Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cb96d250-5246-4bf9-ab64-c99916885173.roa
File:                     cb96d250-5246-4bf9-ab64-c99916885173.roa (raw, json)
Hash identifier:          dM4lPCgUrx4Qunuo8ErOovoB/E6sSGl7ecBe/WpXS04=
Subject key identifier:   D2:CE:CA:0F:E3:D2:74:A6:98:17:B8:12:5F:A1:68:5A:AA:DF:CB:12
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       32DA9F61400CF8E9C6A52DA469291C9284E5C8BD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cb96d250-5246-4bf9-ab64-c99916885173.roa
Signing time:             Wed 29 Oct 2025 00:30:51 +0000
ROA not before:           Wed 29 Oct 2025 00:30:51 +0000
ROA not after:            Wed 03 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1fa0:3400::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:da:9f:61:40:0c:f8:e9:c6:a5:2d:a4:69:29:1c:92:84:e5:c8:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 29 00:30:51 2025 GMT
            Not After : Dec  3 23:59:59 2025 GMT
        Subject: serialNumber=788013eb7889d7af08059fb779ba5d8b012a1b458d7540f5a73a2b9627d85d6b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:b7:30:3d:a4:d7:b1:b4:18:6d:ef:99:a4:08:
                    3d:ec:97:f7:c9:3a:5a:02:89:8e:1b:11:4c:9f:f6:
                    0c:1a:a4:c8:c9:2c:ac:7b:8c:6f:4a:9e:92:84:fe:
                    24:62:51:ea:93:f0:1b:83:1f:2e:2a:67:90:8e:37:
                    6f:1a:70:b9:8f:b7:eb:53:17:00:ee:77:3c:26:45:
                    95:42:47:d5:40:54:b0:fb:0e:13:59:ba:f7:ba:9d:
                    f9:67:b2:f0:91:0b:18:21:77:1e:37:7a:fe:f1:7a:
                    1b:d7:63:2d:86:a5:85:d8:53:51:67:50:09:e3:a9:
                    3f:26:dc:03:4e:c8:5a:f2:60:04:c5:cb:23:e3:d0:
                    88:10:fc:6a:10:bd:9e:63:09:12:dc:27:9e:26:dc:
                    df:ac:e8:67:72:6c:62:9b:1a:98:96:1a:92:45:5d:
                    89:b7:86:d6:be:eb:37:aa:59:35:47:99:4b:4e:6d:
                    38:d4:a0:3b:91:58:22:7a:c9:4a:8a:1a:d9:74:85:
                    77:0b:d5:b3:8b:9e:b6:6e:38:55:f0:38:80:af:eb:
                    db:f7:4d:8c:4d:21:1e:0e:60:54:7e:61:df:0f:e2:
                    84:7b:ae:cf:7a:28:e1:44:ed:ad:7f:88:28:0e:5f:
                    b6:b2:7f:9b:77:d9:dc:9f:94:9a:14:ac:e7:ed:16:
                    f3:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:CE:CA:0F:E3:D2:74:A6:98:17:B8:12:5F:A1:68:5A:AA:DF:CB:12
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cb96d250-5246-4bf9-ab64-c99916885173.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fa0:3400::/40

    Signature Algorithm: sha256WithRSAEncryption
         cc:7f:ae:78:27:aa:25:dd:44:d3:e9:3c:d8:1d:e4:eb:6a:ee:
         83:a1:11:a0:fd:11:a1:6c:a3:f2:a3:68:c2:29:0b:d0:24:84:
         05:99:c7:eb:0b:f8:dd:d0:01:4e:a3:05:b2:50:c7:29:ba:0b:
         67:d3:13:9e:3e:5a:c5:5a:14:99:2b:a5:62:b1:56:8c:a1:ec:
         e2:f0:ea:51:a8:6a:46:c6:be:15:51:a7:e8:75:41:c5:4d:d1:
         4a:be:f4:55:94:94:78:02:94:8c:0e:bd:72:d9:41:e2:ef:7d:
         42:18:4e:8d:f8:78:87:c9:a5:2b:cb:56:8a:8c:f9:0e:93:6c:
         67:f8:01:b1:c0:44:ff:9e:2a:fc:3d:ac:1c:1a:bf:18:e7:b9:
         03:3a:8a:52:97:87:b2:8d:f5:e0:fe:f4:0d:cf:05:50:8c:ea:
         52:53:99:81:97:e0:88:50:3e:97:7e:cd:ba:ff:81:85:84:c5:
         9d:3d:81:26:0b:10:5c:4d:02:a8:d2:db:57:97:63:ef:d1:7f:
         40:8d:93:71:68:99:19:8c:21:f2:35:fb:bd:44:28:46:bc:c5:
         b8:b6:18:c0:90:4e:68:47:c4:96:1b:5e:7e:b9:ca:2b:fa:8f:
         b6:4c:5f:ac:0a:65:cc:38:f3:5c:5c:ba:d1:5a:de:09:91:fc:
         e1:bf:ce:c9
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUMtqfYUAM+OnGpS2kaSkckoTlyL0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI5MDAzMDUxWhcNMjUxMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0A3ODgwMTNlYjc4ODlkN2FmMDgwNTlmYjc3OWJhNWQ4YjAx
MmExYjQ1OGQ3NTQwZjVhNzNhMmI5NjI3ZDg1ZDZiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDntzA9pNextBht75mkCD3sl/fJOloCiY4bEUyf9gwapMjJ
LKx7jG9KnpKE/iRiUeqT8BuDHy4qZ5CON28acLmPt+tTFwDudzwmRZVCR9VAVLD7
DhNZuve6nflnsvCRCxghdx43ev7xehvXYy2GpYXYU1FnUAnjqT8m3ANOyFryYATF
yyPj0IgQ/GoQvZ5jCRLcJ54m3N+s6GdybGKbGpiWGpJFXYm3hta+6zeqWTVHmUtO
bTjUoDuRWCJ6yUqKGtl0hXcL1bOLnrZuOFXwOICv69v3TYxNIR4OYFR+Yd8P4oR7
rs96KOFE7a1/iCgOX7ayf5t32dyflJoUrOftFvOVAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU0s7KD+PSdKaYF7gSX6FoWqrfyxIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NiOTZkMjUwLTUyNDYtNGJmOS1hYjY0LWM5OTkxNjg4NTE3My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB+gNDANBgkqhkiG9w0BAQsFAAOCAQEAzH+ueCeqJd1E0+k82B3k62ru
g6ERoP0RoWyj8qNowikL0CSEBZnH6wv43dABTqMFslDHKboLZ9MTnj5axVoUmSul
YrFWjKHs4vDqUahqRsa+FVGn6HVBxU3RSr70VZSUeAKUjA69ctlB4u99QhhOjfh4
h8mlK8tWioz5DpNsZ/gBscBE/54q/D2sHBq/GOe5AzqKUpeHso314P70Dc8FUIzq
UlOZgZfgiFA+l37Nuv+BhYTFnT2BJgsQXE0CqNLbV5dj79F/QI2TcWiZGYwh8jX7
vUQoRrzFuLYYwJBOaEfElhtefrnKK/qPtkxfrAplzDjzXFy60VreCZH84b/OyQ==
-----END CERTIFICATE-----