This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4b958acb-1d54-472e-b493-5b27ed769a39.roa
File:                     4b958acb-1d54-472e-b493-5b27ed769a39.roa (raw, json)
Hash identifier:          eFTrn9zhG0g0+D+j7ELeILlNBIelVjH2h6M3I4yh1tE=
Subject key identifier:   10:8C:1E:5E:0F:96:81:0F:52:BA:4D:C3:5F:9F:64:53:72:80:41:99
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       38183810EFD9CF1738A1E00B21BD3E49DE0ED5DC
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4b958acb-1d54-472e-b493-5b27ed769a39.roa
Signing time:             Wed 19 Nov 2025 00:01:12 +0000
ROA not before:           Wed 19 Nov 2025 00:01:12 +0000
ROA not after:            Tue 17 Feb 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        16.206.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:18:38:10:ef:d9:cf:17:38:a1:e0:0b:21:bd:3e:49:de:0e:d5:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 19 00:01:12 2025 GMT
            Not After : Feb 17 23:59:59 2026 GMT
        Subject: serialNumber=feddd470745733f694f3ab77bbabd600c7c4d9740a7ec77192ddcb17cb39dbf4, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:61:6b:cc:32:95:24:7c:af:c7:eb:3b:a8:b2:
                    8d:09:59:86:f7:65:63:8a:36:30:52:44:f7:f7:dd:
                    4e:64:d8:6c:82:0d:85:bc:5a:30:f7:de:55:f0:e9:
                    8b:d9:2b:79:e7:e8:a2:39:9b:2a:ad:e7:ff:b8:67:
                    42:ad:ac:9b:17:c4:cf:e8:f8:f4:16:f6:42:d9:16:
                    d6:01:d8:a9:e7:90:e7:01:1b:d5:a7:22:99:13:38:
                    50:de:d1:d9:89:64:b1:44:51:ff:3b:f9:11:0d:3c:
                    ac:93:c7:8b:98:48:dd:c3:2b:54:99:ad:2f:96:6c:
                    56:e8:c1:3f:5b:fc:74:f6:1a:3b:43:85:a7:2b:11:
                    d6:a7:6e:5a:b7:a4:e4:cc:a0:b2:63:be:cc:fd:6e:
                    90:04:4c:eb:1e:56:e2:bd:36:90:a7:b8:cb:ee:e0:
                    eb:b9:0e:fe:22:69:77:28:e3:6b:b8:47:9a:73:7c:
                    87:af:8c:e6:bd:dc:bf:21:11:ef:71:bb:a5:44:b5:
                    56:f0:75:01:2b:89:36:8f:ee:26:41:6c:99:25:ed:
                    e4:1c:14:13:cb:a9:96:2a:86:63:0a:f8:db:12:ea:
                    b5:4f:75:fe:74:87:87:bb:80:d8:a7:d6:d8:4b:12:
                    2c:57:b0:70:7a:41:9e:96:55:c9:4c:96:f7:dc:ea:
                    30:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:8C:1E:5E:0F:96:81:0F:52:BA:4D:C3:5F:9F:64:53:72:80:41:99
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4b958acb-1d54-472e-b493-5b27ed769a39.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.206.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         4d:a2:08:34:d8:3d:a1:ed:54:dd:5c:45:a7:c8:8b:a4:c7:8f:
         20:48:0a:8e:c2:99:f0:9f:b4:98:13:65:5a:6d:77:20:df:85:
         89:02:12:e2:75:ce:e6:89:d8:df:de:92:ce:1a:b5:7e:e2:a6:
         70:b2:d0:85:ee:e2:d4:eb:d6:6b:e2:98:6d:b0:df:7e:b5:70:
         43:11:01:e1:3c:d7:07:25:fe:dd:12:54:c7:2b:ec:55:64:64:
         d5:73:63:c5:27:2c:46:c0:84:72:68:2c:35:f1:9b:70:2d:60:
         0a:5d:47:8f:74:8d:78:2c:a6:4a:81:68:7a:d7:f7:93:17:19:
         7d:2c:58:e9:86:9e:46:fe:35:86:91:ca:fd:6c:8f:31:f6:6d:
         8c:89:7e:22:25:ab:8e:6a:1c:d5:48:91:57:6a:ab:6a:d0:3c:
         32:6b:72:d9:5d:39:6d:4e:cb:d1:c0:c1:44:3e:d6:6e:8f:07:
         ed:9c:5b:1e:ad:6f:de:2d:e1:3c:9e:3f:c6:00:ec:22:74:07:
         91:20:97:5c:e4:0a:7f:5e:0d:6f:bb:20:f9:a5:0a:4d:f3:04:
         60:b2:34:29:8e:59:e0:17:a6:26:42:1e:d1:5f:c6:a1:f8:8f:
         47:6a:5a:99:96:dd:f6:e0:53:60:99:c1:a0:d8:2e:bf:45:4f:
         89:5c:b1:4b
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUOBg4EO/Zzxc4oeALIb0+Sd4O1dwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTE5MDAwMTEyWhcNMjYwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BmZWRkZDQ3MDc0NTczM2Y2OTRmM2FiNzdiYmFiZDYwMGM3
YzRkOTc0MGE3ZWM3NzE5MmRkY2IxN2NiMzlkYmY0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCgYWvMMpUkfK/H6zuoso0JWYb3ZWOKNjBSRPf33U5k2GyC
DYW8WjD33lXw6YvZK3nn6KI5myqt5/+4Z0KtrJsXxM/o+PQW9kLZFtYB2KnnkOcB
G9WnIpkTOFDe0dmJZLFEUf87+RENPKyTx4uYSN3DK1SZrS+WbFbowT9b/HT2GjtD
hacrEdanblq3pOTMoLJjvsz9bpAETOseVuK9NpCnuMvu4Ou5Dv4iaXco42u4R5pz
fIevjOa93L8hEe9xu6VEtVbwdQEriTaP7iZBbJkl7eQcFBPLqZYqhmMK+NsS6rVP
df50h4e7gNin1thLEixXsHB6QZ6WVclMlvfc6jCbAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUEIweXg+WgQ9Suk3DX59kU3KAQZkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRiOTU4YWNiLTFkNTQtNDcyZS1iNDkzLTViMjdlZDc2OWEzOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQzjANBgkqhkiG9w0BAQsFAAOCAQEATaIINNg9oe1U3VxFp8iLpMePIEgK
jsKZ8J+0mBNlWm13IN+FiQIS4nXO5onY396Szhq1fuKmcLLQhe7i1OvWa+KYbbDf
frVwQxEB4TzXByX+3RJUxyvsVWRk1XNjxScsRsCEcmgsNfGbcC1gCl1Hj3SNeCym
SoFoetf3kxcZfSxY6YaeRv41hpHK/WyPMfZtjIl+IiWrjmoc1UiRV2qratA8Mmty
2V05bU7L0cDBRD7Wbo8H7ZxbHq1v3i3hPJ4/xgDsInQHkSCXXOQKf14Nb7sg+aUK
TfMEYLI0KY5Z4BemJkIe0V/GofiPR2pamZbd9uBTYJnBoNguv0VPiVyxSw==
-----END CERTIFICATE-----