Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/160933c3-b761-41a9-87a6-9e744a40b1ba.roa
File:                     160933c3-b761-41a9-87a6-9e744a40b1ba.roa (raw, json)
Hash identifier:          e8LLd3ULU9Sq0PI7otCZ6/YmCdg6szEvvkBz6UmfMms=
Subject key identifier:   D0:97:21:45:E7:78:34:59:94:27:2E:EE:B2:F0:37:0A:84:3F:27:0D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       37503DAC8F9057F130872C6B65691FB98A42365F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/160933c3-b761-41a9-87a6-9e744a40b1ba.roa
Signing time:             Wed 29 Oct 2025 00:50:38 +0000
ROA not before:           Wed 29 Oct 2025 00:50:38 +0000
ROA not after:            Wed 03 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1fb8:1000::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:50:3d:ac:8f:90:57:f1:30:87:2c:6b:65:69:1f:b9:8a:42:36:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 29 00:50:38 2025 GMT
            Not After : Dec  3 23:59:59 2025 GMT
        Subject: serialNumber=ad95cabc5cd3e8255472332e1948a50484c1e94d34e0256be3d1a2775f4d5493, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:95:76:7d:aa:06:99:ef:08:9e:78:1f:33:c0:
                    8a:7d:c1:a5:58:4d:b6:d7:55:2c:e1:34:7c:29:1b:
                    65:df:9c:9b:15:6f:af:0d:1b:2a:28:a9:11:22:3b:
                    bd:d6:d1:84:3b:3f:ac:7e:ac:3b:75:a1:f7:df:f9:
                    8a:f1:ca:ed:9c:dc:02:e7:9b:0d:cc:58:ab:a9:12:
                    0c:0a:9e:b2:5c:ff:47:76:dd:bc:26:bc:62:c0:6c:
                    fc:97:98:65:87:1d:c5:11:53:c3:ee:75:1b:ee:15:
                    39:ad:22:6e:50:b4:ba:bf:a3:6f:99:f3:60:71:85:
                    0b:9f:00:e4:a8:85:f7:17:22:07:7b:a5:46:33:3d:
                    2e:c0:cd:3d:04:ce:77:1a:de:97:78:40:f7:63:f3:
                    41:cd:5e:9b:3d:7e:19:7c:12:93:88:18:dd:f1:62:
                    c0:63:67:a1:6d:3a:1e:c5:c0:71:36:63:bc:c4:f2:
                    1a:c3:82:d6:dd:90:8d:71:5b:e5:e9:02:5d:3b:b8:
                    d8:f7:41:5a:77:b3:6e:2d:46:35:cb:91:72:7f:a7:
                    26:1b:f3:61:91:f4:c0:1f:26:19:cb:2a:46:bc:01:
                    a4:27:e2:51:08:a2:05:d8:f3:02:8c:64:48:b1:61:
                    89:5e:bf:5f:ab:0a:d0:5e:ea:e1:7d:af:33:bb:e8:
                    2e:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:97:21:45:E7:78:34:59:94:27:2E:EE:B2:F0:37:0A:84:3F:27:0D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/160933c3-b761-41a9-87a6-9e744a40b1ba.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fb8:1000::/40

    Signature Algorithm: sha256WithRSAEncryption
         10:d0:cd:0b:04:bb:06:cb:d2:4e:07:3c:c7:1d:3f:0c:72:da:
         2a:bc:bd:75:3b:3e:6c:0e:b6:c9:91:8a:16:c4:39:1e:af:8d:
         02:92:c1:b0:6c:84:62:4c:47:da:19:74:e2:63:0b:aa:bd:66:
         12:34:aa:d4:a5:7c:6b:b5:ab:f2:68:4a:b9:f4:c9:45:27:11:
         8b:55:31:1d:47:cb:dc:9b:43:0f:98:36:b9:fc:c6:4f:cc:1f:
         9b:ec:41:7e:3a:bc:09:cf:17:f5:05:b3:91:fd:61:31:15:30:
         c5:cc:bf:fd:63:fd:32:34:79:a7:67:aa:b8:ab:20:20:af:e6:
         12:59:d2:85:89:f5:b6:e5:c0:04:b0:ce:b2:72:c0:36:29:03:
         e7:e9:d4:94:f5:18:df:ee:bf:ee:6c:fd:a4:92:75:ce:1c:f6:
         62:24:4f:1e:f6:8b:a7:ef:31:dd:db:f3:ad:8d:d9:03:6a:b4:
         e1:47:04:68:74:9a:90:2d:18:5f:f8:9a:3c:52:03:b1:74:9b:
         72:16:8e:fb:40:e3:39:88:72:cf:bc:ce:24:cb:9d:ec:42:9f:
         8e:da:30:cc:e0:2a:f9:c7:87:2e:65:04:1a:cc:ad:b6:24:18:
         e4:d4:b4:33:99:9a:64:19:0e:57:5e:9b:4f:d7:ea:08:af:cd:
         84:84:87:8a
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUN1A9rI+QV/EwhyxrZWkfuYpCNl8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI5MDA1MDM4WhcNMjUxMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0BhZDk1Y2FiYzVjZDNlODI1NTQ3MjMzMmUxOTQ4YTUwNDg0
YzFlOTRkMzRlMDI1NmJlM2QxYTI3NzVmNGQ1NDkzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDvlXZ9qgaZ7wieeB8zwIp9waVYTbbXVSzhNHwpG2XfnJsV
b68NGyooqREiO73W0YQ7P6x+rDt1offf+Yrxyu2c3ALnmw3MWKupEgwKnrJc/0d2
3bwmvGLAbPyXmGWHHcURU8PudRvuFTmtIm5QtLq/o2+Z82BxhQufAOSohfcXIgd7
pUYzPS7AzT0Eznca3pd4QPdj80HNXps9fhl8EpOIGN3xYsBjZ6FtOh7FwHE2Y7zE
8hrDgtbdkI1xW+XpAl07uNj3QVp3s24tRjXLkXJ/pyYb82GR9MAfJhnLKka8AaQn
4lEIogXY8wKMZEixYYlev1+rCtBe6uF9rzO76C69AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU0JchRed4NFmUJy7usvA3CoQ/Jw0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE2MDkzM2MzLWI3NjEtNDFhOS04N2E2LTllNzQ0YTQwYjFiYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB+4EDANBgkqhkiG9w0BAQsFAAOCAQEAENDNCwS7BsvSTgc8xx0/DHLa
Kry9dTs+bA62yZGKFsQ5Hq+NApLBsGyEYkxH2hl04mMLqr1mEjSq1KV8a7Wr8mhK
ufTJRScRi1UxHUfL3JtDD5g2ufzGT8wfm+xBfjq8Cc8X9QWzkf1hMRUwxcy//WP9
MjR5p2equKsgIK/mElnShYn1tuXABLDOsnLANikD5+nUlPUY3+6/7mz9pJJ1zhz2
YiRPHvaLp+8x3dvzrY3ZA2q04UcEaHSakC0YX/iaPFIDsXSbchaO+0DjOYhyz7zO
JMud7EKfjtowzOAq+ceHLmUEGsyttiQY5NS0M5maZBkOV16bT9fqCK/NhISHig==
-----END CERTIFICATE-----