This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/86854fd8-2d2b-4d47-96ba-9c104a4b28a8.roa
File:                     86854fd8-2d2b-4d47-96ba-9c104a4b28a8.roa (raw, json)
Hash identifier:          HK2Drw99kzpLRq34dMar286Mk2jRDnYyGZ7rHPLS1iU=
Subject key identifier:   E6:22:7B:24:FC:E3:37:58:14:1C:E2:03:1B:F2:5E:67:DB:BA:B1:A7
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       350315AC918B8AAA27C6A2A30707C9AC92AC2C31
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/86854fd8-2d2b-4d47-96ba-9c104a4b28a8.roa
Signing time:             Wed 12 Nov 2025 00:30:10 +0000
ROA not before:           Wed 12 Nov 2025 00:30:10 +0000
ROA not after:            Wed 17 Dec 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        23.21.64.0/18 maxlen: 18
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:03:15:ac:91:8b:8a:aa:27:c6:a2:a3:07:07:c9:ac:92:ac:2c:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 12 00:30:10 2025 GMT
            Not After : Dec 17 23:59:59 2025 GMT
        Subject: serialNumber=bddbcd117102c58e2ea852ea154ae5b658444678a4745de13327a4ad851edba7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:59:2e:26:c1:81:ae:bf:6b:f1:f7:a2:93:24:
                    51:bb:b1:07:f9:b4:ca:f4:5b:9a:73:58:43:84:1d:
                    c8:52:83:10:a8:9d:3e:69:18:58:56:6d:04:69:7d:
                    0c:4c:47:7a:19:93:50:1e:78:4e:33:a5:9f:5b:cc:
                    a2:98:c8:13:80:0c:6e:62:87:e8:95:0a:bf:47:0d:
                    23:c2:30:1d:22:42:36:73:8a:64:0c:64:68:b7:84:
                    53:3b:2f:ec:88:2c:d9:cd:54:e9:af:08:a5:13:78:
                    9a:a1:f6:69:d5:b0:5d:80:91:49:b7:ac:2e:c1:bf:
                    d2:35:41:8f:52:be:85:38:ae:90:ff:a4:cb:bb:54:
                    39:b1:ef:f0:5f:40:08:58:5e:d7:f5:9d:5d:73:a6:
                    ab:2e:3f:81:fc:54:c5:50:3a:b4:19:ae:8b:98:04:
                    43:69:5d:b9:29:14:5f:f1:9d:d1:c6:2e:64:81:c2:
                    d4:97:f9:d6:f8:81:1d:17:d5:9b:84:3d:50:13:6d:
                    61:05:12:05:a0:43:ce:0e:a5:27:62:51:a0:a9:d0:
                    bd:3a:ae:02:36:6a:13:85:fd:29:e9:6f:06:4a:41:
                    00:f7:99:8b:67:8f:75:b9:b8:f6:c1:4c:3f:b7:34:
                    d3:b2:20:b1:c0:bb:54:1f:d3:bd:6f:13:87:f7:6f:
                    f5:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:22:7B:24:FC:E3:37:58:14:1C:E2:03:1B:F2:5E:67:DB:BA:B1:A7
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/86854fd8-2d2b-4d47-96ba-9c104a4b28a8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.21.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         00:52:d7:15:e1:a1:10:75:33:3c:cd:e3:0d:1f:5b:dc:6b:f6:
         cc:fd:ae:99:04:5a:cc:1a:c7:ca:ab:0d:c3:c5:5d:ed:80:d4:
         68:7b:74:1f:be:4e:f3:ca:5b:6b:85:68:11:39:fa:8f:91:a8:
         2f:32:7d:38:d3:3c:a0:b6:dd:c7:ff:2d:c2:3f:b0:68:32:35:
         0a:40:6a:84:5b:0e:a7:03:a9:bb:c7:a0:c3:e5:e2:b8:ad:d8:
         ca:44:8f:b3:10:13:24:f5:50:03:c4:9d:18:f3:1b:d3:16:db:
         c7:8d:16:15:ee:48:db:51:6e:aa:ce:6f:bc:89:b2:e7:49:26:
         29:f0:23:3e:51:50:49:4c:2e:36:88:f8:97:fd:27:5a:bd:52:
         8b:5b:0d:86:68:d0:5d:62:ed:89:0a:f7:8f:8b:8a:12:10:15:
         f2:8b:c4:71:6e:6e:d9:61:fa:72:db:62:f5:7b:c7:9c:7f:5d:
         a5:66:b6:a9:68:2b:24:65:a4:50:70:54:34:0f:bf:ff:e4:d9:
         a0:7d:d5:f8:d5:f8:fe:d5:76:0e:fb:a6:4a:b0:79:13:13:73:
         59:37:a5:34:89:a2:12:2d:66:0c:23:70:1f:37:75:c9:43:ce:
         c9:6a:f1:01:9a:63:23:8c:7c:2f:5a:e2:4c:cc:ae:9c:df:fc:
         f3:72:b0:36
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNQMVrJGLiqonxqKjBwfJrJKsLDEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEyMDAzMDEwWhcNMjUxMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BiZGRiY2QxMTcxMDJjNThlMmVhODUyZWExNTRhZTViNjU4
NDQ0Njc4YTQ3NDVkZTEzMzI3YTRhZDg1MWVkYmE3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDaWS4mwYGuv2vx96KTJFG7sQf5tMr0W5pzWEOEHchSgxCo
nT5pGFhWbQRpfQxMR3oZk1AeeE4zpZ9bzKKYyBOADG5ih+iVCr9HDSPCMB0iQjZz
imQMZGi3hFM7L+yILNnNVOmvCKUTeJqh9mnVsF2AkUm3rC7Bv9I1QY9SvoU4rpD/
pMu7VDmx7/BfQAhYXtf1nV1zpqsuP4H8VMVQOrQZrouYBENpXbkpFF/xndHGLmSB
wtSX+db4gR0X1ZuEPVATbWEFEgWgQ84OpSdiUaCp0L06rgI2ahOF/SnpbwZKQQD3
mYtnj3W5uPbBTD+3NNOyILHAu1Qf071vE4f3b/V7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU5iJ7JPzjN1gUHOIDG/JeZ9u6sacwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg2ODU0ZmQ4LTJkMmItNGQ0Ny05NmJhLTljMTA0YTRiMjhhOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAYXFUAwDQYJKoZIhvcNAQELBQADggEBAABS1xXhoRB1MzzN4w0fW9xr9sz9
rpkEWswax8qrDcPFXe2A1Gh7dB++TvPKW2uFaBE5+o+RqC8yfTjTPKC23cf/LcI/
sGgyNQpAaoRbDqcDqbvHoMPl4rit2MpEj7MQEyT1UAPEnRjzG9MW28eNFhXuSNtR
bqrOb7yJsudJJinwIz5RUElMLjaI+Jf9J1q9UotbDYZo0F1i7YkK94+LihIQFfKL
xHFubtlh+nLbYvV7x5x/XaVmtqloKyRlpFBwVDQPv//k2aB91fjV+P7Vdg77pkqw
eRMTc1k3pTSJohItZgwjcB83dclDzslq8QGaYyOMfC9a4kzMrpzf/PNysDY=
-----END CERTIFICATE-----