This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ea48da40-e606-40ca-a47e-49973c2920b0.roa
File:                     ea48da40-e606-40ca-a47e-49973c2920b0.roa (raw, json)
Hash identifier:          4h+vFql73cXQLo1fuMNG8few6JU6gy7W7xVbhIVS+1k=
Subject key identifier:   26:A0:AE:44:13:66:87:00:DF:9E:07:E9:1B:12:A2:26:DD:D6:B9:19
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6BB7C7EB25FF1B8CE248A15B04D59241C8F0EB69
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ea48da40-e606-40ca-a47e-49973c2920b0.roa
Signing time:             Wed 12 Nov 2025 01:40:13 +0000
ROA not before:           Wed 12 Nov 2025 01:40:13 +0000
ROA not after:            Wed 17 Dec 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1fb8:8000::/39 maxlen: 39
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:b7:c7:eb:25:ff:1b:8c:e2:48:a1:5b:04:d5:92:41:c8:f0:eb:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 12 01:40:13 2025 GMT
            Not After : Dec 17 23:59:59 2025 GMT
        Subject: serialNumber=cea91a91bbc04683d353c88a680a201d9679e83762663ab7a0a12df7313e2d41, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:61:7b:d3:3e:32:0f:36:30:2c:65:5c:8f:a5:
                    cd:6a:43:56:d5:52:fe:a6:99:25:20:74:31:8a:19:
                    93:4a:cf:7c:93:7a:79:89:81:b5:75:a0:0e:9a:52:
                    3f:bb:e2:30:55:27:6d:14:dd:1a:0d:0e:3a:52:00:
                    2b:91:9f:6a:ab:c1:0a:ce:a1:7b:ed:78:ca:7d:92:
                    95:98:82:ce:2d:ff:31:f6:7e:57:69:8d:49:79:43:
                    da:9d:52:b9:23:2a:7f:bc:ec:ba:51:22:ac:ca:c4:
                    ea:ed:cf:a5:86:05:2d:54:1e:47:90:b6:87:d4:ae:
                    82:c1:5d:ff:ea:91:ec:d7:7e:11:ac:15:a8:be:c3:
                    28:98:10:5f:8e:21:7a:5f:2c:9a:3a:86:8d:68:29:
                    de:91:23:18:42:b6:b1:fa:48:97:5a:e3:61:e2:d1:
                    76:2d:a8:31:56:47:1c:3e:af:5c:3a:04:71:58:d0:
                    e2:7b:0c:fb:86:0a:2d:70:21:ee:a2:41:86:57:f7:
                    98:88:ec:27:5f:8c:98:e9:94:51:ff:4c:66:91:0f:
                    f1:7a:85:0c:7a:80:93:9d:79:f8:ec:c2:c1:b2:c7:
                    19:41:34:48:63:3e:29:90:8d:cf:90:66:d7:02:81:
                    22:52:c1:6c:8c:7c:6f:ff:29:f4:7f:eb:07:92:e1:
                    60:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:A0:AE:44:13:66:87:00:DF:9E:07:E9:1B:12:A2:26:DD:D6:B9:19
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ea48da40-e606-40ca-a47e-49973c2920b0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fb8:8000::/39

    Signature Algorithm: sha256WithRSAEncryption
         24:a0:3e:6e:92:98:a5:f3:c8:b5:bc:a4:fe:5d:60:9e:0a:65:
         eb:b3:47:82:42:b7:de:ab:37:74:ab:fb:54:7c:29:3f:3e:fe:
         9d:fe:39:b8:71:61:14:a5:41:86:21:a8:19:4e:9a:a1:ab:50:
         04:6c:84:3e:89:60:37:f2:58:dd:75:08:d6:d5:7e:e1:ff:6d:
         2e:5d:13:2e:a9:5a:35:09:c5:46:9b:b9:d2:8a:5a:51:88:e6:
         4b:c9:4e:da:b0:81:8f:6f:4c:0a:8c:15:61:62:cc:2d:02:80:
         91:b9:de:02:6a:6a:36:36:a1:77:dc:a6:ee:f7:d5:4c:af:30:
         e0:59:f7:e5:a0:6d:55:6c:6e:7e:84:28:9d:1a:00:2a:57:a5:
         19:08:07:2c:b2:98:27:99:df:4e:5c:73:ae:19:75:28:18:1a:
         56:9f:ef:4c:b6:0c:ba:c6:f8:23:a6:2b:5d:55:d3:42:d8:16:
         81:a6:2a:7a:66:c1:f1:7e:ae:65:88:18:87:4a:b1:4f:4b:68:
         32:6e:2a:d2:be:8e:5a:7b:b4:bd:0d:cf:26:d7:79:27:d4:c5:
         4c:39:49:ab:dc:09:32:c2:13:70:2b:09:b4:8b:5e:93:5b:90:
         db:4c:5b:f0:b3:1e:54:61:a2:d1:40:15:e5:b9:6a:b6:a6:63:
         a3:c8:28:99
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUa7fH6yX/G4ziSKFbBNWSQcjw62kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEyMDE0MDEzWhcNMjUxMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BjZWE5MWE5MWJiYzA0NjgzZDM1M2M4OGE2ODBhMjAxZDk2
NzllODM3NjI2NjNhYjdhMGExMmRmNzMxM2UyZDQxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC9YXvTPjIPNjAsZVyPpc1qQ1bVUv6mmSUgdDGKGZNKz3yT
enmJgbV1oA6aUj+74jBVJ20U3RoNDjpSACuRn2qrwQrOoXvteMp9kpWYgs4t/zH2
fldpjUl5Q9qdUrkjKn+87LpRIqzKxOrtz6WGBS1UHkeQtofUroLBXf/qkezXfhGs
Fai+wyiYEF+OIXpfLJo6ho1oKd6RIxhCtrH6SJda42Hi0XYtqDFWRxw+r1w6BHFY
0OJ7DPuGCi1wIe6iQYZX95iI7CdfjJjplFH/TGaRD/F6hQx6gJOdefjswsGyxxlB
NEhjPimQjc+QZtcCgSJSwWyMfG//KfR/6weS4WBxAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUJqCuRBNmhwDfngfpGxKiJt3WuRkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2VhNDhkYTQwLWU2MDYtNDBjYS1hNDdlLTQ5OTczYzI5MjBiMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAB+4gDANBgkqhkiG9w0BAQsFAAOCAQEAJKA+bpKYpfPItbyk/l1gngpl
67NHgkK33qs3dKv7VHwpPz7+nf45uHFhFKVBhiGoGU6aoatQBGyEPolgN/JY3XUI
1tV+4f9tLl0TLqlaNQnFRpu50opaUYjmS8lO2rCBj29MCowVYWLMLQKAkbneAmpq
Njahd9ym7vfVTK8w4Fn35aBtVWxufoQonRoAKlelGQgHLLKYJ5nfTlxzrhl1KBga
Vp/vTLYMusb4I6YrXVXTQtgWgaYqembB8X6uZYgYh0qxT0toMm4q0r6OWnu0vQ3P
Jtd5J9TFTDlJq9wJMsITcCsJtItek1uQ20xb8LMeVGGi0UAV5blqtqZjo8gomQ==
-----END CERTIFICATE-----