Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4b128b97-197d-4126-9887-73a31ea7479b.roa
File:                     4b128b97-197d-4126-9887-73a31ea7479b.roa (raw, json)
Hash identifier:          wuAIcxRyDbl8LJLAzyRgSjm0h1eEYdNWwkuGlxEgxd8=
Subject key identifier:   46:68:90:F5:69:51:B9:F9:0F:9E:D8:E7:8C:5D:36:43:90:93:85:AB
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       049EF6DD3173AEC0302998DC96DC83A45222D2AC
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4b128b97-197d-4126-9887-73a31ea7479b.roa
Signing time:             Sun 02 Nov 2025 00:10:09 +0000
ROA not before:           Sun 02 Nov 2025 00:10:09 +0000
ROA not after:            Sun 07 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f60:e000::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:9e:f6:dd:31:73:ae:c0:30:29:98:dc:96:dc:83:a4:52:22:d2:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  2 00:10:09 2025 GMT
            Not After : Dec  7 23:59:59 2025 GMT
        Subject: serialNumber=7a94509a17d84c3843a28e3a403604f59a989385439f1b844522318b22156fab, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:78:0f:29:2a:2f:42:34:cd:9e:f0:e6:0e:a4:
                    2f:5f:b5:ec:43:de:06:a1:75:d0:fa:cf:c2:3c:1f:
                    a4:77:72:79:ea:2c:67:b0:f6:ed:44:bc:01:03:63:
                    19:8d:a3:6c:6b:2d:e6:71:4d:18:cd:38:5d:e5:a5:
                    e9:a7:d9:90:bf:c5:02:00:0e:91:51:07:14:89:87:
                    70:1c:9a:04:fc:2e:13:57:72:4e:1a:fd:4d:71:fe:
                    e9:43:19:4c:35:6a:0f:17:3e:a7:db:01:4a:c6:30:
                    64:7c:ca:85:6b:cc:0b:04:a2:59:5d:96:19:63:31:
                    c8:7a:49:e1:9d:ff:92:c2:ea:d9:f6:2b:d2:86:f5:
                    6a:90:60:d8:15:5a:cf:b7:db:8d:39:67:cd:38:b7:
                    04:d8:3e:a9:12:24:08:1b:95:12:29:50:44:3c:df:
                    b6:37:f5:17:ed:8a:b1:38:1b:72:51:ad:da:f1:77:
                    76:68:46:11:7e:02:25:54:30:88:76:5b:eb:f0:54:
                    fb:5e:ef:65:82:0a:4f:d7:9f:39:d5:98:53:7c:5c:
                    0f:6c:21:cd:34:f9:9e:3e:be:66:bf:70:da:97:c1:
                    ee:0e:38:e5:83:60:bc:18:01:48:c6:c5:4f:22:21:
                    5f:b6:fd:31:be:3e:7d:8b:16:54:b9:68:ed:49:33:
                    ed:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:68:90:F5:69:51:B9:F9:0F:9E:D8:E7:8C:5D:36:43:90:93:85:AB
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4b128b97-197d-4126-9887-73a31ea7479b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f60:e000::/40

    Signature Algorithm: sha256WithRSAEncryption
         8c:cd:a7:7d:c8:01:27:49:7d:07:a7:9a:fd:c1:75:7e:28:6d:
         2c:7b:64:c8:48:0f:90:f0:e5:09:8d:ed:6e:8b:cb:31:4f:60:
         89:aa:fb:a2:6e:f2:44:5b:6e:a4:74:2b:d8:b8:dc:77:02:a9:
         00:c4:da:0a:de:c4:40:cc:5a:8d:d8:a7:bf:af:76:4c:2e:10:
         23:37:17:77:22:e5:49:e4:9b:1b:4d:f7:4a:1f:d1:a9:37:f1:
         7a:a1:36:e4:65:f6:96:6b:33:d2:d7:2a:10:21:c9:4c:b0:42:
         34:f7:ce:d1:9e:3c:98:6e:c4:b4:e4:69:ba:17:c3:07:ea:51:
         8a:1c:c0:9b:41:b5:66:ad:eb:23:e3:8d:68:3f:cb:66:07:bd:
         70:08:77:81:ae:92:2c:aa:59:cb:8e:d6:67:ee:e8:07:c3:d5:
         f9:47:b7:58:b4:ab:24:0f:55:d7:5c:fd:69:16:74:fd:ab:39:
         52:18:ea:97:7e:91:fa:1d:43:a0:87:c9:bd:eb:e5:22:d1:c4:
         23:fd:1f:e4:a2:ca:db:fb:47:5c:84:01:8f:e5:64:6d:53:78:
         94:f1:aa:43:d4:ea:6c:d1:1e:9c:d8:76:95:f5:9a:e1:07:9b:
         bd:10:15:92:23:0f:1b:61:64:f2:5b:02:dc:08:2a:f8:e2:53:
         78:19:5b:cb
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUBJ723TFzrsAwKZjcltyDpFIi0qwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTAyMDAxMDA5WhcNMjUxMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A3YTk0NTA5YTE3ZDg0YzM4NDNhMjhlM2E0MDM2MDRmNTlh
OTg5Mzg1NDM5ZjFiODQ0NTIyMzE4YjIyMTU2ZmFiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDweA8pKi9CNM2e8OYOpC9ftexD3gahddD6z8I8H6R3cnnq
LGew9u1EvAEDYxmNo2xrLeZxTRjNOF3lpemn2ZC/xQIADpFRBxSJh3AcmgT8LhNX
ck4a/U1x/ulDGUw1ag8XPqfbAUrGMGR8yoVrzAsEolldlhljMch6SeGd/5LC6tn2
K9KG9WqQYNgVWs+32405Z804twTYPqkSJAgblRIpUEQ837Y39RftirE4G3JRrdrx
d3ZoRhF+AiVUMIh2W+vwVPte72WCCk/XnznVmFN8XA9sIc00+Z4+vma/cNqXwe4O
OOWDYLwYAUjGxU8iIV+2/TG+Pn2LFlS5aO1JM+1LAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQURmiQ9WlRufkPntjnjF02Q5CThaswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRiMTI4Yjk3LTE5N2QtNDEyNi05ODg3LTczYTMxZWE3NDc5Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB9g4DANBgkqhkiG9w0BAQsFAAOCAQEAjM2nfcgBJ0l9B6ea/cF1fiht
LHtkyEgPkPDlCY3tbovLMU9giar7om7yRFtupHQr2LjcdwKpAMTaCt7EQMxajdin
v692TC4QIzcXdyLlSeSbG033Sh/RqTfxeqE25GX2lmsz0tcqECHJTLBCNPfO0Z48
mG7EtORpuhfDB+pRihzAm0G1Zq3rI+ONaD/LZge9cAh3ga6SLKpZy47WZ+7oB8PV
+Ue3WLSrJA9V11z9aRZ0/as5Uhjql36R+h1DoIfJvevlItHEI/0f5KLK2/tHXIQB
j+VkbVN4lPGqQ9TqbNEenNh2lfWa4QebvRAVkiMPG2Fk8lsC3Agq+OJTeBlbyw==
-----END CERTIFICATE-----