This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/76e74dd0-5733-4c2f-b500-2d75cab973be.roa
File:                     76e74dd0-5733-4c2f-b500-2d75cab973be.roa (raw, json)
Hash identifier:          7cRqp+k09/wUE7XD76WDSJfIyVdeJD/uwHCnoBWheVM=
Subject key identifier:   EF:0E:C8:F0:8A:26:8E:FE:75:C5:FC:AA:EA:E0:C9:7D:36:BF:31:F9
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       33C7E9925EEA618233D9D39D9FBA117878437485
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/76e74dd0-5733-4c2f-b500-2d75cab973be.roa
Signing time:             Sat 22 Nov 2025 01:00:11 +0000
ROA not before:           Sat 22 Nov 2025 01:00:11 +0000
ROA not after:            Fri 20 Feb 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        56.44.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            33:c7:e9:92:5e:ea:61:82:33:d9:d3:9d:9f:ba:11:78:78:43:74:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 22 01:00:11 2025 GMT
            Not After : Feb 20 23:59:59 2026 GMT
        Subject: serialNumber=a86458707724bfabf1b04fee1498d59dc31e1046414b7889900d81646a36eebb, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:7f:7a:b5:a2:0f:ba:de:1d:03:9c:21:c3:4b:
                    31:25:d4:fc:d2:c9:d0:1d:f4:26:09:84:10:8b:47:
                    91:1f:78:01:88:9d:07:34:56:23:a2:8a:b1:52:a0:
                    d9:d3:3c:fa:f1:f5:b5:a2:4b:8f:28:a0:60:1d:ac:
                    89:0e:ec:3a:7f:33:d9:66:2a:9c:58:43:1b:fb:fb:
                    1f:69:9b:02:72:fd:9f:96:a3:ad:62:b1:cb:33:8b:
                    8f:16:8c:13:fb:1a:be:2a:4d:2a:79:9e:53:6d:16:
                    d7:62:74:7a:79:df:3e:72:85:e5:bf:60:0a:91:f7:
                    f8:51:b4:5a:e4:4f:0a:da:d0:28:56:a6:d9:c3:73:
                    12:f4:20:cd:ab:e2:94:27:d3:6b:e6:87:cc:ef:03:
                    de:f0:fa:3d:29:7c:95:c0:55:eb:d3:94:78:88:ac:
                    e1:f2:55:34:d5:4f:98:ff:76:f6:36:38:c1:7f:13:
                    c5:30:dc:e5:21:1e:9e:23:29:33:9f:b2:b8:07:26:
                    38:22:cd:a5:1b:f4:17:db:00:82:d4:da:6a:35:aa:
                    58:5a:fb:36:e0:19:fd:0a:53:fd:9a:1a:a0:b5:27:
                    17:36:79:ff:69:1b:dd:59:d1:1f:61:38:b8:ef:2f:
                    bf:03:2c:da:16:f7:fa:79:82:d8:52:fb:b6:41:86:
                    92:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:0E:C8:F0:8A:26:8E:FE:75:C5:FC:AA:EA:E0:C9:7D:36:BF:31:F9
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/76e74dd0-5733-4c2f-b500-2d75cab973be.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.44.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         1f:b9:11:1f:30:90:b6:c3:ac:95:4a:0e:cf:68:bf:56:39:35:
         4e:c1:30:29:0b:62:da:f7:cd:cd:e9:67:c1:3f:ab:01:d0:03:
         6c:59:38:39:e6:ff:17:20:11:ed:36:c2:ee:f5:4a:bb:84:e0:
         e5:a2:18:18:9a:01:34:46:c9:a8:e1:65:56:da:eb:71:4c:53:
         7a:2b:d3:70:97:7a:fa:05:6e:e1:66:ad:13:23:6f:53:e5:b5:
         43:f2:7c:6b:72:1d:f1:62:da:10:91:c6:c4:5b:80:18:e8:2b:
         28:95:a6:f0:db:a8:cd:27:46:75:72:ed:cc:d4:1f:d9:1f:72:
         67:12:c4:27:b0:b0:ae:5b:3a:ed:93:16:5e:c1:82:86:ab:a5:
         93:55:8f:86:77:0a:48:fe:cc:b2:91:26:e1:25:73:d1:82:af:
         0d:2a:28:c0:fb:73:0f:25:81:2d:9a:6c:17:ab:ef:a8:0e:67:
         f5:c2:b0:77:00:0c:5d:56:6b:89:45:2c:a1:83:dd:c9:9b:81:
         7b:a5:c6:ce:e1:86:a2:3e:ac:75:2b:f4:3f:8a:cd:84:30:22:
         b3:b4:10:1f:b0:b6:6f:1a:b3:75:45:d9:c8:9e:7b:fa:38:a3:
         a0:42:4e:f3:e4:d4:27:7e:b2:a2:7c:6c:75:ef:59:95:82:de:
         ee:01:80:50
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUM8fpkl7qYYIz2dOdn7oReHhDdIUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTIyMDEwMDExWhcNMjYwMjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0BhODY0NTg3MDc3MjRiZmFiZjFiMDRmZWUxNDk4ZDU5ZGMz
MWUxMDQ2NDE0Yjc4ODk5MDBkODE2NDZhMzZlZWJiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3f3q1og+63h0DnCHDSzEl1PzSydAd9CYJhBCLR5EfeAGI
nQc0ViOiirFSoNnTPPrx9bWiS48ooGAdrIkO7Dp/M9lmKpxYQxv7+x9pmwJy/Z+W
o61iscszi48WjBP7Gr4qTSp5nlNtFtdidHp53z5yheW/YAqR9/hRtFrkTwra0ChW
ptnDcxL0IM2r4pQn02vmh8zvA97w+j0pfJXAVevTlHiIrOHyVTTVT5j/dvY2OMF/
E8Uw3OUhHp4jKTOfsrgHJjgizaUb9BfbAILU2mo1qlha+zbgGf0KU/2aGqC1Jxc2
ef9pG91Z0R9hOLjvL78DLNoW9/p5gthS+7ZBhpJhAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU7w7I8Iomjv51xfyq6uDJfTa/MfkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc2ZTc0ZGQwLTU3MzMtNGMyZi1iNTAwLTJkNzVjYWI5NzNiZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4LDANBgkqhkiG9w0BAQsFAAOCAQEAH7kRHzCQtsOslUoOz2i/Vjk1TsEw
KQti2vfNzelnwT+rAdADbFk4Oeb/FyAR7TbC7vVKu4Tg5aIYGJoBNEbJqOFlVtrr
cUxTeivTcJd6+gVu4WatEyNvU+W1Q/J8a3Id8WLaEJHGxFuAGOgrKJWm8NuozSdG
dXLtzNQf2R9yZxLEJ7Cwrls67ZMWXsGChqulk1WPhncKSP7MspEm4SVz0YKvDSoo
wPtzDyWBLZpsF6vvqA5n9cKwdwAMXVZriUUsoYPdyZuBe6XGzuGGoj6sdSv0P4rN
hDAis7QQH7C2bxqzdUXZyJ57+jijoEJO8+TUJ36yonxsde9ZlYLe7gGAUA==
-----END CERTIFICATE-----