This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/21bb0458-625d-4892-a4e1-e544b849201a.roa
File:                     21bb0458-625d-4892-a4e1-e544b849201a.roa (raw, json)
Hash identifier:          WnkESFN7U5+Yn4weKQdUcEgKB+bNSQkwM6bpDOM8mBs=
Subject key identifier:   07:6D:18:96:FA:86:0F:D3:15:97:F5:C8:61:D3:BD:3D:D0:BA:8D:EA
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       731451FAA6792F1887FCAC35CAB5686FF08A5D83
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/21bb0458-625d-4892-a4e1-e544b849201a.roa
Signing time:             Sat 22 Nov 2025 00:41:33 +0000
ROA not before:           Sat 22 Nov 2025 00:41:33 +0000
ROA not after:            Fri 20 Feb 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        63.249.128.0/17 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:14:51:fa:a6:79:2f:18:87:fc:ac:35:ca:b5:68:6f:f0:8a:5d:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 22 00:41:33 2025 GMT
            Not After : Feb 20 23:59:59 2026 GMT
        Subject: serialNumber=53b0ae52a975424189b836daae7d063986ec2ef8d0769cf562e0dc13896eb7ec, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:6b:24:59:ca:3c:4e:d1:a7:60:0a:c2:16:a6:
                    07:c3:4b:73:e7:1c:ad:ce:56:ec:99:a1:b4:2d:0e:
                    d7:4e:59:d9:34:94:8a:66:8f:0f:ae:78:2f:1c:74:
                    2a:43:55:b0:a3:64:80:d1:12:5a:31:3f:be:86:9a:
                    a8:cb:a1:fd:75:c1:22:d9:20:bf:fd:b0:64:b9:4d:
                    76:5f:21:fd:97:bf:37:2c:64:30:d1:e4:96:f5:9d:
                    ee:f3:83:81:e0:b7:01:bf:bf:80:04:39:51:d4:fc:
                    31:ee:47:6a:32:89:45:6c:e3:78:8d:50:62:86:d6:
                    3f:25:f6:0a:a4:38:9d:4e:cd:16:0d:87:00:e1:3d:
                    db:d6:05:91:98:f9:93:1e:bf:77:58:f0:aa:35:bb:
                    97:bd:83:a3:22:4c:7a:d9:82:e0:7b:81:1b:cf:73:
                    35:63:34:69:6e:35:ec:f3:dd:a5:4b:03:80:d6:cf:
                    f2:36:c7:2c:c6:8a:b0:8a:fe:a5:00:e9:6e:0f:f1:
                    fb:ef:4a:ff:42:6b:78:d5:9d:79:ff:9c:45:38:c3:
                    37:23:a7:8b:ce:bd:05:1c:5f:20:d4:87:06:18:60:
                    12:5e:d4:1b:ac:6d:b4:5c:72:5b:25:8d:fd:12:e0:
                    08:ae:19:53:cf:5e:5c:50:a6:6c:df:1a:9c:5f:8b:
                    f7:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:6D:18:96:FA:86:0F:D3:15:97:F5:C8:61:D3:BD:3D:D0:BA:8D:EA
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/21bb0458-625d-4892-a4e1-e544b849201a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  63.249.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         4f:dc:65:6e:85:4c:ef:6a:34:75:59:6b:1c:63:09:ce:cb:f1:
         fd:2a:41:65:18:8c:3d:c4:21:d5:6c:03:55:26:a3:a1:e1:a8:
         d7:e7:0d:95:cf:cf:2b:cf:36:cb:a5:6b:ae:2e:10:8b:27:55:
         2e:6a:75:9a:2e:c9:38:d7:15:58:4c:83:d0:16:03:9d:77:4a:
         05:81:cc:d5:26:86:3d:38:c2:17:c8:0e:1b:93:c9:e6:97:5a:
         18:3c:f8:62:fc:17:1e:8a:2d:95:57:58:8c:0b:c3:bf:b3:3b:
         d9:60:95:d2:e1:ce:90:b2:a1:e9:66:52:24:cf:9f:b0:cf:3f:
         34:36:ec:67:be:0f:c0:32:f4:55:2f:c6:5a:5e:ff:a9:73:ba:
         ca:db:82:89:fb:86:0e:4f:39:b2:03:42:0c:bf:60:3f:1c:4a:
         8a:5b:e8:0a:c5:55:4d:e5:55:c9:c5:4b:6f:fd:34:2c:e8:fc:
         bb:05:e0:ca:47:21:7c:d6:d6:af:36:d8:47:ea:81:29:5a:98:
         b4:3b:7c:31:f3:a7:33:1d:c2:ba:12:0c:c8:27:3c:78:f1:ea:
         64:72:c9:7d:76:ca:ad:da:98:43:53:32:76:75:30:b2:63:ed:
         a7:c4:e2:de:cd:44:5b:9b:41:cc:ba:c6:03:26:a5:98:eb:9e:
         5f:aa:a5:4c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcxRR+qZ5LxiH/Kw1yrVob/CKXYMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTIyMDA0MTMzWhcNMjYwMjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A1M2IwYWU1MmE5NzU0MjQxODliODM2ZGFhZTdkMDYzOTg2
ZWMyZWY4ZDA3NjljZjU2MmUwZGMxMzg5NmViN2VjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzayRZyjxO0adgCsIWpgfDS3PnHK3OVuyZobQtDtdOWdk0
lIpmjw+ueC8cdCpDVbCjZIDREloxP76GmqjLof11wSLZIL/9sGS5TXZfIf2Xvzcs
ZDDR5Jb1ne7zg4HgtwG/v4AEOVHU/DHuR2oyiUVs43iNUGKG1j8l9gqkOJ1OzRYN
hwDhPdvWBZGY+ZMev3dY8Ko1u5e9g6MiTHrZguB7gRvPczVjNGluNezz3aVLA4DW
z/I2xyzGirCK/qUA6W4P8fvvSv9Ca3jVnXn/nEU4wzcjp4vOvQUcXyDUhwYYYBJe
1BusbbRcclsljf0S4AiuGVPPXlxQpmzfGpxfi/fDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUB20YlvqGD9MVl/XIYdO9PdC6jeowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzIxYmIwNDU4LTYyNWQtNDg5Mi1hNGUxLWU1NDRiODQ5MjAxYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAc/+YAwDQYJKoZIhvcNAQELBQADggEBAE/cZW6FTO9qNHVZaxxjCc7L8f0q
QWUYjD3EIdVsA1Umo6HhqNfnDZXPzyvPNsula64uEIsnVS5qdZouyTjXFVhMg9AW
A513SgWBzNUmhj04whfIDhuTyeaXWhg8+GL8Fx6KLZVXWIwLw7+zO9lgldLhzpCy
oelmUiTPn7DPPzQ27Ge+D8Ay9FUvxlpe/6lzusrbgon7hg5PObIDQgy/YD8cSopb
6ArFVU3lVcnFS2/9NCzo/LsF4MpHIXzW1q822EfqgSlamLQ7fDHzpzMdwroSDMgn
PHjx6mRyyX12yq3amENTMnZ1MLJj7afE4t7NRFubQcy6xgMmpZjrnl+qpUw=
-----END CERTIFICATE-----