This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8f16b923-96f5-4070-b07e-8883a22a8290.roa
File:                     8f16b923-96f5-4070-b07e-8883a22a8290.roa (raw, json)
Hash identifier:          Ia6b+1FqR6KxYx3y4WKTVq5A1Rg05kOnmAxP4KhVLps=
Subject key identifier:   5B:EF:F7:9C:69:3F:D8:D2:A8:98:14:9C:27:58:55:C0:C1:20:94:57
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3E4AEC0CE5E2E9887FCBBD9A1AD8A719AC109BEE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8f16b923-96f5-4070-b07e-8883a22a8290.roa
Signing time:             Wed 12 Nov 2025 01:41:29 +0000
ROA not before:           Wed 12 Nov 2025 01:41:29 +0000
ROA not after:            Wed 17 Dec 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f18::/35 maxlen: 35
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:4a:ec:0c:e5:e2:e9:88:7f:cb:bd:9a:1a:d8:a7:19:ac:10:9b:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 12 01:41:29 2025 GMT
            Not After : Dec 17 23:59:59 2025 GMT
        Subject: serialNumber=c5a194e28fd10eac476b7db427c100fa77a28f857c1ca1683af9fded4756b716, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:3b:85:8f:f8:86:3b:f8:00:c9:f9:b4:a7:2b:
                    f8:7a:62:0c:d1:e0:9a:fa:56:3f:fc:34:b2:28:f4:
                    bd:6b:b2:ac:e7:28:f7:f1:f7:79:cc:f8:77:f1:6e:
                    3c:f0:b0:63:d4:3b:ce:20:52:83:06:69:21:6e:86:
                    12:86:d0:ac:59:f9:c0:1c:69:3c:e1:ff:0f:2e:9a:
                    17:7d:9f:7e:76:60:f4:fc:53:80:d6:01:88:ae:90:
                    9e:1e:bd:75:c1:a2:9d:28:16:51:7b:56:b3:c7:35:
                    a4:46:90:03:bd:7e:9a:7e:c9:74:77:6e:a0:9a:7b:
                    2b:42:e4:63:fe:10:8d:08:cc:b0:6a:74:24:0e:33:
                    a7:ba:23:bd:b8:54:46:57:1c:b2:a6:c4:cd:b9:73:
                    21:d9:d6:d3:e9:cc:5e:b4:e6:62:b1:31:d8:ec:2b:
                    83:99:b7:7d:ef:2f:53:13:47:63:6d:ab:e7:7c:10:
                    a4:4d:24:f3:20:be:25:53:77:4d:cc:93:b0:e5:3c:
                    31:96:01:36:a7:60:e3:f0:77:e3:e3:2e:1e:18:f2:
                    73:9d:89:7f:18:db:73:89:9c:f8:13:15:b0:8e:0f:
                    04:11:24:c7:61:e2:20:c0:ba:eb:64:89:35:f8:46:
                    20:7e:a9:60:df:a1:e8:93:f8:b2:6a:48:8f:60:bd:
                    2a:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:EF:F7:9C:69:3F:D8:D2:A8:98:14:9C:27:58:55:C0:C1:20:94:57
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8f16b923-96f5-4070-b07e-8883a22a8290.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f18::/35

    Signature Algorithm: sha256WithRSAEncryption
         96:69:ce:d5:af:87:0d:c3:a9:79:ff:6c:2c:29:35:30:65:75:
         5e:e5:90:83:db:fc:9f:fa:a6:74:91:a3:73:17:44:7a:79:73:
         34:11:ce:ed:43:34:9f:d8:7d:fd:43:92:2f:da:ef:46:9f:21:
         ac:85:94:4c:08:73:51:48:bd:fa:9c:03:34:a8:d6:9e:8c:82:
         0c:67:03:6e:68:d1:c1:60:67:14:38:cd:48:c5:1d:f7:9e:a8:
         aa:22:2b:19:52:0b:a0:3d:06:11:68:0d:22:2c:67:2b:29:33:
         9c:89:9a:60:ed:45:ac:9c:8b:85:8f:3a:5e:1c:10:be:25:c7:
         1e:f4:d1:61:f9:69:32:c5:cf:01:99:42:da:b2:57:12:8a:88:
         ca:ba:8e:2f:64:83:eb:62:f3:0f:32:ab:63:78:4c:cf:bd:6f:
         48:bc:e6:44:62:5c:c0:31:e5:0b:c3:29:9c:1e:c9:b5:ff:f2:
         9d:10:07:a2:6f:8a:80:2f:e1:3e:30:70:ab:ac:5b:9a:69:ff:
         d9:71:3f:58:16:58:d8:53:f3:b5:d6:b5:7f:89:5e:27:d6:9d:
         b7:c5:90:cc:c0:ee:de:77:21:39:25:75:f1:4d:67:30:c6:63:
         02:a6:76:90:d3:26:d8:de:1e:d9:de:3d:35:f5:99:ae:e9:d5:
         be:07:fe:db
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUPkrsDOXi6Yh/y72aGtinGawQm+4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEyMDE0MTI5WhcNMjUxMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BjNWExOTRlMjhmZDEwZWFjNDc2YjdkYjQyN2MxMDBmYTc3
YTI4Zjg1N2MxY2ExNjgzYWY5ZmRlZDQ3NTZiNzE2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCaO4WP+IY7+ADJ+bSnK/h6YgzR4Jr6Vj/8NLIo9L1rsqzn
KPfx93nM+HfxbjzwsGPUO84gUoMGaSFuhhKG0KxZ+cAcaTzh/w8umhd9n352YPT8
U4DWAYiukJ4evXXBop0oFlF7VrPHNaRGkAO9fpp+yXR3bqCaeytC5GP+EI0IzLBq
dCQOM6e6I724VEZXHLKmxM25cyHZ1tPpzF605mKxMdjsK4OZt33vL1MTR2Ntq+d8
EKRNJPMgviVTd03Mk7DlPDGWATanYOPwd+PjLh4Y8nOdiX8Y23OJnPgTFbCODwQR
JMdh4iDAuutkiTX4RiB+qWDfoeiT+LJqSI9gvSq9AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUW+/3nGk/2NKomBScJ1hVwMEglFcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhmMTZiOTIzLTk2ZjUtNDA3MC1iMDdlLTg4ODNhMjJhODI5MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgUmAB8YADANBgkqhkiG9w0BAQsFAAOCAQEAlmnO1a+HDcOpef9sLCk1MGV1
XuWQg9v8n/qmdJGjcxdEenlzNBHO7UM0n9h9/UOSL9rvRp8hrIWUTAhzUUi9+pwD
NKjWnoyCDGcDbmjRwWBnFDjNSMUd956oqiIrGVILoD0GEWgNIixnKykznImaYO1F
rJyLhY86XhwQviXHHvTRYflpMsXPAZlC2rJXEoqIyrqOL2SD62LzDzKrY3hMz71v
SLzmRGJcwDHlC8MpnB7Jtf/ynRAHom+KgC/hPjBwq6xbmmn/2XE/WBZY2FPztda1
f4leJ9adt8WQzMDu3nchOSV18U1nMMZjAqZ2kNMm2N4e2d49NfWZrunVvgf+2w==
-----END CERTIFICATE-----