Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e4f7ef04-4d95-4590-b377-ee864fb9a7c9.roa
File:                     e4f7ef04-4d95-4590-b377-ee864fb9a7c9.roa (raw, json)
Hash identifier:          +Bxa8RF251xvWj0tuQBMyzhNxliVOBd+aetLcz+PuZc=
Subject key identifier:   91:ED:D5:0F:B2:62:7C:0E:32:A7:DE:63:41:B0:85:2A:28:0F:BC:68
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       23FF6513AABCBDAE6B8C3D7C4E7213BE9DC798A1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e4f7ef04-4d95-4590-b377-ee864fb9a7c9.roa
Signing time:             Sun 02 Nov 2025 00:21:15 +0000
ROA not before:           Sun 02 Nov 2025 00:21:15 +0000
ROA not after:            Sun 07 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f60:7400::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:ff:65:13:aa:bc:bd:ae:6b:8c:3d:7c:4e:72:13:be:9d:c7:98:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  2 00:21:15 2025 GMT
            Not After : Dec  7 23:59:59 2025 GMT
        Subject: serialNumber=d4a6ffb0fd760b3e8846188d27b3790f9efcbf8102c9979b488c617adea978ee, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:b0:6f:00:fc:33:a8:a4:d2:b0:e9:27:cb:78:
                    30:38:b0:dd:43:3d:42:2f:81:5e:d2:21:32:44:83:
                    44:cf:77:aa:05:85:25:50:a7:cc:d5:8a:de:af:98:
                    a6:89:fd:0f:df:32:33:c5:8c:f5:11:ff:bd:85:91:
                    5f:69:52:43:6c:0d:9e:03:a8:2e:4e:bb:40:e3:14:
                    86:da:c4:fe:37:f5:4a:29:67:60:9b:cd:8c:d1:27:
                    32:c2:65:61:a9:ae:24:d0:20:da:62:75:d7:2c:c5:
                    f1:31:4a:bb:7f:79:05:0e:48:ed:31:d5:c6:08:9e:
                    bb:3e:55:44:e6:64:71:a9:ed:99:e4:e5:ef:7b:5e:
                    f4:6e:34:b7:42:1a:1d:2e:17:7c:4b:6b:41:6d:13:
                    90:5b:1d:48:c8:f6:6b:cd:44:19:6f:3b:11:1c:ff:
                    4d:4d:9f:f4:b6:ac:d3:74:87:2d:80:b9:c8:a2:51:
                    6b:3a:18:87:c5:e6:30:f5:e9:cf:54:0b:6b:9f:b7:
                    6d:48:f9:da:27:41:45:b4:99:a6:a3:0c:e7:f3:71:
                    39:1f:cd:cd:4c:7c:d0:d0:d0:eb:e6:12:10:c0:b7:
                    6d:db:db:a3:8f:0f:ea:21:4d:d0:55:3f:c6:7f:af:
                    8a:da:69:32:4b:df:9e:ae:de:f6:5d:60:2e:dd:c4:
                    af:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:ED:D5:0F:B2:62:7C:0E:32:A7:DE:63:41:B0:85:2A:28:0F:BC:68
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e4f7ef04-4d95-4590-b377-ee864fb9a7c9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f60:7400::/40

    Signature Algorithm: sha256WithRSAEncryption
         3f:55:64:a1:4e:af:39:cb:1c:fa:e4:29:be:ef:12:f6:27:b3:
         eb:df:65:7c:61:04:32:4f:d7:33:44:28:63:f6:d1:8c:1d:d3:
         32:8b:72:a8:58:9a:fe:a2:ed:58:8c:61:fc:23:fc:d9:60:b0:
         6b:c0:02:95:b6:68:3a:cd:be:90:d1:06:9c:10:28:f0:58:76:
         12:d8:e2:ce:e8:64:5f:80:bb:f6:2a:0e:9c:2a:2c:8e:3b:dd:
         e1:13:da:f5:6f:51:fd:9e:94:d1:e8:9a:31:38:58:8f:b8:c0:
         fa:c4:8b:18:fc:0f:c7:22:70:6d:5a:12:f6:e1:2c:c1:99:02:
         db:9b:2a:78:ef:17:20:f3:36:a1:71:5b:1b:ec:d9:df:39:d4:
         ec:3e:96:66:10:26:92:5c:49:11:74:3f:90:8a:f8:d6:8f:0e:
         2c:fb:a1:b8:06:c8:33:ef:7c:06:9b:04:94:86:28:8c:62:53:
         f2:8c:c0:b3:9e:4b:b3:c5:d6:22:6f:bf:a8:34:ae:64:f8:e9:
         5f:45:d3:a3:a8:9b:8d:da:b3:77:51:1c:ad:00:fe:81:c7:a8:
         6b:19:5e:78:bf:80:9e:ba:d2:75:1a:38:ca:af:9c:82:ba:6a:
         5a:d5:6c:59:e5:63:29:3c:fe:0e:95:f0:1b:1b:c8:ca:84:80:
         23:ae:2a:05
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUI/9lE6q8va5rjD18TnITvp3HmKEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTAyMDAyMTE1WhcNMjUxMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BkNGE2ZmZiMGZkNzYwYjNlODg0NjE4OGQyN2IzNzkwZjll
ZmNiZjgxMDJjOTk3OWI0ODhjNjE3YWRlYTk3OGVlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCtsG8A/DOopNKw6SfLeDA4sN1DPUIvgV7SITJEg0TPd6oF
hSVQp8zVit6vmKaJ/Q/fMjPFjPUR/72FkV9pUkNsDZ4DqC5Ou0DjFIbaxP439Uop
Z2CbzYzRJzLCZWGpriTQINpiddcsxfExSrt/eQUOSO0x1cYInrs+VUTmZHGp7Znk
5e97XvRuNLdCGh0uF3xLa0FtE5BbHUjI9mvNRBlvOxEc/01Nn/S2rNN0hy2Aucii
UWs6GIfF5jD16c9UC2uft21I+donQUW0maajDOfzcTkfzc1MfNDQ0OvmEhDAt23b
26OPD+ohTdBVP8Z/r4raaTJL356u3vZdYC7dxK/TAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUke3VD7JifA4yp95jQbCFKigPvGgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U0ZjdlZjA0LTRkOTUtNDU5MC1iMzc3LWVlODY0ZmI5YTdjOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB9gdDANBgkqhkiG9w0BAQsFAAOCAQEAP1VkoU6vOcsc+uQpvu8S9iez
699lfGEEMk/XM0QoY/bRjB3TMotyqFia/qLtWIxh/CP82WCwa8AClbZoOs2+kNEG
nBAo8Fh2EtjizuhkX4C79ioOnCosjjvd4RPa9W9R/Z6U0eiaMThYj7jA+sSLGPwP
xyJwbVoS9uEswZkC25sqeO8XIPM2oXFbG+zZ3znU7D6WZhAmklxJEXQ/kIr41o8O
LPuhuAbIM+98BpsElIYojGJT8ozAs55Ls8XWIm+/qDSuZPjpX0XTo6ibjdqzd1Ec
rQD+gceoaxleeL+AnrrSdRo4yq+cgrpqWtVsWeVjKTz+DpXwGxvIyoSAI64qBQ==
-----END CERTIFICATE-----