Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/796614d6-f7e9-407c-a482-7b1300d0f0d6.roa
File:                     796614d6-f7e9-407c-a482-7b1300d0f0d6.roa (raw, json)
Hash identifier:          sHrQqDiCFyFkXrZ+Z9tlXUbIxUYvHe2dZu3pahrLThE=
Subject key identifier:   05:27:E8:5D:FE:1C:97:12:8F:A6:34:AF:CB:4B:7F:63:58:C3:89:A2
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       18202ADC130B1AB19F080A212CEB889E4BE3641A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/796614d6-f7e9-407c-a482-7b1300d0f0d6.roa
Signing time:             Sat 01 Nov 2025 00:20:10 +0000
ROA not before:           Sat 01 Nov 2025 00:20:10 +0000
ROA not after:            Sat 06 Dec 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1fb9:a400::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:20:2a:dc:13:0b:1a:b1:9f:08:0a:21:2c:eb:88:9e:4b:e3:64:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  1 00:20:10 2025 GMT
            Not After : Dec  6 23:59:59 2025 GMT
        Subject: serialNumber=7c16dc19f6cf13650dcbdce069479a07b802513485b859646b57d7ff200b6ac5, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:dd:12:34:6a:fb:4e:c6:d4:45:00:57:8d:c8:
                    99:34:d8:6c:19:73:ea:3b:6d:9f:6e:9a:49:64:96:
                    b1:84:90:89:45:ff:b1:1d:28:dd:e0:6b:aa:8e:ed:
                    1e:43:83:dd:e9:6c:38:d2:63:8e:09:be:93:de:c7:
                    7d:4b:d0:14:d2:37:fc:21:b5:b9:be:8c:35:b5:ac:
                    14:a4:2d:df:68:41:1f:ec:3a:6b:c3:f8:7d:47:61:
                    e4:be:4e:70:a8:af:7a:7b:01:79:37:71:08:64:fc:
                    86:49:77:df:70:68:6d:ad:16:19:90:a0:d9:00:03:
                    28:21:3c:4d:1c:86:e8:62:71:98:b0:75:1f:19:4d:
                    06:40:16:c1:e7:74:e8:0c:6b:29:b1:fc:f5:59:c0:
                    b4:cb:04:b1:0d:12:05:2b:44:e7:95:58:f5:ca:e1:
                    ae:e1:1c:e3:ea:87:5f:67:80:65:92:0a:9d:cf:39:
                    9a:ec:de:1f:bb:37:f1:7d:38:9b:2f:88:48:42:34:
                    0b:9a:b1:f7:9a:fc:ca:79:d7:bb:03:42:07:13:06:
                    3e:81:0c:e6:88:d5:aa:23:2e:c3:cf:70:8e:1e:bd:
                    67:80:db:ba:94:76:64:a7:fe:fe:49:c7:1b:fc:f0:
                    05:1b:02:e1:76:7a:36:f7:29:52:7d:f7:a5:7c:ba:
                    04:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:27:E8:5D:FE:1C:97:12:8F:A6:34:AF:CB:4B:7F:63:58:C3:89:A2
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/796614d6-f7e9-407c-a482-7b1300d0f0d6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fb9:a400::/40

    Signature Algorithm: sha256WithRSAEncryption
         b7:ec:63:22:95:3b:7d:4b:64:87:ee:81:37:c3:3b:42:38:66:
         7b:12:28:15:55:f0:8e:ef:28:79:b1:da:02:3b:d3:52:aa:23:
         d2:2a:93:19:61:43:35:67:db:b8:ce:9b:3f:7e:f7:2c:e9:06:
         72:02:7e:4a:6e:17:53:c0:b2:ef:7d:e8:ad:e7:35:72:7a:9a:
         c7:b0:14:49:0d:4f:cb:45:2e:0b:ad:ba:f0:17:5a:ab:2e:1e:
         f9:1e:b4:03:11:a8:2d:13:d9:f1:f3:b0:64:88:a7:36:39:4e:
         9d:9c:85:64:bc:28:c9:6e:40:9b:57:00:cd:3a:69:96:60:82:
         d6:52:a1:f6:b4:d4:76:e7:d2:b2:27:9d:7e:f9:b6:8b:79:2f:
         58:48:52:ae:eb:a5:4c:94:39:18:c5:9e:2a:95:d4:6d:f6:dd:
         ba:d5:18:18:ab:0a:e8:a8:cd:60:29:e7:0f:84:57:79:b3:a1:
         82:6b:21:4f:f0:e3:f6:56:45:bd:e9:ca:dd:ce:7f:7c:64:49:
         e9:4d:9c:7b:eb:6f:33:15:0a:63:72:d5:5b:e9:1c:f3:e0:78:
         ed:44:36:c5:e7:93:b2:30:7d:1b:6f:42:ae:23:ad:ec:79:18:
         43:a7:c2:c9:b3:9f:ca:db:cc:61:ef:74:f2:3c:c8:0f:c7:8a:
         ea:a6:7f:ff
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUGCAq3BMLGrGfCAohLOuInkvjZBowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTAxMDAyMDEwWhcNMjUxMjA2MjM1OTU5
WjB6MUkwRwYDVQQFE0A3YzE2ZGMxOWY2Y2YxMzY1MGRjYmRjZTA2OTQ3OWEwN2I4
MDI1MTM0ODViODU5NjQ2YjU3ZDdmZjIwMGI2YWM1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCs3RI0avtOxtRFAFeNyJk02GwZc+o7bZ9umklklrGEkIlF
/7EdKN3ga6qO7R5Dg93pbDjSY44JvpPex31L0BTSN/whtbm+jDW1rBSkLd9oQR/s
OmvD+H1HYeS+TnCor3p7AXk3cQhk/IZJd99waG2tFhmQoNkAAyghPE0chuhicZiw
dR8ZTQZAFsHndOgMaymx/PVZwLTLBLENEgUrROeVWPXK4a7hHOPqh19ngGWSCp3P
OZrs3h+7N/F9OJsviEhCNAuasfea/Mp517sDQgcTBj6BDOaI1aojLsPPcI4evWeA
27qUdmSn/v5Jxxv88AUbAuF2ejb3KVJ996V8ugQhAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUBSfoXf4clxKPpjSvy0t/Y1jDiaIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc5NjYxNGQ2LWY3ZTktNDA3Yy1hNDgyLTdiMTMwMGQwZjBkNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB+5pDANBgkqhkiG9w0BAQsFAAOCAQEAt+xjIpU7fUtkh+6BN8M7Qjhm
exIoFVXwju8oebHaAjvTUqoj0iqTGWFDNWfbuM6bP373LOkGcgJ+Sm4XU8Cy733o
rec1cnqax7AUSQ1Py0UuC6268Bdaqy4e+R60AxGoLRPZ8fOwZIinNjlOnZyFZLwo
yW5Am1cAzTpplmCC1lKh9rTUdufSsiedfvm2i3kvWEhSruulTJQ5GMWeKpXUbfbd
utUYGKsK6KjNYCnnD4RXebOhgmshT/Dj9lZFvenK3c5/fGRJ6U2ce+tvMxUKY3LV
W+kc8+B47UQ2xeeTsjB9G29CriOt7HkYQ6fCybOfytvMYe908jzID8eK6qZ//w==
-----END CERTIFICATE-----