Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9824ff97-2456-49b2-84a0-9566b712b248.roa
File:                     9824ff97-2456-49b2-84a0-9566b712b248.roa (raw, json)
Hash identifier:          PGyoBL+Yggll2oLKa/IGcrv/FEb9cdOq1S5KBNUC2xk=
Subject key identifier:   EF:5E:AC:FA:BC:31:01:CE:F8:8B:9A:46:00:66:86:9E:84:17:2D:67
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       11AEFC61B02D22401B296AEF803E3256017AE284
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9824ff97-2456-49b2-84a0-9566b712b248.roa
Signing time:             Sun 02 Nov 2025 00:21:15 +0000
ROA not before:           Sun 02 Nov 2025 00:21:15 +0000
ROA not after:            Sun 07 Dec 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f60:7400::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:ae:fc:61:b0:2d:22:40:1b:29:6a:ef:80:3e:32:56:01:7a:e2:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  2 00:21:15 2025 GMT
            Not After : Dec  7 23:59:59 2025 GMT
        Subject: serialNumber=6d610d55f23b5e7c4bb830e5aee37e2be6f03e56948d61c48a7cf6955fbe93f1, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:49:ba:80:b0:79:e0:66:4e:b9:85:12:81:ab:
                    87:b5:07:21:d2:1b:6f:25:16:53:0e:e8:88:29:62:
                    b1:f0:33:1d:e3:b4:cc:4e:85:e2:7b:23:4d:5d:cb:
                    37:24:b6:31:ba:98:f1:7a:04:c3:97:64:b4:34:7d:
                    89:95:4a:d4:a3:6b:14:57:44:a3:0e:9c:b3:1f:9f:
                    ca:ea:3a:71:32:98:35:65:c8:89:c6:8f:8d:4e:eb:
                    c1:6d:51:47:8e:9b:4c:21:bd:e2:cb:2f:1d:a4:1c:
                    a7:5d:31:23:20:68:0d:28:6d:e1:5c:41:92:4a:86:
                    d0:56:4c:c6:92:41:80:47:11:22:3a:60:66:8a:0e:
                    84:96:e8:bd:23:07:54:3f:40:04:ba:1e:4d:7f:aa:
                    fa:96:de:ed:57:db:f2:56:72:60:3b:96:0c:52:53:
                    81:6d:d1:26:cc:d7:09:ef:b6:7c:a2:9f:41:d3:6b:
                    a1:04:5d:b6:1e:32:00:54:c3:3a:cb:d6:0d:b1:2b:
                    93:6e:48:44:63:f7:ab:ca:7b:a9:75:02:a1:c6:b0:
                    66:ba:e3:ef:1a:f6:89:49:a6:d1:dd:69:96:82:15:
                    3c:40:76:8b:83:aa:4b:7c:13:20:c2:bb:e7:77:e9:
                    cb:7f:7a:02:95:b5:1f:d5:20:27:8e:92:77:d1:af:
                    af:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:5E:AC:FA:BC:31:01:CE:F8:8B:9A:46:00:66:86:9E:84:17:2D:67
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9824ff97-2456-49b2-84a0-9566b712b248.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f60:7400::/40

    Signature Algorithm: sha256WithRSAEncryption
         c6:2e:81:3b:42:69:d8:6d:5f:c1:61:dc:34:d2:3e:28:75:c6:
         ce:1b:70:bf:06:2c:48:3e:39:93:01:db:cf:f3:bf:9b:f9:ff:
         71:31:31:34:f0:4e:ab:e8:d8:e9:bb:4e:55:e6:5d:07:ea:a4:
         dc:cd:18:21:b4:7b:29:6c:e7:ec:ac:90:38:29:78:4d:1d:e1:
         45:9a:f9:68:7b:6f:eb:25:a1:46:59:62:fb:8e:8a:11:ed:08:
         20:ea:a8:c1:86:4b:00:05:1e:8b:e5:4a:d4:ee:8f:42:9e:7f:
         23:bf:85:0d:35:e5:81:03:d8:35:87:ce:8d:a1:d1:03:59:51:
         cf:5b:ea:bd:2a:54:3e:f9:ab:af:f4:a2:c6:09:65:86:1f:3d:
         8b:c9:1c:74:2f:c5:11:12:d5:c1:f1:08:93:07:cf:5a:6d:1e:
         f1:fb:ef:be:ce:4f:4d:3f:29:d4:c0:30:c0:ac:5d:2a:ee:66:
         2c:a8:56:19:08:d8:d2:56:a1:8a:cc:f3:8e:f8:79:23:d7:97:
         cf:81:52:69:66:fd:fb:fe:d6:c8:9c:eb:84:f6:fb:1d:42:aa:
         bd:49:42:ca:3b:f9:f9:a1:b3:10:b0:22:30:12:5e:9c:2b:b3:
         49:8e:0b:18:68:2b:1a:3b:7f:3f:ef:4c:4f:4e:a5:62:62:0f:
         ef:cb:c9:19
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUEa78YbAtIkAbKWrvgD4yVgF64oQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTAyMDAyMTE1WhcNMjUxMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A2ZDYxMGQ1NWYyM2I1ZTdjNGJiODMwZTVhZWUzN2UyYmU2
ZjAzZTU2OTQ4ZDYxYzQ4YTdjZjY5NTVmYmU5M2YxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCtSbqAsHngZk65hRKBq4e1ByHSG28lFlMO6IgpYrHwMx3j
tMxOheJ7I01dyzcktjG6mPF6BMOXZLQ0fYmVStSjaxRXRKMOnLMfn8rqOnEymDVl
yInGj41O68FtUUeOm0whveLLLx2kHKddMSMgaA0obeFcQZJKhtBWTMaSQYBHESI6
YGaKDoSW6L0jB1Q/QAS6Hk1/qvqW3u1X2/JWcmA7lgxSU4Ft0SbM1wnvtnyin0HT
a6EEXbYeMgBUwzrL1g2xK5NuSERj96vKe6l1AqHGsGa64+8a9olJptHdaZaCFTxA
douDqkt8EyDCu+d36ct/egKVtR/VICeOknfRr69FAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU716s+rwxAc74i5pGAGaGnoQXLWcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk4MjRmZjk3LTI0NTYtNDliMi04NGEwLTk1NjZiNzEyYjI0OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB9gdDANBgkqhkiG9w0BAQsFAAOCAQEAxi6BO0Jp2G1fwWHcNNI+KHXG
zhtwvwYsSD45kwHbz/O/m/n/cTExNPBOq+jY6btOVeZdB+qk3M0YIbR7KWzn7KyQ
OCl4TR3hRZr5aHtv6yWhRlli+46KEe0IIOqowYZLAAUei+VK1O6PQp5/I7+FDTXl
gQPYNYfOjaHRA1lRz1vqvSpUPvmrr/Sixgllhh89i8kcdC/FERLVwfEIkwfPWm0e
8fvvvs5PTT8p1MAwwKxdKu5mLKhWGQjY0lahiszzjvh5I9eXz4FSaWb9+/7WyJzr
hPb7HUKqvUlCyjv5+aGzELAiMBJenCuzSY4LGGgrGjt/P+9MT06lYmIP78vJGQ==
-----END CERTIFICATE-----