This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9a82d155-cd0e-44c5-b30f-c6065a513667.roa
File:                     9a82d155-cd0e-44c5-b30f-c6065a513667.roa (raw, json)
Hash identifier:          uxBT/S5OIxgG4rk+tTzMdu843x5W5yskMs1KENrji7Y=
Subject key identifier:   E8:8F:15:9A:53:23:5E:2F:0A:FB:2E:89:3F:07:FB:11:6B:61:0E:0B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       28F074EDE2621827BC20D3168F26E5BBCD1814B3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9a82d155-cd0e-44c5-b30f-c6065a513667.roa
Signing time:             Tue 11 Nov 2025 01:21:25 +0000
ROA not before:           Tue 11 Nov 2025 01:21:25 +0000
ROA not after:            Tue 16 Dec 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2600:1f61:20c0::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:f0:74:ed:e2:62:18:27:bc:20:d3:16:8f:26:e5:bb:cd:18:14:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 11 01:21:25 2025 GMT
            Not After : Dec 16 23:59:59 2025 GMT
        Subject: serialNumber=c9969ecb83f516890e9d99c59e0377d6e99b141bb3d32f43b598758cf9f2e051, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:8d:d6:d6:5f:bc:fa:82:9c:e2:ee:10:65:16:
                    cd:b8:b5:43:b2:42:31:37:37:75:65:a7:88:96:9e:
                    1a:40:d2:55:da:36:18:b2:a6:f1:c5:23:14:34:90:
                    da:be:95:16:53:f7:df:72:87:92:d4:48:b2:07:7e:
                    0c:13:a8:cb:dc:25:af:d0:21:3c:72:6f:a6:0c:72:
                    7e:e8:fe:46:0c:89:07:b5:6f:16:03:9d:4e:d9:37:
                    71:3c:c3:d9:83:cf:92:20:29:b1:81:9a:5f:ba:ef:
                    11:68:dd:d3:38:5f:ce:c2:16:b6:e9:17:82:a3:cc:
                    b9:53:71:89:d9:d3:1d:04:af:f5:1c:46:0f:df:98:
                    90:e8:fd:49:c5:a0:b8:6b:04:75:87:33:65:9e:78:
                    7f:11:f6:c9:56:dd:ca:db:ab:73:b9:0d:33:bd:19:
                    43:dc:53:9c:49:c5:32:8c:b9:cc:39:47:81:40:16:
                    d0:ab:5c:a7:8f:c0:08:cb:a4:b4:ea:72:6e:76:8a:
                    1d:35:45:ae:7a:84:5f:d5:c0:e2:b5:e7:60:0a:18:
                    b5:7e:be:c8:b1:0f:14:b9:bb:0a:8e:b5:e1:3f:1c:
                    14:59:f6:04:24:04:ff:3c:8e:86:77:7e:d0:2e:7b:
                    ac:9a:04:c2:7e:ff:81:19:e9:08:59:84:44:d3:b5:
                    10:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:8F:15:9A:53:23:5E:2F:0A:FB:2E:89:3F:07:FB:11:6B:61:0E:0B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9a82d155-cd0e-44c5-b30f-c6065a513667.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f61:20c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         17:9d:99:a5:16:90:5e:52:0e:d2:fc:45:2e:35:90:f2:c4:6c:
         95:8f:eb:2b:8f:41:c9:54:b1:1b:80:77:cf:c3:8d:f6:33:e8:
         62:49:3c:86:c6:cc:b0:50:6a:ab:db:ad:52:9b:14:6c:87:62:
         79:e8:df:dd:0a:1c:3c:10:7f:b5:47:f2:65:a1:95:bb:03:fd:
         96:14:68:7d:81:b7:d2:28:a8:56:c7:c6:71:90:03:6c:aa:59:
         70:8c:3b:e2:85:c9:8b:0b:80:fa:38:58:12:db:55:ff:dd:45:
         38:78:f1:1c:21:9b:cb:fc:5a:2b:79:07:17:af:21:e6:4c:3d:
         c4:92:1f:b4:99:db:b5:75:13:4c:f5:f0:bc:c9:83:4c:4f:91:
         1a:7f:0a:3a:9d:36:c5:ef:2e:e8:87:79:9b:ed:81:3c:84:32:
         7c:76:03:6b:80:fd:a1:54:72:46:cf:83:16:28:17:0f:e8:ce:
         b2:bf:6b:aa:55:37:a5:3b:90:43:64:a0:0f:d4:06:ac:62:75:
         b2:81:a8:ef:3a:e9:e8:a0:3b:66:53:cd:32:90:dc:be:96:53:
         95:5f:0f:0c:09:f7:0d:9c:91:18:05:98:71:45:65:b3:d2:0e:
         9f:16:c9:1e:1a:68:de:0d:8c:26:35:70:ab:21:2f:72:5a:c8:
         44:98:03:f7
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUKPB07eJiGCe8INMWjyblu80YFLMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDEyMTI1WhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BjOTk2OWVjYjgzZjUxNjg5MGU5ZDk5YzU5ZTAzNzdkNmU5
OWIxNDFiYjNkMzJmNDNiNTk4NzU4Y2Y5ZjJlMDUxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDEjdbWX7z6gpzi7hBlFs24tUOyQjE3N3Vlp4iWnhpA0lXa
NhiypvHFIxQ0kNq+lRZT999yh5LUSLIHfgwTqMvcJa/QITxyb6YMcn7o/kYMiQe1
bxYDnU7ZN3E8w9mDz5IgKbGBml+67xFo3dM4X87CFrbpF4KjzLlTcYnZ0x0Er/Uc
Rg/fmJDo/UnFoLhrBHWHM2WeeH8R9slW3crbq3O5DTO9GUPcU5xJxTKMucw5R4FA
FtCrXKePwAjLpLTqcm52ih01Ra56hF/VwOK152AKGLV+vsixDxS5uwqOteE/HBRZ
9gQkBP88joZ3ftAue6yaBMJ+/4EZ6QhZhETTtRBBAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU6I8VmlMjXi8K+y6JPwf7EWthDgswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzlhODJkMTU1LWNkMGUtNDRjNS1iMzBmLWM2MDY1YTUxMzY2Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB9hIMAwDQYJKoZIhvcNAQELBQADggEBABedmaUWkF5SDtL8RS41kPLE
bJWP6yuPQclUsRuAd8/DjfYz6GJJPIbGzLBQaqvbrVKbFGyHYnno390KHDwQf7VH
8mWhlbsD/ZYUaH2Bt9IoqFbHxnGQA2yqWXCMO+KFyYsLgPo4WBLbVf/dRTh48Rwh
m8v8Wit5BxevIeZMPcSSH7SZ27V1E0z18LzJg0xPkRp/CjqdNsXvLuiHeZvtgTyE
Mnx2A2uA/aFUckbPgxYoFw/ozrK/a6pVN6U7kENkoA/UBqxidbKBqO866eigO2ZT
zTKQ3L6WU5VfDwwJ9w2ckRgFmHFFZbPSDp8WyR4aaN4NjCY1cKshL3JayESYA/c=
-----END CERTIFICATE-----