This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1961c89e-9444-43ce-a7aa-2c38d465b29d.roa
File:                     1961c89e-9444-43ce-a7aa-2c38d465b29d.roa (raw, json)
Hash identifier:          ZCOS4xLQOicBR8LhvSppGJ3mDVMsChnEKVWHJLf3DX4=
Subject key identifier:   E7:89:2E:C9:D8:5D:FE:E7:E4:C4:DE:EC:0A:81:4C:C2:49:AE:C8:FC
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4C5D1ADAC00D4988D8935F8677A9098B6978D02B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1961c89e-9444-43ce-a7aa-2c38d465b29d.roa
Signing time:             Wed 12 Nov 2025 00:21:48 +0000
ROA not before:           Wed 12 Nov 2025 00:21:48 +0000
ROA not after:            Wed 17 Dec 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        23.22.74.0/23 maxlen: 23
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:5d:1a:da:c0:0d:49:88:d8:93:5f:86:77:a9:09:8b:69:78:d0:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 12 00:21:48 2025 GMT
            Not After : Dec 17 23:59:59 2025 GMT
        Subject: serialNumber=4a0f31b03135b6c8eac2e463e945b37cd0368696a7339f49b5e2b0d839b0e89b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:ea:e9:b0:dc:a0:5e:5f:52:14:dc:5c:7a:dc:
                    1c:f5:14:5c:ec:a7:87:98:c4:07:9e:e0:93:84:39:
                    c9:8d:74:fe:88:b1:57:c2:b6:56:59:d9:71:3b:89:
                    f3:72:56:bd:33:0c:b3:37:f7:9c:cf:44:de:c2:79:
                    6f:e0:f5:d0:3c:55:9a:e8:59:1e:f2:8b:37:1c:18:
                    01:f1:93:ce:c0:e3:f5:7b:5a:2d:06:34:46:fd:52:
                    11:e7:68:83:e1:54:b3:72:a1:df:08:ce:1f:40:dc:
                    82:8a:1f:6a:25:73:d0:05:93:5f:38:0e:2e:99:76:
                    3a:11:de:db:95:fe:68:1d:84:40:8e:78:f4:02:b2:
                    fc:bf:84:cc:b3:41:79:d0:13:0b:c2:e9:9d:0d:41:
                    99:fb:ed:7c:e1:98:a1:f4:4d:43:db:8d:02:b6:31:
                    78:3b:73:63:07:10:7a:b7:25:1d:cb:5c:47:39:21:
                    5d:10:0a:2c:9b:a8:a0:80:91:51:5b:eb:30:2b:7a:
                    00:3c:5a:80:32:d8:43:a1:c1:79:3b:44:ad:11:e9:
                    0f:22:10:99:1e:5a:fc:68:b2:c8:4d:b9:a6:79:1e:
                    1f:75:c5:16:cf:53:f3:ee:f6:4c:0e:cc:97:2b:01:
                    3b:b2:68:25:ac:bf:ed:7b:bc:36:98:c3:2a:36:9b:
                    7d:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:89:2E:C9:D8:5D:FE:E7:E4:C4:DE:EC:0A:81:4C:C2:49:AE:C8:FC
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1961c89e-9444-43ce-a7aa-2c38d465b29d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.22.74.0/23

    Signature Algorithm: sha256WithRSAEncryption
         70:c1:c3:87:31:de:bc:ab:8b:cd:90:92:56:9c:5f:92:00:fc:
         e7:a9:e8:98:42:8b:26:dc:7d:0b:10:7f:bb:cd:62:ce:3b:91:
         83:de:42:82:6e:88:f7:ea:bd:a0:f4:9e:08:a5:f9:82:97:df:
         1b:2a:6d:95:fd:24:7e:3a:f1:c7:97:fb:cc:1f:8f:e1:86:44:
         d0:db:06:61:53:3e:0a:11:46:42:82:ff:85:46:fb:06:65:64:
         aa:ba:2f:4b:e8:f1:43:26:d0:92:52:68:a9:4c:27:45:e1:a1:
         e5:23:72:a5:ca:f2:d4:d9:2c:4a:5e:e8:50:e2:f0:b3:ed:ae:
         44:7d:f6:ae:84:e8:bf:48:63:09:21:4f:d6:7b:35:5d:19:43:
         9d:2c:73:ea:97:5d:60:04:1b:5d:0e:06:0a:54:bc:e6:82:32:
         d6:7c:d9:73:bc:ff:33:90:95:55:4d:46:30:53:2e:1a:bf:1f:
         b0:1a:92:b1:da:b8:89:70:87:97:7d:bf:53:c0:aa:06:80:bc:
         c9:c2:c6:08:b4:a3:21:d5:d6:1b:19:a8:bd:cf:68:76:ee:4f:
         70:5a:fc:65:76:f8:c2:50:17:fa:3b:b4:5c:f9:1f:49:05:71:
         20:ad:30:80:16:53:a3:71:70:81:e9:71:72:56:af:8c:7a:6c:
         6f:af:bc:7a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTF0a2sANSYjYk1+Gd6kJi2l40CswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEyMDAyMTQ4WhcNMjUxMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A0YTBmMzFiMDMxMzViNmM4ZWFjMmU0NjNlOTQ1YjM3Y2Qw
MzY4Njk2YTczMzlmNDliNWUyYjBkODM5YjBlODliMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDN6umw3KBeX1IU3Fx63Bz1FFzsp4eYxAee4JOEOcmNdP6I
sVfCtlZZ2XE7ifNyVr0zDLM395zPRN7CeW/g9dA8VZroWR7yizccGAHxk87A4/V7
Wi0GNEb9UhHnaIPhVLNyod8Izh9A3IKKH2olc9AFk184Di6ZdjoR3tuV/mgdhECO
ePQCsvy/hMyzQXnQEwvC6Z0NQZn77XzhmKH0TUPbjQK2MXg7c2MHEHq3JR3LXEc5
IV0QCiybqKCAkVFb6zAregA8WoAy2EOhwXk7RK0R6Q8iEJkeWvxosshNuaZ5Hh91
xRbPU/Pu9kwOzJcrATuyaCWsv+17vDaYwyo2m32ZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU54kuydhd/ufkxN7sCoFMwkmuyPwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE5NjFjODllLTk0NDQtNDNjZS1hN2FhLTJjMzhkNDY1YjI5ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEXFkowDQYJKoZIhvcNAQELBQADggEBAHDBw4cx3ryri82QklacX5IA/Oep
6JhCiybcfQsQf7vNYs47kYPeQoJuiPfqvaD0ngil+YKX3xsqbZX9JH468ceX+8wf
j+GGRNDbBmFTPgoRRkKC/4VG+wZlZKq6L0vo8UMm0JJSaKlMJ0XhoeUjcqXK8tTZ
LEpe6FDi8LPtrkR99q6E6L9IYwkhT9Z7NV0ZQ50sc+qXXWAEG10OBgpUvOaCMtZ8
2XO8/zOQlVVNRjBTLhq/H7AakrHauIlwh5d9v1PAqgaAvMnCxgi0oyHV1hsZqL3P
aHbuT3Ba/GV2+MJQF/o7tFz5H0kFcSCtMIAWU6NxcIHpcXJWr4x6bG+vvHo=
-----END CERTIFICATE-----