This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/03f9aa29-3019-4136-a7a6-f6d848d356b7.roa
File:                     03f9aa29-3019-4136-a7a6-f6d848d356b7.roa (raw, json)
Hash identifier:          7yyddi0yQVkmd0N1Cu8FiR6/ERSjZxs+qZjq9joSUFA=
Subject key identifier:   6E:EB:C6:89:AD:E7:9F:80:4B:D2:3C:D2:54:3A:8C:31:53:E3:59:ED
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       57B8D75245577D33E93453733E3A9CFBDB893346
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/03f9aa29-3019-4136-a7a6-f6d848d356b7.roa
Signing time:             Wed 19 Nov 2025 00:10:42 +0000
ROA not before:           Wed 19 Nov 2025 00:10:42 +0000
ROA not after:            Tue 17 Feb 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        16.22.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:b8:d7:52:45:57:7d:33:e9:34:53:73:3e:3a:9c:fb:db:89:33:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 19 00:10:42 2025 GMT
            Not After : Feb 17 23:59:59 2026 GMT
        Subject: serialNumber=a5c4f74cd3a85b16721f21765cf746de6e5e037ed5a1e4e4e8d4fc8bf4a6423d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:e0:b2:90:7c:cc:bc:d7:b8:c0:32:1a:5c:9c:
                    c0:c8:17:95:af:65:da:b0:0e:09:6a:69:cc:91:f4:
                    bd:a7:47:f1:89:44:f0:3a:54:9d:7f:c2:33:7d:5b:
                    3f:5a:f7:0b:e4:00:e2:83:26:0c:94:55:77:32:48:
                    bc:f1:8a:5c:5c:fe:04:a7:42:81:a3:69:93:78:10:
                    7c:c9:6d:70:18:c1:00:01:ab:fc:6a:b5:d9:9f:b7:
                    50:0c:cc:45:a3:36:59:ef:fa:b9:58:60:ee:c2:d0:
                    ee:fc:94:66:61:0c:4f:39:37:74:7f:62:fa:3b:83:
                    f2:e1:b6:24:9b:50:b9:95:27:b5:c9:6a:9a:cf:61:
                    8b:97:29:23:1c:52:7e:6e:a2:80:63:68:74:1a:76:
                    4d:96:4b:4d:72:58:6c:a9:64:c2:62:5f:58:d4:0b:
                    15:62:3e:fd:af:82:10:b2:b0:1c:ef:e5:2c:58:00:
                    b1:e7:fd:e5:3b:a5:9e:65:f7:a9:d1:0b:4b:81:71:
                    ad:69:20:ab:37:59:35:66:9a:94:99:ca:6c:61:ef:
                    0a:23:ec:32:a7:61:b9:ed:a8:ab:72:56:16:b1:2b:
                    18:fc:1d:9c:da:8e:01:26:12:54:c5:0a:4c:ed:cf:
                    bd:47:a3:42:aa:e3:eb:c9:b7:ed:3a:61:e6:e1:26:
                    d7:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:EB:C6:89:AD:E7:9F:80:4B:D2:3C:D2:54:3A:8C:31:53:E3:59:ED
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/03f9aa29-3019-4136-a7a6-f6d848d356b7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.22.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         0b:cc:37:79:2b:5e:88:b2:d3:d7:b1:3b:6d:5d:ed:f1:5e:0f:
         0f:23:71:85:d0:6a:b5:b3:d9:fe:4d:ca:9a:99:b9:98:51:2c:
         b4:7a:49:19:bf:b7:d4:50:82:a8:c4:a3:7c:64:d0:f0:2a:54:
         51:33:c1:99:d1:17:9a:5e:67:5f:72:ac:7a:03:c1:08:3e:c6:
         4d:3e:32:4e:66:26:1d:43:9d:05:fb:85:84:cb:bb:29:0d:71:
         0b:5e:0b:be:a3:0d:82:de:5a:02:3f:80:7f:7a:34:f5:d0:6b:
         72:d5:1d:f0:0d:a9:10:2d:85:04:0b:1b:ae:7b:63:91:da:79:
         c6:e2:20:61:d6:b1:0d:b0:8a:8b:54:41:0c:b5:0e:c4:84:19:
         07:3c:66:b3:9a:d5:fa:dc:bf:d1:4b:bf:12:3b:37:ec:88:96:
         1e:a1:43:3c:60:31:b2:6b:51:57:eb:9c:78:72:a1:bf:1d:6b:
         52:1c:b2:41:a6:db:90:e1:a3:7e:86:30:a1:ed:f2:a8:ce:13:
         57:27:bc:ff:6d:69:e2:4e:84:b0:15:72:bb:9e:24:33:71:20:
         bc:6e:1e:a5:09:25:1e:b1:fe:3b:41:d9:73:49:ba:cb:7b:ab:
         a7:00:4d:01:12:ed:27:ae:60:cc:83:8b:6d:07:77:74:22:57:
         d4:cf:fd:d8
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUV7jXUkVXfTPpNFNzPjqc+9uJM0YwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTE5MDAxMDQyWhcNMjYwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BhNWM0Zjc0Y2QzYTg1YjE2NzIxZjIxNzY1Y2Y3NDZkZTZl
NWUwMzdlZDVhMWU0ZTRlOGQ0ZmM4YmY0YTY0MjNkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDZ4LKQfMy817jAMhpcnMDIF5WvZdqwDglqacyR9L2nR/GJ
RPA6VJ1/wjN9Wz9a9wvkAOKDJgyUVXcySLzxilxc/gSnQoGjaZN4EHzJbXAYwQAB
q/xqtdmft1AMzEWjNlnv+rlYYO7C0O78lGZhDE85N3R/Yvo7g/LhtiSbULmVJ7XJ
aprPYYuXKSMcUn5uooBjaHQadk2WS01yWGypZMJiX1jUCxViPv2vghCysBzv5SxY
ALHn/eU7pZ5l96nRC0uBca1pIKs3WTVmmpSZymxh7woj7DKnYbntqKtyVhaxKxj8
HZzajgEmElTFCkztz71Ho0Kq4+vJt+06YebhJtcXAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUbuvGia3nn4BL0jzSVDqMMVPjWe0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzAzZjlhYTI5LTMwMTktNDEzNi1hN2E2LWY2ZDg0OGQzNTZiNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQFjANBgkqhkiG9w0BAQsFAAOCAQEAC8w3eSteiLLT17E7bV3t8V4PDyNx
hdBqtbPZ/k3Kmpm5mFEstHpJGb+31FCCqMSjfGTQ8CpUUTPBmdEXml5nX3KsegPB
CD7GTT4yTmYmHUOdBfuFhMu7KQ1xC14LvqMNgt5aAj+Af3o09dBrctUd8A2pEC2F
BAsbrntjkdp5xuIgYdaxDbCKi1RBDLUOxIQZBzxms5rV+ty/0Uu/Ejs37IiWHqFD
PGAxsmtRV+uceHKhvx1rUhyyQabbkOGjfoYwoe3yqM4TVye8/21p4k6EsBVyu54k
M3EgvG4epQklHrH+O0HZc0m6y3urpwBNARLtJ65gzIOLbQd3dCJX1M/92A==
-----END CERTIFICATE-----