Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/15744b95-7e2b-4853-b31b-c5b2711a1a35.roa
File:                     15744b95-7e2b-4853-b31b-c5b2711a1a35.roa (raw, json)
Hash identifier:          /SGCI4Lt2ulPc6iNxqToVZd9OrI11YqNcTI1zM9wO0A=
Subject key identifier:   A7:A5:F4:47:B2:97:7E:93:8B:40:CE:6D:2D:C2:5D:A1:D5:29:16:9E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3D004391958289AFB94606A9C6B99FA135A2BC82
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/15744b95-7e2b-4853-b31b-c5b2711a1a35.roa
Signing time:             Wed 12 Nov 2025 02:10:06 +0000
ROA not before:           Wed 12 Nov 2025 02:10:06 +0000
ROA not after:            Wed 17 Dec 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2600:1f15:c00::/38 maxlen: 38
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:00:43:91:95:82:89:af:b9:46:06:a9:c6:b9:9f:a1:35:a2:bc:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 12 02:10:06 2025 GMT
            Not After : Dec 17 23:59:59 2025 GMT
        Subject: serialNumber=91b90280b4fbefac741383614c452962c17b7ef0585ded11325d8eeffb988c6c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:7a:13:d4:dd:de:0f:b7:4f:a9:bf:b4:b3:70:
                    f8:0a:71:18:cb:5a:87:c1:1b:42:45:cf:66:b1:50:
                    48:06:9d:f3:68:9b:69:b6:19:a0:1e:0c:f4:8d:fb:
                    65:77:8f:ef:84:fc:6f:e5:2c:f2:b1:ff:e7:d5:42:
                    54:a9:1e:0a:e8:b1:a3:de:97:c3:c8:c3:92:b0:24:
                    57:29:6a:f6:12:88:b2:0a:59:f8:a1:41:4d:03:86:
                    c1:d0:1a:f5:bf:0f:39:a2:5f:5d:fe:1a:f0:04:0c:
                    5b:d9:f6:56:7a:52:6f:00:f8:3f:71:b4:e4:a5:5b:
                    42:7b:4d:ab:2b:df:8e:2f:41:ca:a1:5d:4d:d9:a6:
                    70:b6:29:08:4b:f5:09:9f:1d:c6:d3:a8:e1:d4:80:
                    c8:50:c7:2a:84:27:1e:3b:e2:94:18:43:b7:b0:c6:
                    57:3c:3b:ec:42:d6:81:b5:ca:7d:b2:43:69:f3:77:
                    71:79:08:e5:e4:67:3d:b0:ec:ad:55:98:5c:b9:60:
                    2d:71:0d:10:36:e0:30:36:56:7c:69:11:ea:13:3a:
                    86:4e:e0:09:2a:60:99:a4:5f:12:78:4d:52:bb:cf:
                    92:64:98:df:ff:7b:3b:1d:2e:26:1a:d5:81:65:3e:
                    59:4b:21:02:bd:9d:da:db:c4:25:85:e2:3f:6e:d6:
                    10:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:A5:F4:47:B2:97:7E:93:8B:40:CE:6D:2D:C2:5D:A1:D5:29:16:9E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/15744b95-7e2b-4853-b31b-c5b2711a1a35.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f15:c00::/38

    Signature Algorithm: sha256WithRSAEncryption
         7a:0d:fd:7d:6c:2c:7d:ff:d5:10:3f:9f:30:fe:01:34:7c:2a:
         b3:4b:7f:e3:12:c8:e0:8d:c7:8e:1f:c6:6a:69:7a:f1:98:b8:
         01:93:5d:69:76:d4:bd:e1:12:d2:0b:52:d6:92:e0:93:e5:ab:
         56:23:e1:a1:a8:0a:f0:74:33:3e:6e:20:38:fd:33:79:46:57:
         eb:40:5e:25:45:ce:89:f2:7b:6b:9b:7f:50:f3:c6:00:4d:f9:
         94:ff:9d:b9:e7:23:13:8f:12:6f:8e:df:6a:f0:be:c9:90:1e:
         59:31:71:0f:2e:3a:03:78:7e:af:54:68:8f:d8:b5:2f:22:ec:
         e8:4c:8b:1c:31:dd:2d:95:f2:69:d4:bb:2a:c2:7b:8e:3b:36:
         05:94:48:db:fc:9b:f0:44:85:2f:21:8d:b5:92:4c:c7:88:9c:
         31:23:13:61:5f:52:a0:c0:91:55:df:8c:76:5e:3b:39:f6:1a:
         1d:43:be:2d:13:5b:35:f0:a2:e9:77:d8:42:be:e1:d1:43:ff:
         18:ff:13:f7:75:fd:1c:16:1c:ec:81:18:81:71:f4:52:c6:2c:
         04:4e:cc:a2:86:3e:b8:4d:06:eb:b6:12:bc:56:62:5f:57:ad:
         ee:d0:87:ee:2d:cd:01:5d:30:8f:52:03:98:ed:24:fa:36:77:
         0a:a0:f8:59
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUPQBDkZWCia+5RgapxrmfoTWivIIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEyMDIxMDA2WhcNMjUxMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A5MWI5MDI4MGI0ZmJlZmFjNzQxMzgzNjE0YzQ1Mjk2MmMx
N2I3ZWYwNTg1ZGVkMTEzMjVkOGVlZmZiOTg4YzZjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpehPU3d4Pt0+pv7SzcPgKcRjLWofBG0JFz2axUEgGnfNo
m2m2GaAeDPSN+2V3j++E/G/lLPKx/+fVQlSpHgrosaPel8PIw5KwJFcpavYSiLIK
WfihQU0DhsHQGvW/DzmiX13+GvAEDFvZ9lZ6Um8A+D9xtOSlW0J7Tasr344vQcqh
XU3ZpnC2KQhL9QmfHcbTqOHUgMhQxyqEJx474pQYQ7ewxlc8O+xC1oG1yn2yQ2nz
d3F5COXkZz2w7K1VmFy5YC1xDRA24DA2VnxpEeoTOoZO4AkqYJmkXxJ4TVK7z5Jk
mN//ezsdLiYa1YFlPllLIQK9ndrbxCWF4j9u1hCJAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUp6X0R7KXfpOLQM5tLcJdodUpFp4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE1NzQ0Yjk1LTdlMmItNDg1My1iMzFiLWM1YjI3MTFhMWEzNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgImAB8VDDANBgkqhkiG9w0BAQsFAAOCAQEAeg39fWwsff/VED+fMP4BNHwq
s0t/4xLI4I3Hjh/Gaml68Zi4AZNdaXbUveES0gtS1pLgk+WrViPhoagK8HQzPm4g
OP0zeUZX60BeJUXOifJ7a5t/UPPGAE35lP+duecjE48Sb47favC+yZAeWTFxDy46
A3h+r1Roj9i1LyLs6EyLHDHdLZXyadS7KsJ7jjs2BZRI2/yb8ESFLyGNtZJMx4ic
MSMTYV9SoMCRVd+Mdl47OfYaHUO+LRNbNfCi6XfYQr7h0UP/GP8T93X9HBYc7IEY
gXH0UsYsBE7MooY+uE0G67YSvFZiX1et7tCH7i3NAV0wj1IDmO0k+jZ3CqD4WQ==
-----END CERTIFICATE-----