 31 00:50:39 2025 GMT
            Not After : Dec  5 23:59:59 2025 GMT
        Subject: serialNumber=cf934599244836b56b1c6728f3c54d96c96c9e27f06e45d1b56d74cc88bb5e77, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:5d:08:37:2f:7e:0c:6a:73:68:c5:85:04:0d:
                    0e:42:82:88:b2:b9:d8:21:8b:6f:79:e6:49:a4:6f:
                    91:17:6c:31:56:d6:58:8c:f7:dd:31:07:28:44:1c:
                    19:3c:12:10:75:39:14:2e:b6:e2:e7:e6:72:92:02:
                    ad:ae:cf:cb:c9:a9:66:43:c1:4a:8c:00:27:a5:75:
                    c3:a1:26:9f:31:a0:20:f7:8b:d3:0d:7b:a5:04:87:
                    dc:42:05:f4:71:e5:f2:6e:a6:c4:3f:4e:3f:48:35:
                    60:16:3e:d9:23:95:11:7d:40:e8:e9:ec:1a:3c:9f:
                    54:ac:c2:bc:23:9d:c5:f8:98:35:b5:d4:8a:a6:17:
                    19:4d:22:7e:95:2e:7a:dd:70:10:64:54:bb:f5:52:
                    e5:ce:3c:bc:27:8c:1c:4e:6b:e4:05:ba:ba:7b:fa:
                    fc:3a:22:5f:34:54:11:c3:04:b1:63:56:77:52:f9:
                    35:c8:cf:c9:a0:6e:2d:e4:47:4d:c2:9f:95:55:df:
                    ac:95:7a:27:d0:06:58:85:a1:c6:19:8c:aa:45:eb:
                    53:2b:3b:27:26:db:52:41:52:79:eb:08:8e:a3:4c:
                    15:f3:00:3a:12:b2:41:73:4c:84:96:47:4d:51:32:
                    1e:eb:29:00:51:ad:06:cb:85:a7:11:a2:15:d3:23:
                    d4:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:FB:33:43:73:0C:8B:14:FD:CB:47:49:61:64:1A:2B:3F:55:00:08
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f7fd3545-77f1-4387-9569-710d9169bc6e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ffd:8000::/36

    Signature Algorithm: sha256WithRSAEncryption
         12:e4:6c:f9:a2:9f:e5:d2:bc:5e:c9:3e:7f:cd:6c:38:eb:66:
         31:d3:f5:0b:fd:fc:e3:5b:55:80:36:e2:6c:2c:99:21:91:52:
         56:34:f5:22:e4:9b:41:a0:90:a1:26:55:cc:3a:86:68:a5:18:
         fe:0a:74:44:89:92:02:d4:af:7b:06:24:6e:ad:04:d7:76:cf:
         52:e9:23:ec:e5:a9:c8:c7:bd:bc:02:df:0a:09:55:59:16:d5:
         df:34:5a:8d:a0:68:20:bb:25:d4:e8:6c:cf:a2:72:d4:63:2b:
         18:07:b3:3c:63:dc:99:de:11:c6:80:94:ad:ea:d2:88:4a:f0:
         e6:4a:88:0e:01:9a:fd:e8:2f:d5:57:a3:c1:a4:e0:e7:a9:b7:
         9a:14:80:19:16:db:87:f0:ad:62:9e:f0:db:2e:cf:a5:43:0b:
         5b:f2:f1:0c:e7:cf:a9:3a:ad:7d:d6:fb:e3:4a:11:53:89:ca:
         c8:7c:bc:15:57:88:5e:af:da:b2:cc:28:12:e5:35:db:a7:3b:
         70:4f:b8:7b:98:5e:1f:b2:c5:18:57:eb:1a:08:90:47:9b:55:
         0b:1e:32:88:07:8b:80:73:b3:08:ea:7c:dc:3b:24:cc:c2:f7:
         5c:3b:dd:b9:90:f5:b7:8c:31:5c:b8:1b:c5:de:ef:ae:c3:b0:
         59:1b:3e:2d
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUT5R/Afj6HXD3N2jbKu5FCJlqZ6swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDMxMDA1MDM5WhcNMjUxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BjZjkzNDU5OTI0NDgzNmI1NmIxYzY3MjhmM2M1NGQ5NmM5
NmM5ZTI3ZjA2ZTQ1ZDFiNTZkNzRjYzg4YmI1ZTc3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2XQg3L34ManNoxYUEDQ5Cgoiyudghi2955kmkb5EXbDFW
1liM990xByhEHBk8EhB1ORQutuLn5nKSAq2uz8vJqWZDwUqMACeldcOhJp8xoCD3
i9MNe6UEh9xCBfRx5fJupsQ/Tj9INWAWPtkjlRF9QOjp7Bo8n1SswrwjncX4mDW1
1IqmFxlNIn6VLnrdcBBkVLv1UuXOPLwnjBxOa+QFurp7+vw6Il80VBHDBLFjVndS
+TXIz8mgbi3kR03Cn5VV36yVeifQBliFocYZjKpF61MrOycm21JBUnnrCI6jTBXz
ADoSskFzTISWR01RMh7rKQBRrQbLhacRohXTI9STAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUNfszQ3MMixT9y0dJYWQaKz9VAAgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Y3ZmQzNTQ1LTc3ZjEtNDM4Ny05NTY5LTcxMGQ5MTY5YmM2ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB/9gDANBgkqhkiG9w0BAQsFAAOCAQEAEuRs+aKf5dK8Xsk+f81sOOtm
MdP1C/3841tVgDbibCyZIZFSVjT1IuSbQaCQoSZVzDqGaKUY/gp0RImSAtSvewYk
bq0E13bPUukj7OWpyMe9vALfCglVWRbV3zRajaBoILsl1Ohsz6Jy1GMrGAezPGPc
md4RxoCUrerSiErw5kqIDgGa/egv1VejwaTg56m3mhSAGRbbh/CtYp7w2y7PpUML
W/LxDOfPqTqtfdb740oRU4nKyHy8FVeIXq/asswoEuU126c7cE+4e5heH7LFGFfr
GgiQR5tVCx4yiAeLgHOzCOp83DskzML3XDvduZD1t4wxXLgbxd7vrsOwWRs+LQ==
-----END CERTIFICATE-----