Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c01053e6-0dae-4eff-bece-22ed72ddb780.roa
File:                     c01053e6-0dae-4eff-bece-22ed72ddb780.roa (raw, json)
Hash identifier:          +srfpHoG0lC52bRa5p6n5gM50s84FeG9NPCH/13qDEc=
Subject key identifier:   08:C0:3C:14:27:EB:2D:40:A7:3B:1E:63:72:8B:87:13:07:A3:F8:96
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       66C9ED954F6A8B2302ED30BB4BB8758DBAC04745
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c01053e6-0dae-4eff-bece-22ed72ddb780.roa
Signing time:             Tue 28 Oct 2025 00:30:11 +0000
ROA not before:           Tue 28 Oct 2025 00:30:11 +0000
ROA not after:            Tue 02 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ffd:80d0::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:c9:ed:95:4f:6a:8b:23:02:ed:30:bb:4b:b8:75:8d:ba:c0:47:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 28 00:30:11 2025 GMT
            Not After : Dec  2 23:59:59 2025 GMT
        Subject: serialNumber=d3cdc6ac2ec027943d9e835c1176a14b01455a7e1163d53308dc9c6ecf129ba6, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:95:93:ae:d2:b2:15:6c:22:e2:b2:1c:df:e2:
                    80:d2:5c:79:1a:d6:26:5d:7d:14:7f:95:d5:5c:be:
                    e6:07:b1:51:9e:de:40:59:19:b0:2d:84:15:23:8b:
                    83:ee:82:37:31:68:4e:aa:7d:e7:d8:9c:64:15:b7:
                    7f:9d:de:50:2e:3a:6a:c5:52:40:ef:3e:b0:4a:7e:
                    68:33:61:f7:de:07:7c:02:6a:ca:d1:19:14:21:95:
                    2c:59:29:5e:ca:38:2b:d3:62:29:73:33:d1:3a:5d:
                    bf:57:65:79:16:c4:dd:bb:92:e2:2b:c2:c8:d4:c7:
                    5e:92:85:f1:8d:f1:58:48:59:0c:57:9a:48:b4:f5:
                    13:9c:3c:f3:dd:fb:03:00:0c:a7:ea:00:df:25:9b:
                    14:16:87:92:f8:e7:ee:92:61:7d:f5:75:11:59:97:
                    ac:0f:f7:9a:49:3b:4e:11:05:d0:53:4f:ec:92:78:
                    58:78:47:61:f8:62:53:bd:fb:ff:e1:fe:ea:c2:e8:
                    d0:0c:89:2a:34:7b:6b:e7:a7:12:ab:05:39:c6:c2:
                    69:aa:4e:83:4a:63:c7:a2:2e:e4:4a:30:fb:b3:ae:
                    ff:fb:f5:0c:57:d6:7f:24:a8:3e:26:29:9f:c5:9e:
                    40:ad:89:f1:b3:74:b7:04:37:ef:0b:db:c7:8f:78:
                    e3:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:C0:3C:14:27:EB:2D:40:A7:3B:1E:63:72:8B:87:13:07:A3:F8:96
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c01053e6-0dae-4eff-bece-22ed72ddb780.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ffd:80d0::/48

    Signature Algorithm: sha256WithRSAEncryption
         d3:57:aa:9b:b3:ff:f2:e2:b8:56:50:f6:42:21:e1:91:8d:ab:
         dd:7c:a1:1a:c8:0c:7b:83:d3:8d:77:be:d4:ff:cb:0e:f6:3b:
         cf:22:53:45:0c:79:44:3a:49:55:06:a4:7f:68:6b:dd:61:88:
         88:53:d0:2b:13:8a:eb:0b:a5:f2:3a:a1:cb:0a:19:2a:72:36:
         43:6f:c9:6d:1c:7b:88:bf:ee:f1:3b:75:23:de:3f:83:b8:8b:
         01:3e:de:6f:e0:f8:cd:25:3e:61:ea:5e:b7:21:62:9d:3d:ef:
         47:a8:3a:ff:ad:57:99:70:39:21:78:0b:2d:54:38:ff:76:c8:
         60:c5:17:58:7a:76:a0:7a:f9:84:83:58:a9:ec:84:8c:80:75:
         b9:4a:53:50:4f:71:2e:89:d5:6e:5a:9b:bc:cb:70:30:eb:26:
         1b:ac:9f:f4:16:49:18:57:c7:f0:53:23:ee:b1:fb:81:e8:8c:
         c3:f5:08:6f:7b:f0:73:ea:bc:9c:fc:56:1c:69:13:2b:da:f1:
         53:cc:9b:e6:a0:22:b1:01:14:a8:7e:2c:2b:f6:9b:c5:f1:0d:
         d1:b3:c2:29:ad:21:7e:65:d0:bf:1f:46:50:a1:69:ea:8b:bb:
         ed:62:08:7f:c3:42:ea:73:68:f1:f9:00:7e:4b:e1:fe:58:45:
         1c:76:53:23
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUZsntlU9qiyMC7TC7S7h1jbrAR0UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI4MDAzMDExWhcNMjUxMjAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BkM2NkYzZhYzJlYzAyNzk0M2Q5ZTgzNWMxMTc2YTE0YjAx
NDU1YTdlMTE2M2Q1MzMwOGRjOWM2ZWNmMTI5YmE2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC6lZOu0rIVbCLishzf4oDSXHka1iZdfRR/ldVcvuYHsVGe
3kBZGbAthBUji4PugjcxaE6qfefYnGQVt3+d3lAuOmrFUkDvPrBKfmgzYffeB3wC
asrRGRQhlSxZKV7KOCvTYilzM9E6Xb9XZXkWxN27kuIrwsjUx16ShfGN8VhIWQxX
mki09ROcPPPd+wMADKfqAN8lmxQWh5L45+6SYX31dRFZl6wP95pJO04RBdBTT+yS
eFh4R2H4YlO9+//h/urC6NAMiSo0e2vnpxKrBTnGwmmqToNKY8eiLuRKMPuzrv/7
9QxX1n8kqD4mKZ/FnkCtifGzdLcEN+8L28ePeOPzAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUCMA8FCfrLUCnOx5jcouHEwej+JYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2MwMTA1M2U2LTBkYWUtNGVmZi1iZWNlLTIyZWQ3MmRkYjc4MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB/9gNAwDQYJKoZIhvcNAQELBQADggEBANNXqpuz//LiuFZQ9kIh4ZGN
q918oRrIDHuD0413vtT/yw72O88iU0UMeUQ6SVUGpH9oa91hiIhT0CsTiusLpfI6
ocsKGSpyNkNvyW0ce4i/7vE7dSPeP4O4iwE+3m/g+M0lPmHqXrchYp0970eoOv+t
V5lwOSF4Cy1UOP92yGDFF1h6dqB6+YSDWKnshIyAdblKU1BPcS6J1W5am7zLcDDr
Jhusn/QWSRhXx/BTI+6x+4HojMP1CG978HPqvJz8VhxpEyva8VPMm+agIrEBFKh+
LCv2m8XxDdGzwimtIX5l0L8fRlChaeqLu+1iCH/DQupzaPH5AH5L4f5YRRx2UyM=
-----END CERTIFICATE-----