This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4ee89831-18c3-4da5-bc96-7e36365a729d.roa
File:                     4ee89831-18c3-4da5-bc96-7e36365a729d.roa (raw, json)
Hash identifier:          9W0CMjGOPRpM19Ug9OusxGl7JdRy89sVbak4VEE5eK4=
Subject key identifier:   B8:BC:21:34:B6:63:E5:8B:F7:A1:90:54:56:F5:B8:30:5C:7A:66:B4
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5072CBA07F991AE6FF0BB3E501E1A8E0860C39CD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4ee89831-18c3-4da5-bc96-7e36365a729d.roa
Signing time:             Tue 11 Nov 2025 01:40:20 +0000
ROA not before:           Tue 11 Nov 2025 01:40:20 +0000
ROA not after:            Tue 16 Dec 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        100.28.208.0/23 maxlen: 23
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:72:cb:a0:7f:99:1a:e6:ff:0b:b3:e5:01:e1:a8:e0:86:0c:39:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 11 01:40:20 2025 GMT
            Not After : Dec 16 23:59:59 2025 GMT
        Subject: serialNumber=f5ba7e476860b766b876a10133e1d926fb2b0e20c6be23fbc8c8e6c013e1c339, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:a6:65:78:5f:20:f1:75:2a:4b:d9:09:6d:a1:
                    ff:b7:a6:70:3c:57:0a:90:24:8f:24:c5:bb:03:8e:
                    d7:83:86:4c:fa:ec:8c:d9:52:53:b4:54:6f:fb:2a:
                    ce:04:5c:8f:35:e0:12:5f:a2:d1:a3:96:fc:20:38:
                    4f:07:0e:b2:25:bc:24:33:cd:9d:11:0d:82:ff:95:
                    35:f6:91:fd:4e:60:3f:2a:96:72:55:75:67:4d:ab:
                    27:b6:5b:4a:17:45:3b:f3:36:7e:fe:97:2d:59:ec:
                    73:f4:82:72:1a:b0:e5:d8:58:f8:04:c5:b9:8e:85:
                    a8:a1:6f:a3:29:b9:c1:ee:f4:b0:f9:87:ed:08:c9:
                    2c:aa:a7:c3:9d:1b:e6:ff:c4:d4:2d:54:39:2a:75:
                    4a:94:df:ee:07:7f:d1:f3:dd:ba:0e:ac:01:9c:6c:
                    bc:90:05:dc:17:03:9b:f7:40:fc:6f:77:83:9e:39:
                    f7:40:17:ac:87:de:55:18:a7:47:6f:ba:67:01:32:
                    a6:21:49:16:a5:e8:31:a3:91:ac:29:27:8d:5b:73:
                    16:62:38:77:04:bf:06:64:0d:41:b4:48:61:c0:64:
                    9e:51:77:82:b8:bc:71:59:80:1e:d0:59:8e:cd:92:
                    6f:88:3b:88:86:00:7f:5b:ff:74:1e:34:0b:4c:e4:
                    5a:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:BC:21:34:B6:63:E5:8B:F7:A1:90:54:56:F5:B8:30:5C:7A:66:B4
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4ee89831-18c3-4da5-bc96-7e36365a729d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  100.28.208.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ca:aa:46:7c:d2:53:05:76:27:e4:3a:cf:10:6e:f4:39:a0:af:
         a8:46:a0:08:db:a9:82:b8:fb:03:da:5e:2c:74:43:2e:8f:62:
         1b:0c:5d:ae:7f:26:69:b2:fd:a5:ea:f7:28:91:e2:4d:1f:90:
         f5:8d:bc:90:61:87:21:d8:ae:2a:75:79:06:33:73:c8:8b:9c:
         fa:29:b4:f8:69:31:6b:bc:73:4a:52:f5:89:b5:7a:a6:2c:ed:
         51:57:c2:12:b9:8b:1b:2f:dd:e3:73:9b:d3:98:e7:c2:7f:fd:
         ee:6d:e1:c4:a0:7d:5a:88:40:01:e8:8d:72:97:9b:98:d9:11:
         a3:11:13:2a:5c:e9:98:e6:02:d1:21:9d:a8:82:44:e1:53:af:
         96:53:4c:35:a3:c4:ef:00:fb:3b:d0:22:11:7b:3b:22:03:f5:
         81:5d:e8:b8:eb:09:f2:66:a7:2f:97:d6:98:d9:e5:98:d6:4d:
         12:45:8d:d9:0c:2c:08:38:a9:8d:b4:df:a8:99:36:51:a5:54:
         09:a1:fe:e7:73:6c:5d:8f:ca:09:c4:b6:3d:c1:ac:ae:95:54:
         20:fb:80:3d:14:53:3a:63:2b:96:61:ce:81:15:27:9a:ba:66:
         3d:33:b8:de:f3:26:6a:c6:f7:bc:21:51:0c:45:7f:e6:95:40:
         69:5f:f7:9a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUHLLoH+ZGub/C7PlAeGo4IYMOc0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDE0MDIwWhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BmNWJhN2U0NzY4NjBiNzY2Yjg3NmExMDEzM2UxZDkyNmZi
MmIwZTIwYzZiZTIzZmJjOGM4ZTZjMDEzZTFjMzM5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDNpmV4XyDxdSpL2Qltof+3pnA8VwqQJI8kxbsDjteDhkz6
7IzZUlO0VG/7Ks4EXI814BJfotGjlvwgOE8HDrIlvCQzzZ0RDYL/lTX2kf1OYD8q
lnJVdWdNqye2W0oXRTvzNn7+ly1Z7HP0gnIasOXYWPgExbmOhaihb6MpucHu9LD5
h+0IySyqp8OdG+b/xNQtVDkqdUqU3+4Hf9Hz3boOrAGcbLyQBdwXA5v3QPxvd4Oe
OfdAF6yH3lUYp0dvumcBMqYhSRal6DGjkawpJ41bcxZiOHcEvwZkDUG0SGHAZJ5R
d4K4vHFZgB7QWY7Nkm+IO4iGAH9b/3QeNAtM5FqFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUuLwhNLZj5Yv3oZBUVvW4MFx6ZrQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRlZTg5ODMxLTE4YzMtNGRhNS1iYzk2LTdlMzYzNjVhNzI5ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFkHNAwDQYJKoZIhvcNAQELBQADggEBAMqqRnzSUwV2J+Q6zxBu9Dmgr6hG
oAjbqYK4+wPaXix0Qy6PYhsMXa5/Jmmy/aXq9yiR4k0fkPWNvJBhhyHYrip1eQYz
c8iLnPoptPhpMWu8c0pS9Ym1eqYs7VFXwhK5ixsv3eNzm9OY58J//e5t4cSgfVqI
QAHojXKXm5jZEaMREypc6ZjmAtEhnaiCROFTr5ZTTDWjxO8A+zvQIhF7OyID9YFd
6LjrCfJmpy+X1pjZ5ZjWTRJFjdkMLAg4qY2036iZNlGlVAmh/udzbF2PygnEtj3B
rK6VVCD7gD0UUzpjK5ZhzoEVJ5q6Zj0zuN7zJmrG97whUQxFf+aVQGlf95o=
-----END CERTIFICATE-----