Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/724d0c5c-8652-4c80-8095-ad71cfaf0a6c.roa
File:                     724d0c5c-8652-4c80-8095-ad71cfaf0a6c.roa (raw, json)
Hash identifier:          jlQ9bZZEBhhbCSOtA3T+dT+DO9Q1Og9PZg4Tn10b99c=
Subject key identifier:   AE:64:FE:C5:8C:C4:84:E6:09:5A:C8:DE:C5:06:54:1F:CE:FB:BA:72
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       385A411AA77ED760E6E1B6DCBBF405A39CB55313
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/724d0c5c-8652-4c80-8095-ad71cfaf0a6c.roa
Signing time:             Wed 29 Oct 2025 17:36:48 +0000
ROA not before:           Wed 29 Oct 2025 17:36:48 +0000
ROA not after:            Wed 03 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f60:6000::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:5a:41:1a:a7:7e:d7:60:e6:e1:b6:dc:bb:f4:05:a3:9c:b5:53:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 29 17:36:48 2025 GMT
            Not After : Dec  3 23:59:59 2025 GMT
        Subject: serialNumber=28454cba2d7086d846a635d0ab82d47d340d3c1a3bdb67023c36d81b875a090c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:c0:39:39:64:a1:b0:af:fe:d7:b7:eb:46:2c:
                    83:3f:8e:4a:66:2d:96:dd:6b:c3:3a:2d:38:04:03:
                    5a:0d:17:2f:fd:87:73:cd:0d:a4:29:cd:ec:20:70:
                    8b:b7:53:c0:02:ce:c3:fb:4f:fb:79:a7:f7:a1:7f:
                    d2:dc:92:2a:ed:62:0f:82:3a:72:69:fa:25:a2:08:
                    5e:ff:d9:e0:83:40:e0:7e:f9:bf:1c:ae:ad:42:b5:
                    8b:fe:49:df:af:5f:28:9b:26:00:81:1a:f2:75:49:
                    17:14:14:21:f7:4d:4f:74:89:12:0d:aa:6d:63:21:
                    7d:5e:e0:a8:74:23:17:f8:ff:5f:b7:d0:c3:74:85:
                    da:6b:32:6e:d5:b3:e6:3d:96:b6:ad:47:2a:01:25:
                    ae:3c:21:e0:d2:7e:46:8f:4d:22:ae:bf:a3:51:0d:
                    d0:bf:5d:fd:e0:17:b2:cf:5c:62:ab:f0:5b:d8:58:
                    3b:0b:52:5d:41:f3:e6:5e:fb:7e:73:24:4e:e0:a4:
                    93:ef:cb:42:fd:40:62:02:f6:a9:f6:f3:d7:55:1d:
                    b6:40:fe:34:0a:04:3a:53:ff:3b:8a:d6:ee:f8:c9:
                    d7:ba:95:37:c1:87:7d:0d:58:a5:9b:4a:52:48:b5:
                    91:32:75:c8:85:56:1c:a6:b1:4b:83:4d:96:bb:15:
                    ac:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:64:FE:C5:8C:C4:84:E6:09:5A:C8:DE:C5:06:54:1F:CE:FB:BA:72
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/724d0c5c-8652-4c80-8095-ad71cfaf0a6c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f60:6000::/40

    Signature Algorithm: sha256WithRSAEncryption
         48:fb:45:71:1c:61:52:15:ce:82:2f:1b:a9:f1:c2:57:ad:b0:
         af:f2:8f:17:44:bc:4e:16:84:96:fd:78:91:b9:72:77:93:b3:
         10:5a:41:3c:c3:44:97:2f:1d:f8:71:a7:8a:77:dd:19:e2:de:
         3a:d9:9d:ff:81:be:72:94:53:14:cd:f6:ae:fe:b2:36:a6:63:
         e7:d4:96:37:43:5a:01:ed:27:10:5b:9f:c2:7b:d0:5a:33:1f:
         6f:20:8a:d7:eb:a3:de:1f:a8:c0:4e:ad:9b:de:b1:4b:d4:64:
         d4:9a:9d:3c:e1:b3:07:0e:db:64:22:e2:ba:b3:9d:82:bc:f6:
         6e:39:fc:3f:31:bc:da:34:d5:29:78:d8:6c:17:e1:f1:b9:8d:
         1f:91:9c:87:b1:5b:e6:3b:cb:f1:a1:98:65:6c:b5:64:e5:3f:
         3f:fe:3d:60:d8:d0:64:ad:39:ef:97:5c:ea:a3:44:78:ef:e5:
         b3:4f:4b:32:a8:d5:e5:25:42:9c:52:9e:57:11:e5:8c:4c:76:
         78:cc:53:48:25:4e:e3:f4:75:82:ca:03:59:9c:af:b7:a7:82:
         e8:bf:b9:d8:07:c4:79:6e:19:92:1f:4f:cb:30:92:9f:0d:12:
         31:85:25:15:f0:c2:e3:a0:a7:85:2a:28:d7:26:e9:1b:87:9d:
         6c:bb:25:c0
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUOFpBGqd+12Dm4bbcu/QFo5y1UxMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI5MTczNjQ4WhcNMjUxMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0AyODQ1NGNiYTJkNzA4NmQ4NDZhNjM1ZDBhYjgyZDQ3ZDM0
MGQzYzFhM2JkYjY3MDIzYzM2ZDgxYjg3NWEwOTBjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCwwDk5ZKGwr/7Xt+tGLIM/jkpmLZbda8M6LTgEA1oNFy/9
h3PNDaQpzewgcIu3U8ACzsP7T/t5p/ehf9LckirtYg+COnJp+iWiCF7/2eCDQOB+
+b8crq1CtYv+Sd+vXyibJgCBGvJ1SRcUFCH3TU90iRINqm1jIX1e4Kh0Ixf4/1+3
0MN0hdprMm7Vs+Y9lratRyoBJa48IeDSfkaPTSKuv6NRDdC/Xf3gF7LPXGKr8FvY
WDsLUl1B8+Ze+35zJE7gpJPvy0L9QGIC9qn289dVHbZA/jQKBDpT/zuK1u74yde6
lTfBh30NWKWbSlJItZEydciFVhymsUuDTZa7FayhAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUrmT+xYzEhOYJWsjexQZUH877unIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzcyNGQwYzVjLTg2NTItNGM4MC04MDk1LWFkNzFjZmFmMGE2Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB9gYDANBgkqhkiG9w0BAQsFAAOCAQEASPtFcRxhUhXOgi8bqfHCV62w
r/KPF0S8ThaElv14kblyd5OzEFpBPMNEly8d+HGninfdGeLeOtmd/4G+cpRTFM32
rv6yNqZj59SWN0NaAe0nEFufwnvQWjMfbyCK1+uj3h+owE6tm96xS9Rk1JqdPOGz
Bw7bZCLiurOdgrz2bjn8PzG82jTVKXjYbBfh8bmNH5Gch7Fb5jvL8aGYZWy1ZOU/
P/49YNjQZK0575dc6qNEeO/ls09LMqjV5SVCnFKeVxHljEx2eMxTSCVO4/R1gsoD
WZyvt6eC6L+52AfEeW4Zkh9PyzCSnw0SMYUlFfDC46CnhSoo1ybpG4edbLslwA==
-----END CERTIFICATE-----