Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f1a99748-327b-4d2a-bf18-675114452386.roa
File:                     f1a99748-327b-4d2a-bf18-675114452386.roa (raw, json)
Hash identifier:          e+xFc9bSJnWJsFrcy+DyC8Z0yki7hCLjhGqmVOkifF8=
Subject key identifier:   5B:8D:1C:AB:96:92:77:12:15:B4:27:22:80:56:9A:81:A7:96:F8:28
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       373DB170435BD9C69D9B7FF5300BD95C9B8E6CCA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f1a99748-327b-4d2a-bf18-675114452386.roa
Signing time:             Sat 04 Oct 2025 00:42:41 +0000
ROA not before:           Sat 04 Oct 2025 00:42:41 +0000
ROA not after:            Sat 08 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ff3:5000::/40 maxlen: 40
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:3d:b1:70:43:5b:d9:c6:9d:9b:7f:f5:30:0b:d9:5c:9b:8e:6c:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  4 00:42:41 2025 GMT
            Not After : Nov  8 23:59:59 2025 GMT
        Subject: serialNumber=b4ad87493c175c24cff5993da5bd55aacdf64606c3c52d6eab3bcc5fcf8f014f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:92:96:56:c8:17:b8:9c:01:31:86:14:8b:6f:
                    7f:7f:b6:f7:c8:98:27:b9:66:29:81:cd:ac:0c:f5:
                    2c:7e:2b:01:64:fe:29:43:fd:04:9b:ea:1d:7d:bb:
                    01:f9:81:7d:1a:1e:f2:4c:8e:70:0b:d6:ac:96:bd:
                    d8:7a:16:32:7c:67:a5:39:98:ca:db:60:d7:62:0b:
                    71:fd:70:16:62:c1:40:20:12:df:96:a6:e0:f3:3d:
                    4e:2a:0d:fa:17:2f:83:ab:03:23:a2:29:e6:2a:61:
                    24:57:81:9f:ab:5f:18:bb:fc:03:38:36:22:df:38:
                    88:cd:f3:1b:39:09:c2:79:93:5f:d8:60:a6:4c:51:
                    59:47:46:44:4a:2a:f3:47:57:e5:d2:68:a2:f8:c2:
                    9a:26:08:a8:d5:95:d1:c9:97:4a:57:a1:4c:69:99:
                    79:ac:14:28:3b:b7:2f:8c:3b:8b:9f:65:e7:e5:86:
                    b9:af:b6:5c:6e:8e:4b:17:47:82:3f:cb:f6:d0:65:
                    cb:b0:4e:1c:9d:ef:86:65:85:ad:a5:60:9c:fd:60:
                    92:da:80:a1:65:8a:e6:f5:0d:5d:09:34:b2:8c:2e:
                    0d:b4:81:d8:d6:eb:a0:78:0d:38:f5:56:34:7e:dc:
                    e6:d1:2f:66:af:7d:4c:ad:44:c8:5d:85:63:f7:3f:
                    39:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:8D:1C:AB:96:92:77:12:15:B4:27:22:80:56:9A:81:A7:96:F8:28
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f1a99748-327b-4d2a-bf18-675114452386.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff3:5000::/40

    Signature Algorithm: sha256WithRSAEncryption
         84:89:ef:52:63:08:87:4d:d5:a7:f3:48:23:ff:ab:ca:36:6c:
         73:3e:97:3e:a7:33:92:73:eb:51:12:83:d6:30:39:1e:ad:b8:
         4a:e3:a5:02:82:87:f8:83:68:1d:de:ef:4a:bb:47:bb:2c:60:
         8b:d0:82:0d:79:25:b5:43:26:3c:11:ef:40:36:1b:90:9a:0a:
         85:46:37:0c:46:90:ad:3d:19:2a:ce:86:28:83:21:8d:48:a5:
         4b:e5:49:f4:8b:4b:d2:be:43:03:38:7b:e9:ef:b8:f0:4d:fc:
         48:f7:f0:0f:ec:26:c2:74:46:94:5b:74:f5:16:b0:cf:3a:50:
         df:75:eb:b3:de:f8:19:c9:cb:4d:e2:45:9e:1c:a5:59:29:cd:
         39:00:13:d5:e1:49:01:1a:0e:15:7a:2a:9c:e1:06:37:0f:aa:
         5a:0a:25:c0:26:ae:e0:1c:1f:8b:96:cf:f9:5a:30:4c:1a:09:
         cb:c8:90:06:ba:cc:04:8c:c4:15:62:4f:55:64:3f:2e:12:0e:
         5a:14:e6:c8:e0:d1:ec:61:ad:1d:9f:d0:35:cc:11:d2:72:d9:
         48:ab:cd:23:34:3c:17:2c:76:b3:04:72:08:8c:fb:2c:3c:44:
         8e:89:16:31:e4:b3:ec:f6:9f:c3:ac:cf:7e:04:5c:13:7d:83:
         18:10:45:a5
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUNz2xcENb2cadm3/1MAvZXJuObMowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA0MDA0MjQxWhcNMjUxMTA4MjM1OTU5
WjB6MUkwRwYDVQQFE0BiNGFkODc0OTNjMTc1YzI0Y2ZmNTk5M2RhNWJkNTVhYWNk
ZjY0NjA2YzNjNTJkNmVhYjNiY2M1ZmNmOGYwMTRmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJkpZWyBe4nAExhhSLb39/tvfImCe5ZimBzawM9Sx+KwFk
/ilD/QSb6h19uwH5gX0aHvJMjnAL1qyWvdh6FjJ8Z6U5mMrbYNdiC3H9cBZiwUAg
Et+WpuDzPU4qDfoXL4OrAyOiKeYqYSRXgZ+rXxi7/AM4NiLfOIjN8xs5CcJ5k1/Y
YKZMUVlHRkRKKvNHV+XSaKL4wpomCKjVldHJl0pXoUxpmXmsFCg7ty+MO4ufZefl
hrmvtlxujksXR4I/y/bQZcuwThyd74Zlha2lYJz9YJLagKFliub1DV0JNLKMLg20
gdjW66B4DTj1VjR+3ObRL2avfUytRMhdhWP3PzmVAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUW40cq5aSdxIVtCcigFaagaeW+CgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2YxYTk5NzQ4LTMyN2ItNGQyYS1iZjE4LTY3NTExNDQ1MjM4Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/zUDANBgkqhkiG9w0BAQsFAAOCAQEAhInvUmMIh03Vp/NII/+ryjZs
cz6XPqczknPrURKD1jA5Hq24SuOlAoKH+INoHd7vSrtHuyxgi9CCDXkltUMmPBHv
QDYbkJoKhUY3DEaQrT0ZKs6GKIMhjUilS+VJ9ItL0r5DAzh76e+48E38SPfwD+wm
wnRGlFt09RawzzpQ33Xrs974GcnLTeJFnhylWSnNOQAT1eFJARoOFXoqnOEGNw+q
WgolwCau4Bwfi5bP+VowTBoJy8iQBrrMBIzEFWJPVWQ/LhIOWhTmyODR7GGtHZ/Q
NcwR0nLZSKvNIzQ8Fyx2swRyCIz7LDxEjokWMeSz7Pafw6zPfgRcE32DGBBFpQ==
-----END CERTIFICATE-----