This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4410e21e-cfe2-4c98-a0ed-b80647078428.roa
File:                     4410e21e-cfe2-4c98-a0ed-b80647078428.roa (raw, json)
Hash identifier:          IMEQSmsWz/v0Pak4NHffaYeLFcUAOFfnYBur6LfDwrw=
Subject key identifier:   AC:DC:85:5B:E4:D7:4F:6D:13:28:A2:93:6B:54:9C:3D:F4:57:CE:D1
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       61ADFC819962C37655F79760C15A5988CDAE4D9B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4410e21e-cfe2-4c98-a0ed-b80647078428.roa
Signing time:             Sun 16 Nov 2025 00:21:16 +0000
ROA not before:           Sun 16 Nov 2025 00:21:16 +0000
ROA not after:            Sun 21 Dec 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        35.54.60.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:ad:fc:81:99:62:c3:76:55:f7:97:60:c1:5a:59:88:cd:ae:4d:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 16 00:21:16 2025 GMT
            Not After : Dec 21 23:59:59 2025 GMT
        Subject: serialNumber=009ae2a60984c61edd9e992875ddbcae671aeefa1dfba0d75f140f712fd561f0, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:0b:73:c2:b7:98:d2:8f:4c:f2:e4:ad:36:a0:
                    29:22:94:78:05:13:cf:80:bb:1b:f2:b1:1d:8f:ec:
                    a1:aa:99:af:7b:3d:d6:3d:98:6e:6f:b0:1b:53:78:
                    89:f9:bb:f8:30:8e:4b:8a:2c:b7:ca:46:ea:f8:29:
                    96:9c:3f:2a:15:6f:88:25:3d:03:66:ba:16:5b:79:
                    42:47:bf:e4:70:c9:f2:61:72:f6:62:f8:36:c9:ec:
                    f7:59:65:25:aa:8f:c9:0f:ba:4f:99:31:c5:a2:1b:
                    b5:cd:05:17:71:13:6a:a5:be:5d:24:f2:94:63:52:
                    99:7e:0e:54:58:17:6c:b3:a0:be:45:db:96:69:e9:
                    2b:28:81:a1:5d:13:72:b8:78:aa:ce:ea:ce:31:bc:
                    a6:d6:38:97:7d:a8:ba:69:63:e7:53:60:f3:4d:9c:
                    40:88:55:0f:68:86:fb:4b:da:f9:08:ae:66:eb:04:
                    f6:75:dd:3c:11:6a:1b:f4:a8:df:96:04:63:51:44:
                    4e:74:f0:3c:04:ca:3b:9c:7b:9b:5f:77:79:12:67:
                    7a:70:85:8e:de:8b:09:bb:0c:24:53:e5:03:98:a5:
                    f2:d5:d1:06:48:82:5d:40:91:5d:de:1f:9d:89:bb:
                    c2:04:ca:d2:77:18:74:4d:02:a7:00:a0:f5:40:e8:
                    48:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:DC:85:5B:E4:D7:4F:6D:13:28:A2:93:6B:54:9C:3D:F4:57:CE:D1
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4410e21e-cfe2-4c98-a0ed-b80647078428.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.54.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         64:24:06:b5:d6:1c:75:13:8b:1a:e3:0d:f2:37:4d:05:b0:c3:
         da:c2:99:ae:8b:5c:96:e6:81:df:00:cc:67:41:3c:25:8c:66:
         ae:a6:f5:ed:9c:38:dc:f8:64:e1:24:5b:e9:bc:a3:4d:57:dd:
         1d:03:7a:e6:f8:89:49:a3:b2:c9:74:6b:bd:45:c4:71:96:12:
         87:fc:fe:1b:da:84:e9:d9:0f:a6:78:b8:25:6d:55:db:3c:d1:
         fe:09:bf:c2:9b:63:3d:28:66:cd:20:41:56:dd:27:a1:22:d0:
         98:ea:a3:9b:24:20:22:f9:5e:9e:69:b4:52:27:75:6e:cc:b8:
         54:25:5a:3a:6b:8a:94:bd:b6:9d:de:c1:da:0f:9f:73:1a:e7:
         e5:7b:a0:da:60:a7:71:c6:f4:f6:d3:20:7d:c0:a7:d6:3e:b7:
         50:4e:ef:9a:9f:5f:50:10:68:11:ca:47:4d:ee:2f:ea:8a:7c:
         7d:b4:33:f7:73:1d:a6:a7:47:69:81:4b:6b:7d:87:13:ff:f5:
         4e:9c:be:33:c7:4f:1e:68:25:10:bd:7f:a7:d9:71:ff:d0:9a:
         73:f5:dd:29:4d:f4:90:41:b4:68:90:25:f9:a8:01:d5:61:96:
         80:2a:ff:c3:2e:9f:dc:b4:00:77:45:94:bd:fc:8e:ca:50:17:
         4c:71:35:14
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYa38gZliw3ZV95dgwVpZiM2uTZswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTE2MDAyMTE2WhcNMjUxMjIxMjM1OTU5
WjB6MUkwRwYDVQQFE0AwMDlhZTJhNjA5ODRjNjFlZGQ5ZTk5Mjg3NWRkYmNhZTY3
MWFlZWZhMWRmYmEwZDc1ZjE0MGY3MTJmZDU2MWYwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyC3PCt5jSj0zy5K02oCkilHgFE8+AuxvysR2P7KGqma97
PdY9mG5vsBtTeIn5u/gwjkuKLLfKRur4KZacPyoVb4glPQNmuhZbeUJHv+RwyfJh
cvZi+DbJ7PdZZSWqj8kPuk+ZMcWiG7XNBRdxE2qlvl0k8pRjUpl+DlRYF2yzoL5F
25Zp6SsogaFdE3K4eKrO6s4xvKbWOJd9qLppY+dTYPNNnECIVQ9ohvtL2vkIrmbr
BPZ13TwRahv0qN+WBGNRRE508DwEyjuce5tfd3kSZ3pwhY7eiwm7DCRT5QOYpfLV
0QZIgl1AkV3eH52Ju8IEytJ3GHRNAqcAoPVA6EgtAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUrNyFW+TXT20TKKKTa1ScPfRXztEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ0MTBlMjFlLWNmZTItNGM5OC1hMGVkLWI4MDY0NzA3ODQyOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAjNjwwDQYJKoZIhvcNAQELBQADggEBAGQkBrXWHHUTixrjDfI3TQWww9rC
ma6LXJbmgd8AzGdBPCWMZq6m9e2cONz4ZOEkW+m8o01X3R0Deub4iUmjssl0a71F
xHGWEof8/hvahOnZD6Z4uCVtVds80f4Jv8KbYz0oZs0gQVbdJ6Ei0Jjqo5skICL5
Xp5ptFIndW7MuFQlWjpripS9tp3ewdoPn3Ma5+V7oNpgp3HG9PbTIH3Ap9Y+t1BO
75qfX1AQaBHKR03uL+qKfH20M/dzHaanR2mBS2t9hxP/9U6cvjPHTx5oJRC9f6fZ
cf/QmnP13SlN9JBBtGiQJfmoAdVhloAq/8Mun9y0AHdFlL38jspQF0xxNRQ=
-----END CERTIFICATE-----