This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6f08968f-7dae-4e98-9a63-6c8a03f3a558.roa
File:                     6f08968f-7dae-4e98-9a63-6c8a03f3a558.roa (raw, json)
Hash identifier:          KFyMy2Jmixc3WgdL/JFA6nlMuKzu0kgG1PNgvGRZK+w=
Subject key identifier:   0E:87:7B:89:8D:4A:B2:02:38:BD:28:69:51:49:7E:B6:CE:5C:B5:72
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3626F67A22286B6E6CFC39F2901D522B403671A6
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6f08968f-7dae-4e98-9a63-6c8a03f3a558.roa
Signing time:             Tue 11 Nov 2025 00:50:41 +0000
ROA not before:           Tue 11 Nov 2025 00:50:41 +0000
ROA not after:            Tue 16 Dec 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2600:1fff:5040::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:26:f6:7a:22:28:6b:6e:6c:fc:39:f2:90:1d:52:2b:40:36:71:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 11 00:50:41 2025 GMT
            Not After : Dec 16 23:59:59 2025 GMT
        Subject: serialNumber=49688008f9f3e1386925fd853ffaf0dd4d2c6b9c67cbbf25d5f9b763fdc0b43b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:bc:2d:57:e7:11:44:32:a0:58:51:a9:45:15:
                    81:cb:94:c3:dc:bb:f4:00:d5:7c:df:24:ca:ac:b2:
                    a6:d6:9e:c9:62:bb:7d:3f:4b:e0:c5:ce:d6:ac:5c:
                    c1:53:b2:82:93:93:6b:46:01:f2:e5:d0:ba:5e:a1:
                    71:bc:47:16:43:3d:0c:53:e1:b1:ec:ba:56:57:7b:
                    3d:a0:b7:b5:87:c4:37:83:0d:09:38:a7:c6:66:2b:
                    9f:aa:6f:cf:19:54:03:d5:fe:da:52:9f:0d:c6:f7:
                    10:52:22:98:3c:dc:08:ba:fc:1f:ef:d8:e9:1e:01:
                    f7:9b:cb:b8:65:7b:1c:9b:f3:b2:cc:b6:f4:7a:a1:
                    8e:91:06:77:44:1a:ed:88:e6:37:51:25:1f:9a:15:
                    a4:05:71:47:33:a7:b9:68:8d:ad:c7:53:e2:f1:f8:
                    5d:39:d7:b4:48:76:40:99:d1:e1:bd:0c:08:82:96:
                    5e:f0:48:f5:32:76:c3:c6:a6:89:45:30:9d:f9:b7:
                    bd:b2:ff:df:38:13:97:85:09:2a:d7:0a:31:c7:45:
                    19:0c:f3:98:8a:05:11:75:a1:55:b0:c5:1f:99:c0:
                    22:ab:86:78:4e:fd:6f:f8:b0:2a:a8:c9:74:f5:8b:
                    13:70:5e:50:2c:72:8e:ce:a2:e9:23:86:46:b2:21:
                    f6:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:87:7B:89:8D:4A:B2:02:38:BD:28:69:51:49:7E:B6:CE:5C:B5:72
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6f08968f-7dae-4e98-9a63-6c8a03f3a558.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fff:5040::/48

    Signature Algorithm: sha256WithRSAEncryption
         b3:fb:a2:88:49:15:fb:07:fc:10:94:74:6f:1b:46:e5:10:58:
         01:13:1b:2c:ed:c3:19:a4:20:d4:4e:6f:62:a0:02:f1:90:f9:
         38:e6:47:3f:ee:56:2b:9c:21:03:d9:76:12:d1:d1:70:83:1e:
         45:d4:0c:c0:da:b8:ee:ff:2e:fc:be:6a:56:d4:fd:3f:6c:7f:
         3f:0d:01:dd:51:85:bb:29:39:5b:c7:9d:03:58:f2:5d:3e:11:
         67:c9:3b:b9:21:e7:06:c3:59:ae:5c:eb:40:50:b9:e3:12:ab:
         73:f9:12:69:c4:c6:30:11:d8:f4:8e:e1:68:21:a7:e4:ed:12:
         fe:80:50:a3:8f:a3:eb:3d:8d:13:94:c3:10:83:1b:64:1d:37:
         9b:55:56:bf:eb:9a:99:8d:7d:85:b9:b2:99:d5:e6:4e:e1:5b:
         db:99:4f:70:74:d3:a1:3e:1b:6e:41:2b:b3:61:35:d9:a0:71:
         39:54:29:d1:4c:d3:ae:6e:3e:43:98:08:02:5f:02:14:f1:1b:
         5b:4c:32:ad:6e:6e:56:0e:e2:1a:82:e9:7d:7f:d3:90:2e:ce:
         9a:cf:0b:f1:9a:7a:22:df:19:4a:54:2f:92:92:d9:cd:9f:c7:
         f2:77:42:36:e2:11:ff:f6:5f:01:ed:64:59:8c:da:c6:a5:e3:
         ce:19:0b:b7
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUNib2eiIoa25s/DnykB1SK0A2caYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDA1MDQxWhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A0OTY4ODAwOGY5ZjNlMTM4NjkyNWZkODUzZmZhZjBkZDRk
MmM2YjljNjdjYmJmMjVkNWY5Yjc2M2ZkYzBiNDNiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCovC1X5xFEMqBYUalFFYHLlMPcu/QA1XzfJMqssqbWnsli
u30/S+DFztasXMFTsoKTk2tGAfLl0LpeoXG8RxZDPQxT4bHsulZXez2gt7WHxDeD
DQk4p8ZmK5+qb88ZVAPV/tpSnw3G9xBSIpg83Ai6/B/v2OkeAfeby7hlexyb87LM
tvR6oY6RBndEGu2I5jdRJR+aFaQFcUczp7loja3HU+Lx+F0517RIdkCZ0eG9DAiC
ll7wSPUydsPGpolFMJ35t72y/984E5eFCSrXCjHHRRkM85iKBRF1oVWwxR+ZwCKr
hnhO/W/4sCqoyXT1ixNwXlAsco7OoukjhkayIfaLAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUDod7iY1KsgI4vShpUUl+ts5ctXIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZmMDg5NjhmLTdkYWUtNGU5OC05YTYzLTZjOGEwM2YzYTU1OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB//UEAwDQYJKoZIhvcNAQELBQADggEBALP7oohJFfsH/BCUdG8bRuUQ
WAETGyztwxmkINROb2KgAvGQ+TjmRz/uViucIQPZdhLR0XCDHkXUDMDauO7/Lvy+
albU/T9sfz8NAd1RhbspOVvHnQNY8l0+EWfJO7kh5wbDWa5c60BQueMSq3P5EmnE
xjAR2PSO4Wghp+TtEv6AUKOPo+s9jROUwxCDG2QdN5tVVr/rmpmNfYW5spnV5k7h
W9uZT3B006E+G25BK7NhNdmgcTlUKdFM065uPkOYCAJfAhTxG1tMMq1ublYO4hqC
6X1/05AuzprPC/GaeiLfGUpUL5KS2c2fx/J3QjbiEf/2XwHtZFmM2sal484ZC7c=
-----END CERTIFICATE-----