Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ab98bfdb-9af4-412f-87c6-d3448c52456d.roa
File:                     ab98bfdb-9af4-412f-87c6-d3448c52456d.roa (raw, json)
Hash identifier:          yWh+Me3YNnAu5dtbn7nAqSXBPf6lWxOUruzGufDvZOM=
Subject key identifier:   A1:1C:4F:88:5B:F7:25:95:0A:AE:9C:9F:08:CB:19:E8:BB:6E:0E:1F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       744794EB0701114C81BA98E9A782C4992080FA1B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ab98bfdb-9af4-412f-87c6-d3448c52456d.roa
Signing time:             Sun 26 Oct 2025 00:40:07 +0000
ROA not before:           Sun 26 Oct 2025 00:40:07 +0000
ROA not after:            Sun 30 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ffd:8143::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:47:94:eb:07:01:11:4c:81:ba:98:e9:a7:82:c4:99:20:80:fa:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 26 00:40:07 2025 GMT
            Not After : Nov 30 23:59:59 2025 GMT
        Subject: serialNumber=08227d7bdcb7c63e95eb349a9a061b903549628852a0a08d106c0c831769d3ed, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:76:8d:95:e7:02:70:83:00:24:83:1b:17:50:
                    14:05:09:ac:b4:dd:9c:43:8b:59:a3:03:83:80:cb:
                    53:99:0d:08:21:3e:62:2b:85:f0:fa:10:89:a9:fd:
                    88:61:9a:f7:c8:97:ae:8b:ef:4e:ee:b7:4a:91:83:
                    bf:23:79:db:0b:04:4a:fe:e5:39:b8:a6:45:8f:86:
                    d7:68:ec:cb:45:d5:42:43:44:19:df:d8:c6:92:03:
                    fc:6e:25:0a:cc:f2:e3:dc:95:14:c7:3a:c5:c2:94:
                    52:58:a1:33:69:9d:eb:ca:8a:06:68:7b:01:7d:25:
                    8c:36:e7:59:71:d1:54:74:e8:33:87:85:f8:cc:dd:
                    75:bb:1e:ef:4e:47:48:b1:be:a8:1e:8c:dc:44:bc:
                    a1:15:8e:f6:53:f6:47:be:9c:d6:ca:5b:89:e0:5c:
                    e4:a6:02:7e:0f:ae:ec:fc:85:c0:24:61:3b:3d:b5:
                    11:a6:7b:12:5f:1b:31:82:f5:44:e3:03:5e:3b:e7:
                    4e:88:52:b9:d2:82:28:49:56:51:4f:33:d2:6c:3e:
                    e0:b6:13:8a:0e:59:81:5c:18:9d:36:09:75:d3:68:
                    0a:3c:4b:b3:92:92:c5:f8:6e:b3:8d:5e:d3:3e:72:
                    38:30:92:a3:5a:20:0b:8d:16:d2:b0:82:fb:f5:dc:
                    e4:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:1C:4F:88:5B:F7:25:95:0A:AE:9C:9F:08:CB:19:E8:BB:6E:0E:1F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ab98bfdb-9af4-412f-87c6-d3448c52456d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ffd:8143::/48

    Signature Algorithm: sha256WithRSAEncryption
         76:be:de:d6:2f:af:b3:0f:f1:7b:74:19:3c:74:4f:cc:0c:a2:
         a7:ba:f6:8b:cc:1b:f8:97:78:aa:88:f1:65:23:1e:ab:01:0f:
         d3:a4:f0:e9:d3:29:6b:1a:ce:d8:95:f6:62:fb:c1:3a:65:a7:
         df:a6:24:87:a9:b0:43:0e:f3:0a:b2:fd:01:77:c7:30:55:a4:
         25:43:d4:c6:14:04:68:42:94:b8:db:79:39:70:75:3f:4f:bc:
         2c:ac:f1:94:85:dc:7e:a0:17:b8:01:a9:4a:2b:34:2d:f4:27:
         8e:d6:e8:ea:b7:21:bc:e1:70:2e:aa:8c:2a:2c:f1:d5:44:a6:
         78:12:56:45:55:dc:80:46:2a:68:59:93:a2:52:58:99:1a:11:
         a2:4e:34:40:c6:d0:c5:97:2c:e1:13:9c:cf:9b:d8:54:8f:1b:
         63:5e:d0:4d:57:c8:11:9b:08:f2:66:30:71:70:33:57:8c:8f:
         ac:83:b3:6e:56:ac:fc:7e:b3:42:91:a2:24:e7:63:fd:97:bb:
         98:59:3e:78:e5:85:98:25:92:7f:89:e9:c2:ee:5d:4c:45:d3:
         cc:11:ac:02:82:fb:bb:da:83:5d:23:b9:99:9d:e3:d6:92:24:
         8c:8c:25:73:0b:83:a7:0c:cd:a9:ac:08:d8:43:54:7f:bb:2b:
         08:9e:c8:48
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUdEeU6wcBEUyBupjpp4LEmSCA+hswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI2MDA0MDA3WhcNMjUxMTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0AwODIyN2Q3YmRjYjdjNjNlOTVlYjM0OWE5YTA2MWI5MDM1
NDk2Mjg4NTJhMGEwOGQxMDZjMGM4MzE3NjlkM2VkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQChdo2V5wJwgwAkgxsXUBQFCay03ZxDi1mjA4OAy1OZDQgh
PmIrhfD6EImp/YhhmvfIl66L707ut0qRg78jedsLBEr+5Tm4pkWPhtdo7MtF1UJD
RBnf2MaSA/xuJQrM8uPclRTHOsXClFJYoTNpnevKigZoewF9JYw251lx0VR06DOH
hfjM3XW7Hu9OR0ixvqgejNxEvKEVjvZT9ke+nNbKW4ngXOSmAn4Pruz8hcAkYTs9
tRGmexJfGzGC9UTjA147506IUrnSgihJVlFPM9JsPuC2E4oOWYFcGJ02CXXTaAo8
S7OSksX4brONXtM+cjgwkqNaIAuNFtKwgvv13OQbAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUoRxPiFv3JZUKrpyfCMsZ6LtuDh8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FiOThiZmRiLTlhZjQtNDEyZi04N2M2LWQzNDQ4YzUyNDU2ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB/9gUMwDQYJKoZIhvcNAQELBQADggEBAHa+3tYvr7MP8Xt0GTx0T8wM
oqe69ovMG/iXeKqI8WUjHqsBD9Ok8OnTKWsaztiV9mL7wTplp9+mJIepsEMO8wqy
/QF3xzBVpCVD1MYUBGhClLjbeTlwdT9PvCys8ZSF3H6gF7gBqUorNC30J47W6Oq3
IbzhcC6qjCos8dVEpngSVkVV3IBGKmhZk6JSWJkaEaJONEDG0MWXLOETnM+b2FSP
G2Ne0E1XyBGbCPJmMHFwM1eMj6yDs25WrPx+s0KRoiTnY/2Xu5hZPnjlhZglkn+J
6cLuXUxF08wRrAKC+7vag10juZmd49aSJIyMJXMLg6cMzamsCNhDVH+7KwieyEg=
-----END CERTIFICATE-----