This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/445ec936-4ab3-46e7-bfa6-2ffd1095678c.roa
File:                     445ec936-4ab3-46e7-bfa6-2ffd1095678c.roa (raw, json)
Hash identifier:          Rz91ERLtd0zMc/1pOwdrt3ExyurGYO9JKCwNQ4TC3nQ=
Subject key identifier:   FA:DC:DD:0C:60:A8:89:CA:AE:11:FD:01:E0:09:D7:0A:15:0F:6F:1A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5BEC6ECE1F98F351350AAA2EAB02B06B7D470C31
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/445ec936-4ab3-46e7-bfa6-2ffd1095678c.roa
Signing time:             Wed 12 Nov 2025 00:10:07 +0000
ROA not before:           Wed 12 Nov 2025 00:10:07 +0000
ROA not after:            Wed 17 Dec 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1fb9:c000::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:ec:6e:ce:1f:98:f3:51:35:0a:aa:2e:ab:02:b0:6b:7d:47:0c:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 12 00:10:07 2025 GMT
            Not After : Dec 17 23:59:59 2025 GMT
        Subject: serialNumber=65aa565d39553df1b94710a44304a722983a6576f8da055b3427cf7eef012faf, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:bc:ab:f2:91:63:e9:e8:b8:f8:59:8d:c0:1f:
                    95:56:9e:1b:73:6f:e1:02:3c:9c:f6:25:d7:d3:93:
                    b1:6f:de:6f:d9:58:92:bb:81:e8:e1:97:4d:51:09:
                    a4:11:4e:0f:d6:8a:c9:13:fa:25:bc:f7:bc:53:c0:
                    ea:ff:59:e2:97:c2:4f:8f:d6:66:bc:97:b7:b0:ab:
                    5b:4f:2d:1f:42:ba:1f:ea:7d:cc:71:b7:69:a0:4d:
                    d5:22:1b:fc:7a:73:11:56:9f:0a:6a:67:87:ef:da:
                    13:2b:ff:1b:1c:bc:d5:ba:a1:ce:a6:c0:8e:9c:9c:
                    9f:ed:48:d2:b9:a7:26:b3:c9:58:36:59:6e:d6:d9:
                    4f:df:8d:bd:ef:36:fd:05:2a:7a:16:b0:af:d6:0f:
                    17:66:9a:c4:dd:1d:09:ae:c4:b5:b6:2a:67:67:69:
                    6e:d0:e0:03:4e:a1:7e:ba:ee:b5:5f:3f:af:ec:81:
                    f3:31:65:da:db:91:1d:82:8c:c4:0f:f5:bd:6d:e2:
                    6d:ea:21:d1:dd:76:23:71:4e:74:e0:de:c4:ec:9a:
                    b2:7d:f3:02:70:18:0f:f9:36:6b:0f:3f:69:f1:c1:
                    81:9e:cc:d6:2c:0f:3b:89:54:69:ce:7f:0f:6b:2c:
                    2f:2e:10:11:08:35:6b:b1:46:fd:80:d8:3d:6d:f3:
                    d2:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:DC:DD:0C:60:A8:89:CA:AE:11:FD:01:E0:09:D7:0A:15:0F:6F:1A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/445ec936-4ab3-46e7-bfa6-2ffd1095678c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fb9:c000::/40

    Signature Algorithm: sha256WithRSAEncryption
         68:57:83:0b:ac:e3:76:99:d2:29:17:cf:17:10:52:35:3c:1f:
         e0:17:5c:65:a0:ea:29:60:c3:64:f2:20:31:6f:aa:9e:c3:9f:
         d4:4f:cc:dc:ba:43:65:93:de:23:e4:02:7d:88:da:2d:b8:45:
         7b:82:e5:d0:44:b4:fa:f6:2b:72:d9:80:8b:6b:51:2b:27:a9:
         cb:b0:fb:82:3a:2f:0d:60:98:c9:9a:8b:c8:1a:26:dc:a8:23:
         c6:bd:9e:05:f5:fa:1e:07:50:a3:72:18:0f:45:cf:06:5b:e6:
         3a:8c:43:87:db:f2:62:22:65:d2:53:54:7b:47:50:f1:e9:a0:
         45:db:4a:2f:69:05:2b:7e:65:0e:19:12:24:e3:8e:fe:e8:5b:
         20:40:e1:1f:d9:12:a5:84:0b:ff:4a:c4:de:1e:7f:c8:31:c1:
         87:fe:ff:b7:c4:b2:fb:08:9e:85:fb:5f:05:48:fd:bc:17:4f:
         40:4d:94:d8:67:d9:2b:c5:53:e7:ec:6a:ce:c8:34:b9:1d:bd:
         48:60:ae:65:68:38:06:ae:f5:d5:c1:96:7d:4b:b5:fc:79:18:
         68:26:ab:2d:86:46:3d:8c:42:d4:27:2d:48:ea:01:b1:db:1f:
         ef:07:eb:f4:05:2d:2f:e6:77:39:df:46:39:09:ca:b9:f9:bc:
         58:d6:dc:49
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUW+xuzh+Y81E1CqouqwKwa31HDDEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEyMDAxMDA3WhcNMjUxMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A2NWFhNTY1ZDM5NTUzZGYxYjk0NzEwYTQ0MzA0YTcyMjk4
M2E2NTc2ZjhkYTA1NWIzNDI3Y2Y3ZWVmMDEyZmFmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDxvKvykWPp6Lj4WY3AH5VWnhtzb+ECPJz2JdfTk7Fv3m/Z
WJK7gejhl01RCaQRTg/WiskT+iW897xTwOr/WeKXwk+P1ma8l7ewq1tPLR9Cuh/q
fcxxt2mgTdUiG/x6cxFWnwpqZ4fv2hMr/xscvNW6oc6mwI6cnJ/tSNK5pyazyVg2
WW7W2U/fjb3vNv0FKnoWsK/WDxdmmsTdHQmuxLW2KmdnaW7Q4ANOoX667rVfP6/s
gfMxZdrbkR2CjMQP9b1t4m3qIdHddiNxTnTg3sTsmrJ98wJwGA/5NmsPP2nxwYGe
zNYsDzuJVGnOfw9rLC8uEBEINWuxRv2A2D1t89InAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU+tzdDGCoicquEf0B4AnXChUPbxowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ0NWVjOTM2LTRhYjMtNDZlNy1iZmE2LTJmZmQxMDk1Njc4Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB+5wDANBgkqhkiG9w0BAQsFAAOCAQEAaFeDC6zjdpnSKRfPFxBSNTwf
4BdcZaDqKWDDZPIgMW+qnsOf1E/M3LpDZZPeI+QCfYjaLbhFe4Ll0ES0+vYrctmA
i2tRKyepy7D7gjovDWCYyZqLyBom3Kgjxr2eBfX6HgdQo3IYD0XPBlvmOoxDh9vy
YiJl0lNUe0dQ8emgRdtKL2kFK35lDhkSJOOO/uhbIEDhH9kSpYQL/0rE3h5/yDHB
h/7/t8Sy+wiehftfBUj9vBdPQE2U2GfZK8VT5+xqzsg0uR29SGCuZWg4Bq711cGW
fUu1/HkYaCarLYZGPYxC1CctSOoBsdsf7wfr9AUtL+Z3Od9GOQnKufm8WNbcSQ==
-----END CERTIFICATE-----