This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/44b2496f-270e-4583-8750-8d879994d57d.roa
File:                     44b2496f-270e-4583-8750-8d879994d57d.roa (raw, json)
Hash identifier:          SS2RwL97SbIAKv1G4ak2PbdokkQzl4jmkB1JzFXGMJg=
Subject key identifier:   73:2C:BC:96:C1:29:16:D8:39:B0:5B:BA:36:2D:26:C1:0D:DB:6C:52
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       109D944ED5C2A903BD5155683F92DCF89D21D363
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/44b2496f-270e-4583-8750-8d879994d57d.roa
Signing time:             Thu 20 Nov 2025 00:21:00 +0000
ROA not before:           Thu 20 Nov 2025 00:21:00 +0000
ROA not after:            Wed 18 Feb 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        72.41.0.0/20 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:9d:94:4e:d5:c2:a9:03:bd:51:55:68:3f:92:dc:f8:9d:21:d3:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 20 00:21:00 2025 GMT
            Not After : Feb 18 23:59:59 2026 GMT
        Subject: serialNumber=c79fb266a5ab2930392af5e2be049ebd483bd8f0f04e9f6271f7bb25bbc7a425, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:ad:70:9a:bd:11:4e:13:fc:56:cc:85:38:91:
                    4a:4c:88:40:0f:c7:fb:fc:00:b0:79:06:f9:e5:61:
                    c5:e6:8c:29:04:b7:b8:1a:34:b8:76:44:55:99:4b:
                    a9:db:52:5b:83:53:e4:bc:e9:32:1c:32:63:86:b8:
                    e4:06:3b:cf:f7:5a:25:d6:99:8c:2d:9c:27:bf:fc:
                    a9:21:a6:ce:39:48:08:bc:be:d8:43:b9:5e:aa:7c:
                    2f:43:cf:3f:b5:12:08:41:ad:6b:c8:bb:02:49:74:
                    d7:87:47:01:bd:a0:f7:72:13:d5:0d:83:c8:00:e1:
                    c8:c8:7a:0f:b9:66:5d:5a:72:ec:14:2d:10:d5:65:
                    54:8c:4e:0b:6f:e5:09:30:56:c8:b4:c9:ca:c0:02:
                    e5:85:5b:67:b8:09:4e:fd:53:9e:d3:d6:22:61:7c:
                    c9:12:37:ae:a4:bc:6e:a3:ba:45:ec:72:ac:57:be:
                    0e:6f:45:ec:cc:ce:4a:72:fb:4f:f4:c7:c7:4c:2f:
                    dc:47:12:07:c4:11:31:de:e3:b5:ce:f4:12:f3:7e:
                    53:86:35:f0:f2:2a:94:d8:98:c6:c6:06:cb:e8:98:
                    d8:85:86:96:ec:60:e2:d7:a1:66:07:4c:b8:00:1c:
                    cd:5a:95:bb:d7:7e:f7:78:d5:98:7a:66:a0:f1:9b:
                    1b:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:2C:BC:96:C1:29:16:D8:39:B0:5B:BA:36:2D:26:C1:0D:DB:6C:52
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/44b2496f-270e-4583-8750-8d879994d57d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  72.41.0.0/20

    Signature Algorithm: sha256WithRSAEncryption
         21:21:cd:2a:89:6a:56:99:b9:a9:81:47:ee:eb:56:fb:22:72:
         4d:cc:f0:4d:fe:e3:2d:aa:0f:cb:9e:91:1b:d5:0e:37:e8:58:
         26:d4:f9:9e:26:0d:51:1e:e4:8f:eb:e3:6e:95:56:a3:02:66:
         73:da:68:c4:62:77:0d:d6:57:eb:61:93:c2:c9:b3:bf:e9:cc:
         38:76:b8:a3:1d:37:56:b8:7c:11:7e:5d:9a:aa:5b:9c:ff:84:
         7c:ed:f9:b7:10:75:8e:de:b7:26:a0:d4:83:5f:ad:ee:c3:28:
         1e:9e:59:7e:de:39:1d:d7:35:63:90:14:0e:fa:d9:d4:ec:8d:
         d1:91:66:32:e4:00:97:8d:43:5f:77:83:bc:75:c0:0c:6e:b3:
         53:06:db:2f:6b:92:6c:65:61:2e:60:47:a8:b7:ef:cf:4b:8a:
         44:81:bf:ff:cd:ce:ed:39:b3:1c:eb:e0:ed:25:45:40:93:44:
         81:da:92:30:c7:7a:2f:ec:2e:b8:d1:e7:47:d6:d6:1b:ea:6b:
         73:70:56:9e:15:9d:a5:6a:5a:0a:4f:d8:7c:b5:c2:a1:f6:b4:
         57:b3:57:a8:64:fe:a2:d6:f8:c8:56:e6:a7:1a:aa:6c:88:2e:
         3d:78:12:ad:97:5e:2e:be:af:98:c1:bb:0a:93:6c:89:3b:20:
         3f:8c:11:18
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUEJ2UTtXCqQO9UVVoP5Lc+J0h02MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTIwMDAyMTAwWhcNMjYwMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BjNzlmYjI2NmE1YWIyOTMwMzkyYWY1ZTJiZTA0OWViZDQ4
M2JkOGYwZjA0ZTlmNjI3MWY3YmIyNWJiYzdhNDI1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCTrXCavRFOE/xWzIU4kUpMiEAPx/v8ALB5BvnlYcXmjCkE
t7gaNLh2RFWZS6nbUluDU+S86TIcMmOGuOQGO8/3WiXWmYwtnCe//Kkhps45SAi8
vthDuV6qfC9Dzz+1EghBrWvIuwJJdNeHRwG9oPdyE9UNg8gA4cjIeg+5Zl1acuwU
LRDVZVSMTgtv5QkwVsi0ycrAAuWFW2e4CU79U57T1iJhfMkSN66kvG6jukXscqxX
vg5vRezMzkpy+0/0x8dML9xHEgfEETHe47XO9BLzflOGNfDyKpTYmMbGBsvomNiF
hpbsYOLXoWYHTLgAHM1albvXfvd41Zh6ZqDxmxtFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUcyy8lsEpFtg5sFu6Ni0mwQ3bbFIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ0YjI0OTZmLTI3MGUtNDU4My04NzUwLThkODc5OTk0ZDU3ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBARIKQAwDQYJKoZIhvcNAQELBQADggEBACEhzSqJalaZuamBR+7rVvsick3M
8E3+4y2qD8uekRvVDjfoWCbU+Z4mDVEe5I/r426VVqMCZnPaaMRidw3WV+thk8LJ
s7/pzDh2uKMdN1a4fBF+XZqqW5z/hHzt+bcQdY7etyag1INfre7DKB6eWX7eOR3X
NWOQFA762dTsjdGRZjLkAJeNQ193g7x1wAxus1MG2y9rkmxlYS5gR6i3789LikSB
v//Nzu05sxzr4O0lRUCTRIHakjDHei/sLrjR50fW1hvqa3NwVp4VnaVqWgpP2Hy1
wqH2tFezV6hk/qLW+MhW5qcaqmyILj14Eq2XXi6+r5jBuwqTbIk7ID+MERg=
-----END CERTIFICATE-----