Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e26cb5df-5e86-4ccb-a96a-cb08ad75a489.roa
File:                     e26cb5df-5e86-4ccb-a96a-cb08ad75a489.roa (raw, json)
Hash identifier:          fyRE3ZNKbst7nqXI+VZtPzzv9ve2d84sZ5NcO73kQXY=
Subject key identifier:   5F:00:43:0A:DD:F2:7E:B1:A8:B4:62:AE:D1:9D:5D:F0:00:35:F8:5E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6FF6DC4992342017AFF3C062FFD39B0732FC8BAD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e26cb5df-5e86-4ccb-a96a-cb08ad75a489.roa
Signing time:             Tue 21 Oct 2025 00:20:06 +0000
ROA not before:           Tue 21 Oct 2025 00:20:06 +0000
ROA not after:            Tue 25 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1fef:a400::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6f:f6:dc:49:92:34:20:17:af:f3:c0:62:ff:d3:9b:07:32:fc:8b:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 21 00:20:06 2025 GMT
            Not After : Nov 25 23:59:59 2025 GMT
        Subject: serialNumber=9d34b399b89a3f8ae1b369781b467a67ecc007ea2414dc6fe23b386db6722060, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:bc:47:36:09:e5:b9:f7:6a:32:6a:0a:16:33:
                    4c:12:eb:6f:21:fb:25:52:4d:ac:4d:dc:32:07:94:
                    b7:36:03:a3:15:93:2c:62:59:1a:ba:90:5d:b6:57:
                    a8:a3:5f:58:bc:5d:44:2a:a9:8e:2a:29:03:eb:e2:
                    80:e5:7c:9c:a7:4d:56:76:41:32:ba:8d:8a:97:13:
                    c5:4c:cd:ca:89:02:78:83:c3:83:b0:0f:44:e9:87:
                    ca:16:43:39:d5:e1:67:c6:70:89:6c:5a:42:b7:93:
                    f1:c6:2e:0b:f8:73:c8:94:50:62:77:01:f3:2c:28:
                    44:51:61:3a:45:dc:80:62:7f:76:5c:97:54:a8:b7:
                    ad:d4:7f:06:7e:f1:a5:98:a2:53:3c:63:dd:ee:40:
                    55:36:f4:85:4a:ad:31:d9:33:ac:86:06:c2:51:c8:
                    e9:76:2f:e1:d0:3c:72:ac:5c:72:2c:19:25:8e:c4:
                    03:5c:06:2b:9a:70:41:a1:6e:b5:20:af:73:54:6e:
                    b2:22:23:34:9f:61:0d:20:c0:00:c6:4b:d7:d4:44:
                    92:f6:88:2a:d3:ef:fa:4d:08:71:43:af:d5:11:8a:
                    0f:b8:16:21:4a:77:f7:87:35:5c:48:c3:8b:e6:0d:
                    a7:00:0c:13:d7:c0:9e:bb:f3:b1:8b:67:ec:06:c3:
                    64:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:00:43:0A:DD:F2:7E:B1:A8:B4:62:AE:D1:9D:5D:F0:00:35:F8:5E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e26cb5df-5e86-4ccb-a96a-cb08ad75a489.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fef:a400::/40

    Signature Algorithm: sha256WithRSAEncryption
         c6:a1:8c:5b:21:92:9d:3b:eb:7e:aa:3e:80:fe:89:b1:fd:56:
         da:ab:04:5e:c5:79:73:f4:cd:78:98:15:d4:e6:1d:47:a3:a3:
         74:e1:6e:e2:26:57:d5:7f:ef:56:bf:2b:61:69:24:3e:a2:27:
         83:3d:a9:ce:5f:81:f4:ae:8b:8b:95:a2:7c:55:49:86:74:05:
         b2:e9:ae:ef:ea:e5:b1:10:b0:b2:f0:1a:06:ee:5d:70:69:8b:
         6d:5d:dd:a0:b9:92:2c:45:d2:50:d3:02:a5:a5:b0:a1:36:a1:
         e2:63:02:31:d2:ee:5b:74:c7:e2:28:d9:92:1c:b9:92:96:9f:
         e1:8b:9b:4a:c6:b6:dd:1b:72:42:5b:94:50:16:a3:7c:27:92:
         8d:c9:e4:e2:6c:25:d2:e2:1a:91:92:90:4f:8f:ca:1f:41:ff:
         eb:6d:fc:83:32:ed:61:2f:53:de:30:1b:a6:96:79:d3:e7:bf:
         c6:58:46:2e:64:ab:c5:70:de:cf:b4:38:10:06:37:2a:b7:02:
         f7:52:47:58:aa:81:0c:d6:49:ff:32:c6:a8:bd:f8:4e:f3:48:
         83:27:89:8f:ed:95:b1:30:fa:73:16:74:b6:89:95:68:2f:65:
         3e:42:1d:1b:ea:90:70:93:3f:f8:aa:45:c5:94:80:15:79:08:
         87:a3:d0:e1
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUb/bcSZI0IBev88Bi/9ObBzL8i60wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIxMDAyMDA2WhcNMjUxMTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZDM0YjM5OWI4OWEzZjhhZTFiMzY5NzgxYjQ2N2E2N2Vj
YzAwN2VhMjQxNGRjNmZlMjNiMzg2ZGI2NzIyMDYwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDdvEc2CeW592oyagoWM0wS628h+yVSTaxN3DIHlLc2A6MV
kyxiWRq6kF22V6ijX1i8XUQqqY4qKQPr4oDlfJynTVZ2QTK6jYqXE8VMzcqJAniD
w4OwD0Tph8oWQznV4WfGcIlsWkK3k/HGLgv4c8iUUGJ3AfMsKERRYTpF3IBif3Zc
l1Sot63UfwZ+8aWYolM8Y93uQFU29IVKrTHZM6yGBsJRyOl2L+HQPHKsXHIsGSWO
xANcBiuacEGhbrUgr3NUbrIiIzSfYQ0gwADGS9fURJL2iCrT7/pNCHFDr9URig+4
FiFKd/eHNVxIw4vmDacADBPXwJ6787GLZ+wGw2SnAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUXwBDCt3yfrGotGKu0Z1d8AA1+F4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2UyNmNiNWRmLTVlODYtNGNjYi1hOTZhLWNiMDhhZDc1YTQ4OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/vpDANBgkqhkiG9w0BAQsFAAOCAQEAxqGMWyGSnTvrfqo+gP6Jsf1W
2qsEXsV5c/TNeJgV1OYdR6OjdOFu4iZX1X/vVr8rYWkkPqIngz2pzl+B9K6Li5Wi
fFVJhnQFsumu7+rlsRCwsvAaBu5dcGmLbV3doLmSLEXSUNMCpaWwoTah4mMCMdLu
W3TH4ijZkhy5kpaf4YubSsa23RtyQluUUBajfCeSjcnk4mwl0uIakZKQT4/KH0H/
6238gzLtYS9T3jAbppZ50+e/xlhGLmSrxXDez7Q4EAY3KrcC91JHWKqBDNZJ/zLG
qL34TvNIgyeJj+2VsTD6cxZ0tomVaC9lPkIdG+qQcJM/+KpFxZSAFXkIh6PQ4Q==
-----END CERTIFICATE-----