Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/887f4922-2c97-4526-af9a-b67399553315.roa
File:                     887f4922-2c97-4526-af9a-b67399553315.roa (raw, json)
Hash identifier:          1yoJ10hEmiulOTt02VtE8Eo5AHr05v/uRRfMX/4F6As=
Subject key identifier:   FB:91:DC:C4:74:F0:DD:B7:08:43:67:DD:3E:ED:E9:41:02:E8:45:EE
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       61EE3276A0E3EBC02DE672CCA7D0D8319D38EE81
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/887f4922-2c97-4526-af9a-b67399553315.roa
Signing time:             Tue 28 Oct 2025 00:20:08 +0000
ROA not before:           Tue 28 Oct 2025 00:20:08 +0000
ROA not after:            Tue 02 Dec 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1ffa:8000::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:ee:32:76:a0:e3:eb:c0:2d:e6:72:cc:a7:d0:d8:31:9d:38:ee:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 28 00:20:08 2025 GMT
            Not After : Dec  2 23:59:59 2025 GMT
        Subject: serialNumber=d1943c7d89bef6aa9946dda95727d34fed969292b69809876e8d726a2c9558bc, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:99:bb:32:de:1a:6c:db:bc:5a:c3:66:82:ca:
                    9f:a9:ba:e7:46:f8:ab:1f:98:63:da:a0:ba:8a:5a:
                    4c:40:06:db:96:66:0f:b9:42:ee:ca:5c:e6:47:f3:
                    af:bb:47:cb:ea:81:0e:44:ae:6c:c3:4c:47:55:6f:
                    c3:7c:6c:00:0b:07:d9:23:49:36:73:ef:41:b3:79:
                    dc:f7:d1:9f:12:da:a3:79:f1:4c:0d:ac:cd:2a:54:
                    07:35:69:d2:dc:43:30:f1:99:a4:0f:0f:b6:01:98:
                    84:18:7a:3c:30:73:6c:20:15:1c:dd:2e:bc:90:31:
                    b8:48:5b:d3:80:fd:39:64:81:2d:9f:1e:33:4a:44:
                    d7:e2:94:76:04:ec:21:5b:c3:18:db:f9:64:3b:b9:
                    73:cb:92:f0:01:82:2d:ac:8f:43:e3:a9:66:03:14:
                    8b:08:c4:9e:1e:e0:58:6a:84:2b:51:23:da:50:41:
                    09:f8:af:64:38:7b:98:0f:37:b4:b3:4e:e7:62:23:
                    9d:ec:fe:67:9f:08:48:25:0d:08:00:87:e8:d7:63:
                    06:98:f6:35:a0:91:d3:08:58:c3:dd:c6:17:ee:9a:
                    9b:c6:13:de:94:75:f3:21:c6:f5:69:b2:d8:58:a3:
                    34:e5:b0:ca:72:f5:1f:71:26:d5:c9:81:49:07:8b:
                    5a:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:91:DC:C4:74:F0:DD:B7:08:43:67:DD:3E:ED:E9:41:02:E8:45:EE
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/887f4922-2c97-4526-af9a-b67399553315.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ffa:8000::/40

    Signature Algorithm: sha256WithRSAEncryption
         83:f8:c1:bc:36:bf:53:d2:ef:59:32:da:93:31:66:b9:39:42:
         0b:79:d7:07:05:27:71:1a:20:c2:4d:ed:03:b6:3e:fd:32:5f:
         7c:5f:0f:b2:4b:9a:fb:25:d3:f4:10:a3:25:f4:ef:02:31:57:
         a1:ba:ee:3d:ac:af:66:03:7c:f6:35:76:74:5f:0e:10:1f:b9:
         f6:1e:86:01:9f:9a:6c:d3:c0:9c:5c:83:b2:d9:8f:16:55:7c:
         f5:14:55:c5:1e:2f:f8:57:98:ae:06:12:a0:ab:71:b5:e6:62:
         e6:34:2f:8e:57:ac:f6:cd:f5:cb:30:48:10:f5:df:8b:f2:11:
         ce:71:c9:86:62:16:ea:2e:e3:cb:97:2b:83:8c:1f:2c:cf:e0:
         a4:5c:0f:6a:e5:f6:29:8f:6b:c6:33:7c:dd:ca:5a:43:9b:48:
         82:29:c8:ac:a7:55:51:82:28:f8:36:c5:e4:ef:e9:fd:d8:cd:
         e9:0a:7b:1f:8b:d4:2e:71:1e:93:22:dc:30:89:69:84:94:24:
         68:99:ff:de:1a:a4:48:9d:86:e6:a0:5b:e6:2a:6b:e3:ab:29:
         62:d6:c3:ac:4a:64:15:32:20:3d:4d:02:98:d1:8f:4c:5f:bc:
         00:e6:b4:23:d7:d9:5a:67:e8:9a:11:57:71:7c:dd:ec:4d:97:
         73:b7:fb:27
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUYe4ydqDj68At5nLMp9DYMZ047oEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI4MDAyMDA4WhcNMjUxMjAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BkMTk0M2M3ZDg5YmVmNmFhOTk0NmRkYTk1NzI3ZDM0ZmVk
OTY5MjkyYjY5ODA5ODc2ZThkNzI2YTJjOTU1OGJjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCymbsy3hps27xaw2aCyp+puudG+KsfmGPaoLqKWkxABtuW
Zg+5Qu7KXOZH86+7R8vqgQ5ErmzDTEdVb8N8bAALB9kjSTZz70Gzedz30Z8S2qN5
8UwNrM0qVAc1adLcQzDxmaQPD7YBmIQYejwwc2wgFRzdLryQMbhIW9OA/TlkgS2f
HjNKRNfilHYE7CFbwxjb+WQ7uXPLkvABgi2sj0PjqWYDFIsIxJ4e4FhqhCtRI9pQ
QQn4r2Q4e5gPN7SzTudiI53s/mefCEglDQgAh+jXYwaY9jWgkdMIWMPdxhfumpvG
E96UdfMhxvVpsthYozTlsMpy9R9xJtXJgUkHi1plAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU+5HcxHTw3bcIQ2fdPu3pQQLoRe4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg4N2Y0OTIyLTJjOTctNDUyNi1hZjlhLWI2NzM5OTU1MzMxNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/6gDANBgkqhkiG9w0BAQsFAAOCAQEAg/jBvDa/U9LvWTLakzFmuTlC
C3nXBwUncRogwk3tA7Y+/TJffF8Pskua+yXT9BCjJfTvAjFXobruPayvZgN89jV2
dF8OEB+59h6GAZ+abNPAnFyDstmPFlV89RRVxR4v+FeYrgYSoKtxteZi5jQvjles
9s31yzBIEPXfi/IRznHJhmIW6i7jy5crg4wfLM/gpFwPauX2KY9rxjN83cpaQ5tI
ginIrKdVUYIo+DbF5O/p/djN6Qp7H4vULnEekyLcMIlphJQkaJn/3hqkSJ2G5qBb
5ipr46spYtbDrEpkFTIgPU0CmNGPTF+8AOa0I9fZWmfomhFXcXzd7E2Xc7f7Jw==
-----END CERTIFICATE-----