Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dbed3a5f-ab91-4d00-9617-65b88c24ab33.roa
File:                     dbed3a5f-ab91-4d00-9617-65b88c24ab33.roa (raw, json)
Hash identifier:          mfUZkCxyVGNOWkm1qbaaR3AiYhxRNN/yVX8rwPMWxaY=
Subject key identifier:   ED:87:1F:43:EE:9E:43:0C:05:49:CF:5C:F0:4A:EC:45:71:EA:9F:24
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       58FA3A8A134C797C2A147F1F4D0BC9E9D6E35AC4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dbed3a5f-ab91-4d00-9617-65b88c24ab33.roa
Signing time:             Sun 02 Nov 2025 00:30:09 +0000
ROA not before:           Sun 02 Nov 2025 00:30:09 +0000
ROA not after:            Sun 07 Dec 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f60:a400::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:fa:3a:8a:13:4c:79:7c:2a:14:7f:1f:4d:0b:c9:e9:d6:e3:5a:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  2 00:30:09 2025 GMT
            Not After : Dec  7 23:59:59 2025 GMT
        Subject: serialNumber=8a68da0e82075c0b66f55fba7e83bfc91fb2570cf3c4e9b47dc6054c9c7d73e0, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:dc:4f:57:ea:c3:5c:bf:db:58:e1:ba:54:4d:
                    8a:96:ae:5e:5e:19:58:20:84:8c:62:d3:8b:34:61:
                    8e:0c:f9:ae:5f:8f:03:2a:30:af:fe:f0:95:8a:1b:
                    20:5e:89:79:27:15:a5:66:e1:95:4d:69:6d:0e:8a:
                    99:72:42:33:4c:5f:d6:f5:00:5c:cd:78:c8:f0:48:
                    5d:48:a0:10:ad:db:d9:54:c1:96:dc:56:0b:5e:c4:
                    c5:f1:c5:be:ad:16:75:7d:40:e8:aa:6e:91:05:b7:
                    a5:07:68:50:f7:39:ec:0f:f7:89:80:cc:a2:1f:0f:
                    00:8b:2d:03:ef:f9:df:5b:2a:f7:30:28:1f:1e:c0:
                    08:b1:00:88:7e:b8:2f:88:64:b1:47:71:03:e0:e5:
                    ed:40:00:07:57:b2:8f:78:b3:1c:5f:88:00:61:12:
                    b0:53:3b:67:b4:3b:7c:d4:23:16:17:f0:44:3c:11:
                    71:de:16:42:ae:4d:9d:24:ca:de:bd:3f:e1:6e:15:
                    a8:1d:d7:4d:9c:77:ef:c6:ed:1b:3b:91:ca:89:81:
                    a2:7e:fb:1e:1c:e6:a5:9f:37:1e:53:7c:00:98:ce:
                    46:d1:51:eb:6f:1e:05:94:93:17:a0:17:75:79:49:
                    ab:e3:b6:e5:8d:b7:be:57:4b:a3:bc:fa:0a:bd:8b:
                    17:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:87:1F:43:EE:9E:43:0C:05:49:CF:5C:F0:4A:EC:45:71:EA:9F:24
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dbed3a5f-ab91-4d00-9617-65b88c24ab33.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f60:a400::/40

    Signature Algorithm: sha256WithRSAEncryption
         57:fe:f9:fa:c4:88:0f:10:99:63:75:a6:36:79:97:21:e4:ae:
         39:d1:78:8d:9e:4f:e9:b1:d9:ed:5c:ba:0d:44:2a:97:59:27:
         f3:75:b2:22:aa:c7:46:10:f0:0f:06:ad:d7:e6:c5:6e:7e:78:
         26:05:dc:64:8c:76:a8:90:cd:91:a9:3b:98:d5:c2:76:0f:93:
         f5:22:a9:5a:49:1e:91:bb:3c:89:a4:3a:84:ce:10:32:ca:e7:
         bd:24:ec:a5:b2:61:e2:9f:0f:be:9f:7d:57:fe:9e:bd:f0:ba:
         4c:8e:04:33:59:98:ca:0f:be:4c:08:61:ce:1a:e2:9a:5e:57:
         4c:59:19:d2:37:b2:9b:de:ec:02:15:b6:74:4f:29:71:45:d3:
         d1:f6:36:f0:07:75:c4:c8:fa:a7:68:33:a4:3d:58:23:50:0a:
         71:2a:18:fd:a7:bb:76:b1:15:eb:75:e9:d7:5e:85:da:ba:4a:
         91:83:4a:bf:86:e4:2c:28:1d:fe:b7:e9:29:7d:f1:11:26:d2:
         72:f2:56:b5:f8:5c:e9:2e:bb:6c:02:c2:f0:0c:9f:ab:7b:aa:
         0f:96:78:05:70:53:35:99:4e:04:77:22:2f:0c:3e:fe:4b:d3:
         ee:09:06:70:2d:d3:cd:f1:b0:ff:0d:6a:83:d2:a6:b6:8b:31:
         aa:bf:59:8f
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUWPo6ihNMeXwqFH8fTQvJ6dbjWsQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTAyMDAzMDA5WhcNMjUxMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A4YTY4ZGEwZTgyMDc1YzBiNjZmNTVmYmE3ZTgzYmZjOTFm
YjI1NzBjZjNjNGU5YjQ3ZGM2MDU0YzljN2Q3M2UwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCr3E9X6sNcv9tY4bpUTYqWrl5eGVgghIxi04s0YY4M+a5f
jwMqMK/+8JWKGyBeiXknFaVm4ZVNaW0OiplyQjNMX9b1AFzNeMjwSF1IoBCt29lU
wZbcVgtexMXxxb6tFnV9QOiqbpEFt6UHaFD3OewP94mAzKIfDwCLLQPv+d9bKvcw
KB8ewAixAIh+uC+IZLFHcQPg5e1AAAdXso94sxxfiABhErBTO2e0O3zUIxYX8EQ8
EXHeFkKuTZ0kyt69P+FuFagd102cd+/G7Rs7kcqJgaJ++x4c5qWfNx5TfACYzkbR
UetvHgWUkxegF3V5SavjtuWNt75XS6O8+gq9ixfBAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU7YcfQ+6eQwwFSc9c8ErsRXHqnyQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2RiZWQzYTVmLWFiOTEtNGQwMC05NjE3LTY1Yjg4YzI0YWIzMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB9gpDANBgkqhkiG9w0BAQsFAAOCAQEAV/75+sSIDxCZY3WmNnmXIeSu
OdF4jZ5P6bHZ7Vy6DUQql1kn83WyIqrHRhDwDwat1+bFbn54JgXcZIx2qJDNkak7
mNXCdg+T9SKpWkkekbs8iaQ6hM4QMsrnvSTspbJh4p8Pvp99V/6evfC6TI4EM1mY
yg++TAhhzhriml5XTFkZ0jeym97sAhW2dE8pcUXT0fY28Ad1xMj6p2gzpD1YI1AK
cSoY/ae7drEV63Xp116F2rpKkYNKv4bkLCgd/rfpKX3xESbScvJWtfhc6S67bALC
8Ayfq3uqD5Z4BXBTNZlOBHciLww+/kvT7gkGcC3TzfGw/w1qg9Kmtosxqr9Zjw==
-----END CERTIFICATE-----