Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fba6b008-4b15-445e-bf72-4181fbf88a82.roa
File:                     fba6b008-4b15-445e-bf72-4181fbf88a82.roa (raw, json)
Hash identifier:          Ox0Q/b3TCgCt2cSUEiL+Z/g72DwhSTn+HL7TTF+6/6g=
Subject key identifier:   62:B5:66:E0:05:A9:1F:8A:C5:A3:B1:70:A3:3D:F8:0D:0A:F8:B1:FA
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1542A5BC70B5DDB5CCE874F73A8F9B8CCC4FFC78
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fba6b008-4b15-445e-bf72-4181fbf88a82.roa
Signing time:             Tue 11 Nov 2025 02:00:05 +0000
ROA not before:           Tue 11 Nov 2025 02:00:05 +0000
ROA not after:            Tue 16 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f00:6040::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:42:a5:bc:70:b5:dd:b5:cc:e8:74:f7:3a:8f:9b:8c:cc:4f:fc:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 11 02:00:05 2025 GMT
            Not After : Dec 16 23:59:59 2025 GMT
        Subject: serialNumber=c007cb86faa3f9b764d020ba7ef3c2b996819c97bbe3402660c5c03770c1be23, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:1b:49:32:3a:17:81:ab:18:93:46:f5:bf:24:
                    ba:8c:de:62:c1:08:cc:a3:5d:e5:4a:33:41:54:aa:
                    bd:b6:0f:17:3c:69:a0:84:a9:f5:57:3b:78:47:84:
                    65:d2:e7:fd:0d:db:8b:58:aa:ad:39:79:d4:d8:dd:
                    18:8e:9d:43:d7:bd:a5:61:c6:36:db:17:05:98:f5:
                    b5:0e:6b:ca:65:e6:0f:2d:be:ef:1e:c1:6c:2b:7f:
                    90:7c:b5:8b:75:b3:9f:1c:03:35:ad:ab:70:ff:5a:
                    8c:b1:8f:53:42:0e:69:9e:31:33:b0:7d:df:ae:0f:
                    b5:24:03:e2:62:38:ae:7d:42:f1:66:8b:64:33:8a:
                    7d:9c:d0:62:c7:69:97:95:10:d9:73:98:64:2c:17:
                    7c:2f:15:4a:e9:25:d4:a4:6a:49:f3:62:3c:b5:c5:
                    00:8e:28:95:7d:52:ac:5a:2b:ad:a8:5e:a0:99:40:
                    22:70:29:0e:02:d8:e7:36:2d:26:82:b6:ea:7f:40:
                    80:47:2f:5e:f4:43:6c:fa:ab:22:b4:82:d4:1b:da:
                    ed:80:e1:ae:ca:5c:d6:8e:c8:f8:2c:64:d4:20:bc:
                    d0:01:79:2d:19:3b:fa:58:9e:25:ad:28:a9:5b:c2:
                    c3:ed:8b:a9:59:1e:d7:cd:91:66:78:6e:af:2f:39:
                    d8:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:B5:66:E0:05:A9:1F:8A:C5:A3:B1:70:A3:3D:F8:0D:0A:F8:B1:FA
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fba6b008-4b15-445e-bf72-4181fbf88a82.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f00:6040::/48

    Signature Algorithm: sha256WithRSAEncryption
         6f:16:d3:52:61:53:fc:cb:86:4d:cd:c1:da:03:4c:1a:98:69:
         85:13:82:5e:67:19:a2:c2:f1:3b:01:21:09:90:3e:ff:41:fc:
         27:40:7d:a2:21:51:63:52:ec:26:e2:d2:e3:21:d4:5e:19:b7:
         0b:99:87:42:70:7b:40:b7:07:a6:9f:90:ab:cf:b3:a5:7d:5e:
         86:12:d5:74:a8:90:ff:da:03:39:3a:1a:4d:f6:9a:ff:cf:fa:
         79:8f:e0:7a:ce:7a:30:91:71:85:50:4e:ba:6b:59:3f:a7:17:
         a7:de:b2:35:ba:71:15:b6:fc:54:d1:54:1d:a7:62:e6:02:83:
         14:ad:48:8a:51:47:17:e6:07:34:3c:36:97:d4:d9:66:06:dc:
         c4:cc:12:50:67:83:f0:f1:62:10:0d:57:95:b1:5d:b8:b4:1e:
         be:6c:09:e1:a7:eb:fe:4c:00:13:c8:d4:dd:e8:21:87:e6:e9:
         47:cb:e3:7f:6e:b9:f4:76:65:c8:d7:28:48:39:51:5e:c8:8f:
         d6:ac:35:78:53:16:ab:a6:bc:66:5c:4c:8a:e5:eb:03:e9:6e:
         63:f4:b5:e1:39:73:00:40:09:fb:7d:3b:48:d8:5c:3a:7a:1f:
         63:f6:a3:ff:2b:0e:3e:f1:eb:a5:5b:fd:8d:49:ba:a1:5d:35:
         a1:cc:ed:40
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUFUKlvHC13bXM6HT3Oo+bjMxP/HgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDIwMDA1WhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BjMDA3Y2I4NmZhYTNmOWI3NjRkMDIwYmE3ZWYzYzJiOTk2
ODE5Yzk3YmJlMzQwMjY2MGM1YzAzNzcwYzFiZTIzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDbG0kyOheBqxiTRvW/JLqM3mLBCMyjXeVKM0FUqr22Dxc8
aaCEqfVXO3hHhGXS5/0N24tYqq05edTY3RiOnUPXvaVhxjbbFwWY9bUOa8pl5g8t
vu8ewWwrf5B8tYt1s58cAzWtq3D/Woyxj1NCDmmeMTOwfd+uD7UkA+JiOK59QvFm
i2Qzin2c0GLHaZeVENlzmGQsF3wvFUrpJdSkaknzYjy1xQCOKJV9UqxaK62oXqCZ
QCJwKQ4C2Oc2LSaCtup/QIBHL170Q2z6qyK0gtQb2u2A4a7KXNaOyPgsZNQgvNAB
eS0ZO/pYniWtKKlbwsPti6lZHtfNkWZ4bq8vOdj7AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUYrVm4AWpH4rFo7Fwoz34DQr4sfowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ZiYTZiMDA4LTRiMTUtNDQ1ZS1iZjcyLTQxODFmYmY4OGE4Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB8AYEAwDQYJKoZIhvcNAQELBQADggEBAG8W01JhU/zLhk3NwdoDTBqY
aYUTgl5nGaLC8TsBIQmQPv9B/CdAfaIhUWNS7Cbi0uMh1F4ZtwuZh0Jwe0C3B6af
kKvPs6V9XoYS1XSokP/aAzk6Gk32mv/P+nmP4HrOejCRcYVQTrprWT+nF6fesjW6
cRW2/FTRVB2nYuYCgxStSIpRRxfmBzQ8NpfU2WYG3MTMElBng/DxYhANV5WxXbi0
Hr5sCeGn6/5MABPI1N3oIYfm6UfL439uufR2ZcjXKEg5UV7Ij9asNXhTFqumvGZc
TIrl6wPpbmP0teE5cwBACft9O0jYXDp6H2P2o/8rDj7x66Vb/Y1JuqFdNaHM7UA=
-----END CERTIFICATE-----