Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/aed1b077-e785-48ca-9897-668f3b060200.roa
File:                     aed1b077-e785-48ca-9897-668f3b060200.roa (raw, json)
Hash identifier:          wIRy11Ct2okEm6SKrskwacFYKA63m6IHbtudVD4mOIo=
Subject key identifier:   99:A3:37:08:CF:8A:99:56:40:41:AC:7F:79:52:0C:DB:1D:FD:15:95
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       07E9A667085D00EBD4318324DB37768C7F829A4A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/aed1b077-e785-48ca-9897-668f3b060200.roa
Signing time:             Wed 29 Oct 2025 00:50:12 +0000
ROA not before:           Wed 29 Oct 2025 00:50:12 +0000
ROA not after:            Wed 03 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ff3:e080::/46 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:e9:a6:67:08:5d:00:eb:d4:31:83:24:db:37:76:8c:7f:82:9a:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 29 00:50:12 2025 GMT
            Not After : Dec  3 23:59:59 2025 GMT
        Subject: serialNumber=1550e7494f350f56ce3e0a59f61cda9f1abbe7e963d8c53e4b99d64df599f963, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:ec:02:f0:b9:c2:a8:1d:e7:50:7d:6a:8a:67:
                    4a:81:e7:fc:20:cb:61:90:96:e5:0c:b7:15:76:5f:
                    9b:92:3b:70:f1:6f:91:b1:2a:6a:c1:81:5e:3f:48:
                    ae:41:3b:fd:94:c1:8b:61:e5:bd:8a:1d:af:0e:9c:
                    b6:85:26:d8:9e:aa:cf:f3:70:de:7f:13:cb:80:ec:
                    88:3c:6c:eb:18:68:de:c2:22:de:82:a2:73:73:52:
                    14:1f:7c:48:d1:47:d7:ff:ea:2a:22:ab:13:15:75:
                    f7:37:ee:a4:c7:55:7e:70:5e:0e:e6:c0:8b:41:47:
                    08:78:3a:74:ef:71:79:ba:2f:6f:ce:96:d4:50:26:
                    44:c0:a5:92:30:18:28:2e:9d:d2:b6:59:8f:d5:81:
                    bf:c4:01:de:8e:19:74:67:20:0c:af:0f:20:93:ca:
                    a5:d5:d4:7d:58:be:12:ce:15:67:ca:b7:12:6b:52:
                    ed:4e:30:46:5f:27:13:ae:d1:c9:03:ed:14:39:11:
                    ef:35:df:1b:b5:d5:aa:71:25:4d:49:c6:a0:85:0f:
                    55:8f:9b:66:64:a8:6f:b0:da:b6:75:d6:4e:08:97:
                    d7:e8:b8:b6:93:81:7c:a0:6d:87:13:0d:dd:5d:ab:
                    6c:f5:a8:c2:d3:b9:51:af:05:4b:67:f4:b7:6b:ac:
                    ad:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:A3:37:08:CF:8A:99:56:40:41:AC:7F:79:52:0C:DB:1D:FD:15:95
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/aed1b077-e785-48ca-9897-668f3b060200.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff3:e080::/46

    Signature Algorithm: sha256WithRSAEncryption
         28:23:17:01:67:aa:3d:a4:15:32:f5:89:26:d3:0e:98:f0:bc:
         47:12:b1:89:91:80:d8:15:17:67:6a:98:69:36:b1:50:f7:38:
         be:9c:cb:ae:a3:cf:35:2d:75:80:3f:df:13:24:5b:30:8a:94:
         8f:fa:33:97:38:77:9d:60:af:3c:3d:a3:57:ef:72:72:46:5a:
         87:fa:15:ac:75:87:5c:9d:9c:7c:56:07:b6:86:90:4c:03:d8:
         a8:a7:fa:f7:15:67:de:32:0d:9e:7e:ab:f1:f9:2d:a8:96:54:
         8a:a6:76:04:9c:46:bd:14:ad:50:e4:4b:03:83:c4:37:f4:ab:
         db:cb:64:15:d6:75:22:ad:ee:aa:2a:37:af:d8:4d:94:44:37:
         82:c2:e9:28:ce:81:fe:53:95:bb:4c:68:e1:6e:1a:33:63:74:
         01:e1:12:b7:46:b1:5d:64:23:0a:f4:f8:a3:39:0f:56:6d:ed:
         11:c9:05:2b:00:77:49:6b:48:b4:15:12:66:d2:49:cf:a8:a0:
         3f:d9:80:2d:e4:f2:f1:84:ed:56:1a:5e:8a:e0:40:c6:81:c2:
         03:f5:69:da:4d:51:fb:d0:3c:ca:20:9b:95:79:67:6c:0e:ec:
         78:af:c0:71:55:2a:1f:d5:82:fc:5a:f7:7f:1e:e2:a6:cf:84:
         a3:43:f0:90
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUB+mmZwhdAOvUMYMk2zd2jH+CmkowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI5MDA1MDEyWhcNMjUxMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0AxNTUwZTc0OTRmMzUwZjU2Y2UzZTBhNTlmNjFjZGE5ZjFh
YmJlN2U5NjNkOGM1M2U0Yjk5ZDY0ZGY1OTlmOTYzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCa7ALwucKoHedQfWqKZ0qB5/wgy2GQluUMtxV2X5uSO3Dx
b5GxKmrBgV4/SK5BO/2UwYth5b2KHa8OnLaFJtieqs/zcN5/E8uA7Ig8bOsYaN7C
It6ConNzUhQffEjRR9f/6ioiqxMVdfc37qTHVX5wXg7mwItBRwh4OnTvcXm6L2/O
ltRQJkTApZIwGCgundK2WY/Vgb/EAd6OGXRnIAyvDyCTyqXV1H1YvhLOFWfKtxJr
Uu1OMEZfJxOu0ckD7RQ5Ee813xu11apxJU1JxqCFD1WPm2ZkqG+w2rZ11k4Il9fo
uLaTgXygbYcTDd1dq2z1qMLTuVGvBUtn9LdrrK1DAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUmaM3CM+KmVZAQax/eVIM2x39FZUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FlZDFiMDc3LWU3ODUtNDhjYS05ODk3LTY2OGYzYjA2MDIwMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwImAB/z4IAwDQYJKoZIhvcNAQELBQADggEBACgjFwFnqj2kFTL1iSbTDpjw
vEcSsYmRgNgVF2dqmGk2sVD3OL6cy66jzzUtdYA/3xMkWzCKlI/6M5c4d51grzw9
o1fvcnJGWof6Fax1h1ydnHxWB7aGkEwD2Kin+vcVZ94yDZ5+q/H5LaiWVIqmdgSc
Rr0UrVDkSwODxDf0q9vLZBXWdSKt7qoqN6/YTZREN4LC6SjOgf5TlbtMaOFuGjNj
dAHhErdGsV1kIwr0+KM5D1Zt7RHJBSsAd0lrSLQVEmbSSc+ooD/ZgC3k8vGE7VYa
XorgQMaBwgP1adpNUfvQPMogm5V5Z2wO7HivwHFVKh/Vgvxa938e4qbPhKND8JA=
-----END CERTIFICATE-----