Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e8bb9b8b-b8aa-4973-83fa-07987f338fc2.roa
File:                     e8bb9b8b-b8aa-4973-83fa-07987f338fc2.roa (raw, json)
Hash identifier:          d3UcjY1DLbF79R9QR/rUNBFfMaOFxGGRwunyULIEspk=
Subject key identifier:   14:D5:CA:23:69:4B:E5:B4:EB:75:EA:53:04:AD:41:10:69:A8:4F:6E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       68641D9419C4B49A7766084A9690C64044F0390F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e8bb9b8b-b8aa-4973-83fa-07987f338fc2.roa
Signing time:             Tue 28 Oct 2025 00:41:24 +0000
ROA not before:           Tue 28 Oct 2025 00:41:24 +0000
ROA not after:            Tue 02 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ff0::/32 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:64:1d:94:19:c4:b4:9a:77:66:08:4a:96:90:c6:40:44:f0:39:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 28 00:41:24 2025 GMT
            Not After : Dec  2 23:59:59 2025 GMT
        Subject: serialNumber=56c09cbc096a290bf450d2881f8f88d5e0e99f4f5fa82b7d0ab58110d1a80ffe, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:a7:7e:01:14:0f:a7:4b:af:34:2a:10:2b:9f:
                    b1:80:f0:d8:10:99:a8:21:83:0d:68:50:09:cf:da:
                    aa:39:da:ad:24:60:61:b4:67:bb:59:18:57:e1:b5:
                    43:4e:19:6f:2a:d8:f6:8b:c5:46:d2:73:56:24:28:
                    e5:b3:6c:bb:32:62:82:06:b2:73:ff:11:90:ae:93:
                    d7:e8:9b:0d:2b:23:2d:8d:87:31:cb:29:d5:88:b2:
                    1e:3c:ea:20:62:68:af:06:fb:eb:1c:e0:7a:13:c2:
                    a2:9b:9c:0e:82:7b:64:3e:f8:d0:39:ba:89:83:af:
                    fa:60:5b:76:e1:50:c0:80:18:8e:24:d8:33:7a:32:
                    1f:8a:f4:80:95:20:d4:4c:eb:0a:ce:ff:75:56:9f:
                    52:eb:ce:9c:52:d1:c3:de:93:db:d4:f2:0e:aa:29:
                    39:92:bd:4a:2d:e4:23:63:e2:6d:dd:a7:65:eb:79:
                    8d:32:5d:d4:9e:4a:c1:45:70:81:3a:1d:46:e5:67:
                    af:1f:bf:c6:38:e1:e0:bb:06:25:6d:fa:72:d0:a5:
                    f4:22:ec:2c:80:2c:37:8e:55:31:4d:d5:d3:ff:cf:
                    81:e7:1c:12:e8:a9:da:a6:ab:cb:5d:5e:93:ea:24:
                    e2:32:78:42:61:37:2a:5d:4b:31:74:73:bd:d9:d5:
                    d7:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:D5:CA:23:69:4B:E5:B4:EB:75:EA:53:04:AD:41:10:69:A8:4F:6E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e8bb9b8b-b8aa-4973-83fa-07987f338fc2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff0::/32

    Signature Algorithm: sha256WithRSAEncryption
         51:49:23:3d:ed:ee:49:2d:a3:07:f5:5c:ce:6d:1d:32:32:9e:
         0b:e4:24:df:7e:fe:a5:1c:f2:94:59:dd:8b:d6:ba:61:b4:4a:
         2b:6f:ba:be:b6:83:c3:b6:68:63:f3:a4:b5:54:74:9f:c1:a1:
         ff:ae:41:2f:37:96:55:0a:17:36:e0:e9:5a:8d:05:40:c0:3e:
         e3:fe:ad:33:8d:90:85:da:e9:5d:90:ed:45:f1:6b:18:36:9e:
         19:74:08:e3:13:b3:b5:e8:fa:9e:90:8b:ba:6e:07:ae:5e:32:
         7d:19:93:81:aa:ff:a9:0a:e6:26:3f:7c:d4:ce:42:d3:59:8b:
         a4:61:10:88:91:9c:9c:df:7e:bd:51:9f:11:4b:48:da:91:2a:
         64:8e:45:9d:51:fd:37:68:ca:75:69:37:47:c9:c9:2e:0b:65:
         c3:c0:17:cb:bb:96:80:bb:4f:22:29:39:15:00:ec:a6:2c:ae:
         6e:d7:7f:6e:19:62:78:74:d1:5c:e8:26:87:a4:ed:f9:29:03:
         25:62:c5:34:45:92:18:fe:84:92:cc:15:28:27:b0:bb:12:8e:
         f3:f1:0e:dd:02:cc:f8:97:25:11:62:9a:1c:ec:0b:c1:51:b9:
         8b:c9:ad:ca:fb:89:f7:20:86:a9:66:43:8a:67:f3:52:d9:33:
         6d:c0:1b:5d
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIUaGQdlBnEtJp3ZghKlpDGQETwOQ8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI4MDA0MTI0WhcNMjUxMjAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A1NmMwOWNiYzA5NmEyOTBiZjQ1MGQyODgxZjhmODhkNWUw
ZTk5ZjRmNWZhODJiN2QwYWI1ODExMGQxYTgwZmZlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvp34BFA+nS680KhArn7GA8NgQmaghgw1oUAnP2qo52q0k
YGG0Z7tZGFfhtUNOGW8q2PaLxUbSc1YkKOWzbLsyYoIGsnP/EZCuk9fomw0rIy2N
hzHLKdWIsh486iBiaK8G++sc4HoTwqKbnA6Ce2Q++NA5uomDr/pgW3bhUMCAGI4k
2DN6Mh+K9ICVINRM6wrO/3VWn1LrzpxS0cPek9vU8g6qKTmSvUot5CNj4m3dp2Xr
eY0yXdSeSsFFcIE6HUblZ68fv8Y44eC7BiVt+nLQpfQi7CyALDeOVTFN1dP/z4Hn
HBLoqdqmq8tdXpPqJOIyeEJhNypdSzF0c73Z1dfHAgMBAAGjggKyMIICrjAdBgNV
HQ4EFgQUFNXKI2lL5bTrdepTBK1BEGmoT24wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U4YmI5YjhiLWI4YWEtNDk3My04M2ZhLTA3OTg3ZjMzOGZjMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC
MAcDBQAmAB/wMA0GCSqGSIb3DQEBCwUAA4IBAQBRSSM97e5JLaMH9VzObR0yMp4L
5CTffv6lHPKUWd2L1rphtEorb7q+toPDtmhj86S1VHSfwaH/rkEvN5ZVChc24Ola
jQVAwD7j/q0zjZCF2uldkO1F8WsYNp4ZdAjjE7O16PqekIu6bgeuXjJ9GZOBqv+p
CuYmP3zUzkLTWYukYRCIkZyc3369UZ8RS0jakSpkjkWdUf03aMp1aTdHyckuC2XD
wBfLu5aAu08iKTkVAOymLK5u139uGWJ4dNFc6CaHpO35KQMlYsU0RZIY/oSSzBUo
J7C7Eo7z8Q7dAsz4lyURYpoc7AvBUbmLya3K+4n3IIapZkOKZ/NS2TNtwBtd
-----END CERTIFICATE-----