Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a586f7e6-d190-49ce-b214-346b4b821aa1.roa
File:                     a586f7e6-d190-49ce-b214-346b4b821aa1.roa (raw, json)
Hash identifier:          rgoF5xcHGNwgz5N0dMEjwFp4R3KUS05mgs/ZQnA4XIM=
Subject key identifier:   BD:95:54:B8:69:6D:30:BA:95:85:20:0B:E7:A7:6A:1C:FE:F9:B8:AC
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5022F46267DD7E689BAFCEAA9BC2DD760390E2FE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a586f7e6-d190-49ce-b214-346b4b821aa1.roa
Signing time:             Fri 26 Sep 2025 00:38:54 +0000
ROA not before:           Fri 26 Sep 2025 00:38:54 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f16:c800::/37 maxlen: 37
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:22:f4:62:67:dd:7e:68:9b:af:ce:aa:9b:c2:dd:76:03:90:e2:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 26 00:38:54 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=95d6a97e758d652e602a0383ffa0756cacdcd28679cd6bbc76487a8213f922b3, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:7a:3a:31:45:fa:64:48:48:91:65:25:f5:d6:
                    b2:eb:6a:15:e8:80:c3:05:0e:a0:c5:e6:05:2c:0f:
                    1f:88:da:df:f8:ec:8d:c3:b6:30:e6:1f:e3:cd:45:
                    56:c3:eb:48:df:b9:76:20:4f:5e:fa:98:78:44:bb:
                    23:c7:0f:78:89:1a:78:57:10:fa:aa:79:9c:64:18:
                    60:bb:af:fe:55:68:cb:35:7b:0c:ce:f4:ce:ae:e1:
                    ff:ee:0f:3b:dd:e8:c6:f2:a8:a2:37:ce:bc:f5:e6:
                    79:40:6e:a3:15:04:99:2e:3d:72:c0:d4:00:58:6d:
                    ed:b7:d7:c3:65:d5:d8:2a:c1:07:99:ee:94:39:57:
                    ae:8c:31:6c:b1:c3:ad:20:bc:39:71:d8:c8:59:39:
                    b6:b6:ec:81:dc:b1:ba:55:d1:99:5b:cb:14:63:12:
                    91:71:dd:75:63:62:c0:4b:07:cf:4a:e0:c3:66:f8:
                    58:50:8b:af:73:11:1b:4d:39:91:ce:7a:0e:12:77:
                    00:1d:e9:6e:3d:52:62:4e:bd:89:09:cc:fe:8d:c1:
                    e7:8c:73:4f:b2:e2:02:e2:31:30:0a:6c:3f:76:42:
                    60:19:fc:13:52:c9:f4:56:ff:1f:ca:11:d7:26:4c:
                    5a:bb:95:5a:d7:13:56:36:06:e1:1e:c0:28:30:86:
                    f7:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:95:54:B8:69:6D:30:BA:95:85:20:0B:E7:A7:6A:1C:FE:F9:B8:AC
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a586f7e6-d190-49ce-b214-346b4b821aa1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f16:c800::/37

    Signature Algorithm: sha256WithRSAEncryption
         d8:9c:90:37:9f:54:69:19:26:41:67:76:f0:88:8f:4d:5d:5e:
         3c:18:e1:42:a2:2b:c1:24:db:ef:80:57:41:c1:93:d1:1c:a5:
         11:6c:fd:40:a7:b0:ae:87:7e:e9:61:72:1d:7a:31:97:db:b0:
         db:6f:e2:cd:36:35:ad:6e:88:08:2e:51:41:3f:ab:88:80:94:
         6c:cd:c8:75:fb:09:2e:c4:6c:63:e4:09:53:0b:91:3f:8c:05:
         a5:bb:ff:4e:c2:75:fd:65:1d:78:a2:3b:3f:37:7e:8e:e4:61:
         6b:69:fd:9e:b7:c5:e1:40:ef:ce:a3:e8:2f:bb:80:86:88:6d:
         1d:01:ac:13:75:27:36:54:a1:52:7a:1f:7f:d6:bc:c2:87:7d:
         1e:01:d9:03:ee:82:1d:f8:00:cd:29:5a:82:81:35:84:6d:cb:
         8f:46:dc:2d:5d:9e:36:53:f4:9d:68:78:73:e8:9f:2f:77:ff:
         9e:f8:a3:bc:da:3c:9c:72:95:79:fc:68:eb:56:e8:55:e6:66:
         6e:e2:44:00:1e:80:28:38:75:b0:9e:a4:57:17:c0:95:f4:ba:
         aa:f1:40:c1:44:e0:3f:05:1a:d4:bb:21:ea:85:96:2f:9f:99:
         f1:8d:6c:fd:a2:99:f0:f3:15:6c:81:fd:53:e6:b4:9f:73:d9:
         99:c3:da:99
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUUCL0Ymfdfmibr86qm8LddgOQ4v4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI2MDAzODU0WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A5NWQ2YTk3ZTc1OGQ2NTJlNjAyYTAzODNmZmEwNzU2Y2Fj
ZGNkMjg2NzljZDZiYmM3NjQ4N2E4MjEzZjkyMmIzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+ejoxRfpkSEiRZSX11rLrahXogMMFDqDF5gUsDx+I2t/4
7I3DtjDmH+PNRVbD60jfuXYgT176mHhEuyPHD3iJGnhXEPqqeZxkGGC7r/5VaMs1
ewzO9M6u4f/uDzvd6MbyqKI3zrz15nlAbqMVBJkuPXLA1ABYbe2318Nl1dgqwQeZ
7pQ5V66MMWyxw60gvDlx2MhZOba27IHcsbpV0ZlbyxRjEpFx3XVjYsBLB89K4MNm
+FhQi69zERtNOZHOeg4SdwAd6W49UmJOvYkJzP6NweeMc0+y4gLiMTAKbD92QmAZ
/BNSyfRW/x/KEdcmTFq7lVrXE1Y2BuEewCgwhvdFAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUvZVUuGltMLqVhSAL56dqHP75uKwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E1ODZmN2U2LWQxOTAtNDljZS1iMjE0LTM0NmI0YjgyMWFhMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgMmAB8WyDANBgkqhkiG9w0BAQsFAAOCAQEA2JyQN59UaRkmQWd28IiPTV1e
PBjhQqIrwSTb74BXQcGT0RylEWz9QKewrod+6WFyHXoxl9uw22/izTY1rW6ICC5R
QT+riICUbM3IdfsJLsRsY+QJUwuRP4wFpbv/TsJ1/WUdeKI7Pzd+juRha2n9nrfF
4UDvzqPoL7uAhohtHQGsE3UnNlShUnoff9a8wod9HgHZA+6CHfgAzSlagoE1hG3L
j0bcLV2eNlP0nWh4c+ifL3f/nvijvNo8nHKVefxo61boVeZmbuJEAB6AKDh1sJ6k
VxfAlfS6qvFAwUTgPwUa1Lsh6oWWL5+Z8Y1s/aKZ8PMVbIH9U+a0n3PZmcPamQ==
-----END CERTIFICATE-----