This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1044c764-927e-41a1-b94e-b8bb9091f9c3.roa
File:                     1044c764-927e-41a1-b94e-b8bb9091f9c3.roa (raw, json)
Hash identifier:          vVNPECLTNmqNFI7gL3d+FA2u6C/AzltxasBmTLLjuJE=
Subject key identifier:   56:24:6A:AE:99:86:E1:1B:03:3F:45:AE:65:B3:45:5D:15:A6:AD:D2
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       561911824ECB1E710CD7BFF40E46BAE280B59AA6
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1044c764-927e-41a1-b94e-b8bb9091f9c3.roa
Signing time:             Wed 19 Nov 2025 00:11:05 +0000
ROA not before:           Wed 19 Nov 2025 00:11:05 +0000
ROA not after:            Tue 17 Feb 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        194.134.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:19:11:82:4e:cb:1e:71:0c:d7:bf:f4:0e:46:ba:e2:80:b5:9a:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 19 00:11:05 2025 GMT
            Not After : Feb 17 23:59:59 2026 GMT
        Subject: serialNumber=f5cf85f6493c62620c203fee50e33db1c93ea076d1ee2f4cd333381548e61899, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:46:77:d6:77:34:da:c1:24:25:30:f3:6f:46:
                    56:45:99:ee:59:05:46:c7:6e:35:b6:42:b0:11:80:
                    94:ac:7a:d0:37:d2:08:73:6f:b0:79:d0:5a:da:e0:
                    78:c3:98:e3:7c:f4:47:68:ae:7a:26:21:2c:fc:59:
                    85:92:5e:e7:8e:4d:54:87:12:b5:e7:3f:7d:96:8e:
                    60:a9:0e:8b:b2:7d:bd:eb:f7:b1:87:ca:b7:96:e2:
                    80:9d:39:29:61:71:ee:ee:cb:1c:d0:c2:d1:7e:b6:
                    fc:d3:3f:16:22:34:4a:d3:71:46:ca:b0:0b:60:e4:
                    28:df:55:76:cf:16:cf:7a:60:b1:eb:cf:d4:25:c9:
                    86:f3:1a:a5:42:22:a4:a8:18:55:b7:fd:a0:d1:3d:
                    9d:d2:90:fd:7c:aa:e7:05:ea:2e:b9:6e:89:4b:37:
                    3e:f9:74:b9:34:68:2f:5d:a1:c0:98:8b:2a:90:92:
                    e4:c5:39:0a:fc:3e:b6:44:66:26:78:41:ee:f8:94:
                    12:e8:93:d6:ef:d0:11:87:fd:2a:e1:8d:56:65:5c:
                    3b:f9:7f:db:a1:b2:68:9e:e1:58:37:d9:03:26:34:
                    34:53:41:b5:65:45:00:0a:03:7c:84:ee:c0:ad:eb:
                    e8:f2:cc:86:62:f3:c6:50:b6:8c:66:d9:5b:bf:de:
                    4f:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:24:6A:AE:99:86:E1:1B:03:3F:45:AE:65:B3:45:5D:15:A6:AD:D2
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1044c764-927e-41a1-b94e-b8bb9091f9c3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.134.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         bd:15:86:8f:e2:40:d6:03:55:4f:f1:5d:46:7e:9f:f2:a5:57:
         7a:d6:d7:38:3a:d5:3f:cc:d2:52:93:ac:26:0d:5c:4c:f4:57:
         c1:ed:bd:00:b9:5a:a9:97:f3:31:97:97:3b:91:8a:46:44:af:
         f7:85:0a:87:35:c6:cc:79:e8:bd:e6:90:a9:91:e5:1c:e7:47:
         84:a1:f6:56:68:74:22:32:1c:22:db:bb:b9:ad:a9:f5:42:a3:
         ae:58:6b:0f:c9:81:00:19:1e:34:42:19:cf:d1:c2:06:94:59:
         bd:93:0b:fe:9c:a8:24:b9:42:88:59:49:af:11:43:e9:62:b9:
         dd:99:79:66:a0:86:73:68:e8:b8:42:27:e7:e8:18:d5:03:0b:
         7d:1f:65:67:af:9b:7c:05:74:2e:ff:6a:7a:75:f8:33:22:76:
         49:4b:b5:b2:67:3d:65:59:86:2d:43:a6:94:b1:ed:3e:66:93:
         73:ba:e4:dc:56:78:e1:7d:c6:d4:d3:03:dc:11:69:23:52:04:
         f1:fb:7a:ff:a9:af:c6:08:67:80:43:c2:d2:95:5d:31:89:a4:
         c5:68:ef:2a:e1:0c:91:16:fb:bd:b8:7e:14:20:f2:6e:cc:2b:
         54:9b:8c:7c:95:51:75:8d:d4:60:8a:45:be:62:8f:0f:d0:f4:
         13:83:dc:e3
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUVhkRgk7LHnEM17/0Dka64oC1mqYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTE5MDAxMTA1WhcNMjYwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BmNWNmODVmNjQ5M2M2MjYyMGMyMDNmZWU1MGUzM2RiMWM5
M2VhMDc2ZDFlZTJmNGNkMzMzMzgxNTQ4ZTYxODk5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCJRnfWdzTawSQlMPNvRlZFme5ZBUbHbjW2QrARgJSsetA3
0ghzb7B50Fra4HjDmON89EdornomISz8WYWSXueOTVSHErXnP32WjmCpDouyfb3r
97GHyreW4oCdOSlhce7uyxzQwtF+tvzTPxYiNErTcUbKsAtg5CjfVXbPFs96YLHr
z9QlyYbzGqVCIqSoGFW3/aDRPZ3SkP18qucF6i65bolLNz75dLk0aC9docCYiyqQ
kuTFOQr8PrZEZiZ4Qe74lBLok9bv0BGH/SrhjVZlXDv5f9uhsmie4Vg32QMmNDRT
QbVlRQAKA3yE7sCt6+jyzIZi88ZQtoxm2Vu/3k8JAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUViRqrpmG4RsDP0WuZbNFXRWmrdIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzEwNDRjNzY0LTkyN2UtNDFhMS1iOTRlLWI4YmI5MDkxZjljMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwDChjANBgkqhkiG9w0BAQsFAAOCAQEAvRWGj+JA1gNVT/FdRn6f8qVXetbX
ODrVP8zSUpOsJg1cTPRXwe29ALlaqZfzMZeXO5GKRkSv94UKhzXGzHnoveaQqZHl
HOdHhKH2Vmh0IjIcItu7ua2p9UKjrlhrD8mBABkeNEIZz9HCBpRZvZML/pyoJLlC
iFlJrxFD6WK53Zl5ZqCGc2jouEIn5+gY1QMLfR9lZ6+bfAV0Lv9qenX4MyJ2SUu1
smc9ZVmGLUOmlLHtPmaTc7rk3FZ44X3G1NMD3BFpI1IE8ft6/6mvxghngEPC0pVd
MYmkxWjvKuEMkRb7vbh+FCDybswrVJuMfJVRdY3UYIpFvmKPD9D0E4Pc4w==
-----END CERTIFICATE-----