Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4bcbc762-63cb-4216-960c-cf87023fe104.roa
File:                     4bcbc762-63cb-4216-960c-cf87023fe104.roa (raw, json)
Hash identifier:          wTuJiWJd5a+xEIf5pWnl3W10Z+3xxqg5twjzOyHSKZU=
Subject key identifier:   50:51:DA:FC:74:0F:14:6B:16:AA:4B:BD:FA:82:56:2F:AC:BB:7C:96
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7D051A7DDA0481DEA847B23907595EEC5477A96C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4bcbc762-63cb-4216-960c-cf87023fe104.roa
Signing time:             Fri 17 Oct 2025 20:10:21 +0000
ROA not before:           Fri 17 Oct 2025 20:10:21 +0000
ROA not after:            Fri 21 Nov 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2600:1ff2:50c0::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:05:1a:7d:da:04:81:de:a8:47:b2:39:07:59:5e:ec:54:77:a9:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 17 20:10:21 2025 GMT
            Not After : Nov 21 23:59:59 2025 GMT
        Subject: serialNumber=5484d617b478ab20bffd1893e3ea87d13352a88629cf0c83bfb2376444fea8ec, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:4a:b6:c1:e4:8d:9c:1d:33:04:6c:79:2d:6a:
                    b3:60:cd:33:2a:c3:cc:6a:2c:50:23:63:fa:3f:53:
                    1f:fb:6b:d5:fe:c1:dc:d8:24:27:74:62:dc:41:60:
                    0f:0a:fb:db:cf:7c:6a:6d:85:a3:a2:3a:73:1e:83:
                    d7:64:94:16:c4:32:f9:ea:8c:dc:f9:5f:ab:02:ce:
                    fa:ff:4c:ee:7d:22:43:56:f3:35:8f:e0:8b:e7:26:
                    35:7d:63:f7:28:fe:7a:3f:c2:4a:e5:77:81:61:28:
                    75:4f:78:0d:f8:ad:d6:fa:c3:87:23:4d:5d:db:cb:
                    6e:c9:d0:70:52:02:cb:2b:59:da:67:c1:b4:a4:9c:
                    e7:55:b1:a3:06:71:ea:bd:30:71:49:15:44:37:f6:
                    cc:6b:f1:23:ad:3f:62:6c:74:0f:14:65:11:84:f3:
                    b0:0b:34:d7:dc:ad:ce:1e:41:ea:a5:0e:1e:b1:60:
                    32:c9:c5:b6:11:ed:9f:4d:8c:46:a5:04:c5:d2:24:
                    d9:1c:66:ed:08:35:f6:7a:d4:09:5a:65:c0:4c:d2:
                    3c:f6:d7:cd:d3:3a:e8:1d:ca:e0:a3:43:ae:3e:c6:
                    f6:e5:3b:79:74:7e:99:e3:85:0f:43:57:1a:04:df:
                    e2:1c:f6:cb:42:5e:15:a1:52:e3:b4:01:dc:3f:9e:
                    e3:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:51:DA:FC:74:0F:14:6B:16:AA:4B:BD:FA:82:56:2F:AC:BB:7C:96
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4bcbc762-63cb-4216-960c-cf87023fe104.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff2:50c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         45:b6:ba:0c:0b:d3:e5:aa:09:c7:db:9d:a5:35:e4:66:5a:60:
         5d:ad:24:ce:bf:10:db:3d:62:2a:da:9e:46:1c:72:c3:39:dd:
         9f:fd:18:91:41:39:ed:bc:7e:aa:1b:07:b5:65:32:bf:cc:4c:
         c4:33:6d:cc:e9:77:30:9c:4f:a4:0c:6d:50:0c:f0:c5:52:28:
         85:fa:00:3a:19:0d:5a:e2:28:ec:d8:14:90:38:2b:56:cf:e6:
         e5:95:29:8f:66:4d:42:32:3e:15:d2:ac:95:8b:0c:4d:41:bc:
         72:e7:db:87:7c:0a:d1:5f:c8:59:d9:3e:d5:27:09:38:54:42:
         81:6f:63:94:cf:a9:78:9c:62:0a:87:93:71:8a:2b:16:58:ee:
         0e:2a:4f:4d:d7:d7:1c:5d:66:16:75:5c:12:1a:fe:7a:60:4b:
         a3:b2:95:8a:18:16:5f:28:2c:e4:ed:6d:a2:47:f1:1e:6e:88:
         ce:81:00:4a:a0:17:60:6f:20:9a:fe:71:4c:43:b5:65:7e:f6:
         6e:07:94:18:e0:f3:d3:c4:70:3c:36:2c:60:f0:82:bf:d4:b3:
         b0:c9:4b:96:67:fa:f5:3c:75:df:ac:20:f8:97:a0:88:fa:27:
         c3:85:0b:92:0f:62:86:38:34:ba:8e:82:eb:bc:08:5c:dd:cf:
         a7:fd:1b:49
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUfQUafdoEgd6oR7I5B1le7FR3qWwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE3MjAxMDIxWhcNMjUxMTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0A1NDg0ZDYxN2I0NzhhYjIwYmZmZDE4OTNlM2VhODdkMTMz
NTJhODg2MjljZjBjODNiZmIyMzc2NDQ0ZmVhOGVjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDGSrbB5I2cHTMEbHktarNgzTMqw8xqLFAjY/o/Ux/7a9X+
wdzYJCd0YtxBYA8K+9vPfGpthaOiOnMeg9dklBbEMvnqjNz5X6sCzvr/TO59IkNW
8zWP4IvnJjV9Y/co/no/wkrld4FhKHVPeA34rdb6w4cjTV3by27J0HBSAssrWdpn
wbSknOdVsaMGceq9MHFJFUQ39sxr8SOtP2JsdA8UZRGE87ALNNfcrc4eQeqlDh6x
YDLJxbYR7Z9NjEalBMXSJNkcZu0INfZ61AlaZcBM0jz2183TOugdyuCjQ64+xvbl
O3l0fpnjhQ9DVxoE3+Ic9stCXhWhUuO0Adw/nuO9AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUUFHa/HQPFGsWqku9+oJWL6y7fJYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRiY2JjNzYyLTYzY2ItNDIxNi05NjBjLWNmODcwMjNmZTEwNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB/yUMAwDQYJKoZIhvcNAQELBQADggEBAEW2ugwL0+WqCcfbnaU15GZa
YF2tJM6/ENs9YirankYccsM53Z/9GJFBOe28fqobB7VlMr/MTMQzbczpdzCcT6QM
bVAM8MVSKIX6ADoZDVriKOzYFJA4K1bP5uWVKY9mTUIyPhXSrJWLDE1BvHLn24d8
CtFfyFnZPtUnCThUQoFvY5TPqXicYgqHk3GKKxZY7g4qT03X1xxdZhZ1XBIa/npg
S6OylYoYFl8oLOTtbaJH8R5uiM6BAEqgF2BvIJr+cUxDtWV+9m4HlBjg89PEcDw2
LGDwgr/Us7DJS5Zn+vU8dd+sIPiXoIj6J8OFC5IPYoY4NLqOguu8CFzdz6f9G0k=
-----END CERTIFICATE-----