Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dffe7c41-91f1-4ad3-a375-4c43d7b3ade4.roa
File:                     dffe7c41-91f1-4ad3-a375-4c43d7b3ade4.roa (raw, json)
Hash identifier:          VUs7nSJwcL41ejJNAyDlarOF0DHvYs/bzNr9eYfH9hA=
Subject key identifier:   56:5D:78:00:0C:91:25:75:96:E5:FB:08:48:C6:96:9D:AD:C2:E0:A2
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       45168CA87BB4CEC5D66C0BF52EAEF11C6AF38535
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dffe7c41-91f1-4ad3-a375-4c43d7b3ade4.roa
Signing time:             Sun 26 Oct 2025 00:20:07 +0000
ROA not before:           Sun 26 Oct 2025 00:20:07 +0000
ROA not after:            Sun 30 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1fa0:a400::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:16:8c:a8:7b:b4:ce:c5:d6:6c:0b:f5:2e:ae:f1:1c:6a:f3:85:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 26 00:20:07 2025 GMT
            Not After : Nov 30 23:59:59 2025 GMT
        Subject: serialNumber=c33c1470f1fe0f0515c7a9d117ad4d25191ec71d4f2d24f5c30a13ed15db559e, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:b4:98:4a:9f:a0:cc:29:3c:31:d9:93:ec:c5:
                    05:96:0b:e6:e6:3d:36:28:b7:ea:d2:40:8e:bb:98:
                    e5:c4:2b:f2:c8:20:c0:6e:e4:d8:75:a4:e5:27:99:
                    0b:ff:56:e9:20:31:45:b3:7d:ef:56:f0:1d:27:8c:
                    5a:cc:b2:00:54:61:da:d6:fb:2d:e3:47:b1:44:0b:
                    04:61:44:e6:c0:43:a9:83:c8:4c:d2:d5:c7:79:90:
                    8b:39:05:1a:ae:88:1f:b0:37:19:4c:d6:51:8a:4c:
                    eb:2c:05:04:2e:14:9e:49:f7:63:e2:91:86:b3:b8:
                    18:ba:81:1c:92:75:c1:34:2f:0b:f2:f2:a2:2b:69:
                    1b:59:6b:97:75:95:3b:1a:fa:b6:8f:1e:7d:ee:91:
                    64:fa:e5:48:6b:49:8b:91:c1:90:03:e3:e9:e4:83:
                    47:d0:00:eb:42:4f:d0:d4:ae:62:ae:02:21:cb:83:
                    7a:d4:13:c1:ca:01:bb:92:54:a9:f1:57:ad:d0:af:
                    4c:50:99:20:b9:75:b0:bb:6d:73:24:db:8f:6b:29:
                    ff:21:ab:d1:67:37:70:8e:12:a9:6d:66:67:fb:5e:
                    b5:91:10:33:a3:9d:98:0c:00:ec:fb:f1:a2:07:6e:
                    8a:cf:f1:c3:9e:50:65:88:8b:12:6f:c9:d9:1c:be:
                    e4:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:5D:78:00:0C:91:25:75:96:E5:FB:08:48:C6:96:9D:AD:C2:E0:A2
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dffe7c41-91f1-4ad3-a375-4c43d7b3ade4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fa0:a400::/40

    Signature Algorithm: sha256WithRSAEncryption
         55:22:c1:89:e0:92:b4:b2:87:87:c2:a8:be:be:f5:34:3b:d4:
         93:6b:84:1f:04:cb:62:28:18:79:73:8a:ad:29:03:6e:e0:be:
         55:07:f3:4a:97:50:8e:9d:d7:8a:9b:c7:9d:64:b4:70:f5:20:
         f2:b7:19:31:bc:ff:36:5e:7e:03:d5:af:37:9e:5e:4b:4f:9b:
         57:74:ff:83:c5:78:fc:49:50:54:bb:6b:eb:6d:f9:f9:db:cc:
         03:0d:d8:bb:fe:e2:e2:75:98:8f:8d:b9:64:55:98:cf:15:b0:
         c4:7a:10:a7:5b:01:67:05:c6:ef:42:62:40:45:8c:47:3d:f1:
         1f:11:f2:46:82:19:06:a8:3f:4b:55:24:26:95:fe:44:20:34:
         00:6f:a6:eb:95:c0:27:ca:d9:8b:b2:ee:a8:a3:5a:f4:2d:87:
         b8:2e:d3:d1:08:71:e1:21:6d:74:76:3b:bd:0a:a1:35:4e:b9:
         8f:3b:47:9d:f4:e3:57:17:18:a4:a9:27:af:ab:eb:d9:bb:bc:
         99:0d:ef:e0:82:ba:69:73:31:b7:e4:a1:e3:8c:c8:c4:72:1a:
         76:aa:1a:4b:c3:86:3a:b3:5d:fd:80:ff:5b:78:1e:5a:b8:b5:
         0d:81:24:3d:a7:02:9c:29:77:cb:c8:62:f0:3a:7b:19:52:2c:
         c5:8c:ff:65
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIURRaMqHu0zsXWbAv1Lq7xHGrzhTUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI2MDAyMDA3WhcNMjUxMTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BjMzNjMTQ3MGYxZmUwZjA1MTVjN2E5ZDExN2FkNGQyNTE5
MWVjNzFkNGYyZDI0ZjVjMzBhMTNlZDE1ZGI1NTllMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCotJhKn6DMKTwx2ZPsxQWWC+bmPTYot+rSQI67mOXEK/LI
IMBu5Nh1pOUnmQv/VukgMUWzfe9W8B0njFrMsgBUYdrW+y3jR7FECwRhRObAQ6mD
yEzS1cd5kIs5BRquiB+wNxlM1lGKTOssBQQuFJ5J92PikYazuBi6gRySdcE0Lwvy
8qIraRtZa5d1lTsa+raPHn3ukWT65UhrSYuRwZAD4+nkg0fQAOtCT9DUrmKuAiHL
g3rUE8HKAbuSVKnxV63Qr0xQmSC5dbC7bXMk249rKf8hq9FnN3COEqltZmf7XrWR
EDOjnZgMAOz78aIHborP8cOeUGWIixJvydkcvuRjAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUVl14AAyRJXWW5fsISMaWna3C4KIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2RmZmU3YzQxLTkxZjEtNGFkMy1hMzc1LTRjNDNkN2IzYWRlNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB+gpDANBgkqhkiG9w0BAQsFAAOCAQEAVSLBieCStLKHh8Kovr71NDvU
k2uEHwTLYigYeXOKrSkDbuC+VQfzSpdQjp3XipvHnWS0cPUg8rcZMbz/Nl5+A9Wv
N55eS0+bV3T/g8V4/ElQVLtr6235+dvMAw3Yu/7i4nWYj425ZFWYzxWwxHoQp1sB
ZwXG70JiQEWMRz3xHxHyRoIZBqg/S1UkJpX+RCA0AG+m65XAJ8rZi7LuqKNa9C2H
uC7T0Qhx4SFtdHY7vQqhNU65jztHnfTjVxcYpKknr6vr2bu8mQ3v4IK6aXMxt+Sh
44zIxHIadqoaS8OGOrNd/YD/W3geWri1DYEkPacCnCl3y8hi8Dp7GVIsxYz/ZQ==
-----END CERTIFICATE-----