This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/75d3c24e-bab6-4a1e-bc0d-905737818427.roa
File:                     75d3c24e-bab6-4a1e-bc0d-905737818427.roa (raw, json)
Hash identifier:          djQh3foIPXPbTrqgL/OmoyZ9+pdEtN2/04jIL6NrjFY=
Subject key identifier:   B9:EC:9C:38:51:32:86:7F:25:D8:A6:2B:A6:76:87:03:C0:66:9D:F0
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       79087BBD5CCAC96042C9B07A32F9F83601E7CB92
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/75d3c24e-bab6-4a1e-bc0d-905737818427.roa
Signing time:             Wed 12 Nov 2025 00:31:48 +0000
ROA not before:           Wed 12 Nov 2025 00:31:48 +0000
ROA not after:            Wed 17 Dec 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        204.236.224.0/20 maxlen: 20
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:08:7b:bd:5c:ca:c9:60:42:c9:b0:7a:32:f9:f8:36:01:e7:cb:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 12 00:31:48 2025 GMT
            Not After : Dec 17 23:59:59 2025 GMT
        Subject: serialNumber=3802cf2c4a9150be8c4085552e016e9fcfe239093b616097e6dc87e189e56c68, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:c4:e4:85:aa:6d:01:bd:95:86:54:81:f8:92:
                    1e:0b:01:28:eb:a3:a8:aa:3a:67:10:dc:02:70:7c:
                    a7:36:16:78:7b:1e:56:cf:1a:7f:5f:62:e6:25:74:
                    16:46:a2:01:aa:82:1f:48:26:0f:e0:75:52:57:c5:
                    ab:52:cc:fa:f9:28:db:dd:3b:56:f6:c7:95:cd:79:
                    4e:f7:fe:3a:a2:7a:af:fc:81:40:39:78:e1:7a:e6:
                    99:a3:bd:b5:21:ca:7c:67:cc:18:c9:2d:c4:65:0b:
                    f6:55:41:51:80:0b:6c:14:ef:c0:fc:8c:a9:02:e1:
                    32:f1:d5:05:83:10:32:bb:5d:bb:8f:4d:f0:ac:5d:
                    eb:92:0c:24:3e:60:b0:30:7a:e9:f8:c0:a4:f1:12:
                    f8:44:0c:3a:0f:01:65:95:a3:b0:16:17:4a:ab:39:
                    19:29:06:8c:93:a9:b1:55:9d:dd:e5:65:69:78:72:
                    34:69:16:5c:0f:16:70:68:1d:6f:13:2d:98:8a:fb:
                    bc:60:27:47:0f:a8:6e:0a:8d:6b:d5:a1:30:0f:0f:
                    91:90:3f:07:a8:f3:8b:59:f0:58:40:7c:35:31:51:
                    b5:ad:a8:53:28:fc:c1:4d:e4:2f:6a:91:cc:a4:97:
                    20:df:61:69:99:7e:95:b1:4d:f7:54:a0:36:b3:f6:
                    52:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:EC:9C:38:51:32:86:7F:25:D8:A6:2B:A6:76:87:03:C0:66:9D:F0
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/75d3c24e-bab6-4a1e-bc0d-905737818427.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  204.236.224.0/20

    Signature Algorithm: sha256WithRSAEncryption
         91:18:39:03:d6:ef:5a:ed:0d:f7:97:80:a0:bf:cc:fb:d4:2b:
         de:d6:4f:b9:57:a6:dc:71:70:ac:1d:b2:cf:3b:60:3e:f7:1e:
         7f:4d:97:ca:49:4c:96:80:fe:3a:a6:c7:b6:00:3d:b4:ad:26:
         0c:15:0c:70:d4:dc:51:29:8d:d3:a6:c1:1e:99:9c:23:09:d0:
         13:c2:b1:35:1f:8e:4d:db:33:ca:c1:a6:ad:85:d9:d6:52:8f:
         95:13:00:61:53:c8:84:03:5f:9c:f3:d3:23:e0:92:e1:ed:c7:
         a3:09:d3:50:e1:39:8b:16:b1:15:82:5e:a6:e2:fb:c5:9e:1c:
         21:4c:92:03:c8:6b:26:76:32:ea:1e:0e:ef:60:e7:f5:a3:73:
         d8:1f:f9:a6:8c:e4:0c:f9:96:61:0d:2b:1e:cf:3c:47:c4:f9:
         e5:6a:e2:ba:c4:df:61:c7:3f:ca:c5:f5:1c:42:b3:63:a7:c1:
         05:77:cc:3e:54:5e:1f:ae:69:8d:06:01:0d:21:8d:ec:aa:07:
         df:09:49:6f:ca:3e:d7:0b:c4:14:eb:4e:53:c5:fd:6d:34:72:
         ff:0c:f4:82:2a:ac:ba:23:1c:ec:ce:31:97:65:25:43:1a:29:
         af:eb:aa:5c:d8:c5:27:3a:aa:2c:68:a9:64:a4:a3:66:51:5a:
         0f:c2:fb:5d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUeQh7vVzKyWBCybB6Mvn4NgHny5IwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEyMDAzMTQ4WhcNMjUxMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AzODAyY2YyYzRhOTE1MGJlOGM0MDg1NTUyZTAxNmU5ZmNm
ZTIzOTA5M2I2MTYwOTdlNmRjODdlMTg5ZTU2YzY4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCuxOSFqm0BvZWGVIH4kh4LASjro6iqOmcQ3AJwfKc2Fnh7
HlbPGn9fYuYldBZGogGqgh9IJg/gdVJXxatSzPr5KNvdO1b2x5XNeU73/jqieq/8
gUA5eOF65pmjvbUhynxnzBjJLcRlC/ZVQVGAC2wU78D8jKkC4TLx1QWDEDK7XbuP
TfCsXeuSDCQ+YLAweun4wKTxEvhEDDoPAWWVo7AWF0qrORkpBoyTqbFVnd3lZWl4
cjRpFlwPFnBoHW8TLZiK+7xgJ0cPqG4KjWvVoTAPD5GQPweo84tZ8FhAfDUxUbWt
qFMo/MFN5C9qkcyklyDfYWmZfpWxTfdUoDaz9lKJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUueycOFEyhn8l2KYrpnaHA8BmnfAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc1ZDNjMjRlLWJhYjYtNGExZS1iYzBkLTkwNTczNzgxODQyNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBATM7OAwDQYJKoZIhvcNAQELBQADggEBAJEYOQPW71rtDfeXgKC/zPvUK97W
T7lXptxxcKwdss87YD73Hn9Nl8pJTJaA/jqmx7YAPbStJgwVDHDU3FEpjdOmwR6Z
nCMJ0BPCsTUfjk3bM8rBpq2F2dZSj5UTAGFTyIQDX5zz0yPgkuHtx6MJ01DhOYsW
sRWCXqbi+8WeHCFMkgPIayZ2MuoeDu9g5/Wjc9gf+aaM5Az5lmENKx7PPEfE+eVq
4rrE32HHP8rF9RxCs2OnwQV3zD5UXh+uaY0GAQ0hjeyqB98JSW/KPtcLxBTrTlPF
/W00cv8M9IIqrLojHOzOMZdlJUMaKa/rqlzYxSc6qixoqWSko2ZRWg/C+10=
-----END CERTIFICATE-----