This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9296230d-b510-447f-8d60-91a5403453bc.roa
File:                     9296230d-b510-447f-8d60-91a5403453bc.roa (raw, json)
Hash identifier:          bv7sNQAzzCc/pbwn4xpaEHlbpV3AuQYD6EnwDvpUeD0=
Subject key identifier:   A1:C2:28:EC:3F:BB:53:0E:E9:1A:58:94:64:A0:FA:46:43:FE:12:D9
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0E7C3C99B3708B3FD339DC6448B946500B8B80AE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9296230d-b510-447f-8d60-91a5403453bc.roa
Signing time:             Tue 11 Nov 2025 00:21:14 +0000
ROA not before:           Tue 11 Nov 2025 00:21:14 +0000
ROA not after:            Tue 16 Dec 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        107.21.64.0/20 maxlen: 20
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:7c:3c:99:b3:70:8b:3f:d3:39:dc:64:48:b9:46:50:0b:8b:80:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 11 00:21:14 2025 GMT
            Not After : Dec 16 23:59:59 2025 GMT
        Subject: serialNumber=3b8fdd94c0fac9b3acb739c62b9086c6e40d295e48831d587561037494715cdd, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:8e:2d:4c:8c:4b:5f:c7:9c:b5:3a:ad:27:2a:
                    e2:21:4e:3d:43:d9:2e:79:ed:b7:63:6c:e7:53:d8:
                    d5:ec:85:92:ee:41:ce:29:54:2b:91:ab:fb:6f:fa:
                    ec:81:ed:06:ef:b8:34:7a:d2:b4:34:9d:64:f4:f0:
                    42:2c:cd:ce:bc:38:cb:40:ae:3d:fa:e6:6e:31:a9:
                    49:2a:b6:f7:06:24:dc:fc:3a:b2:7f:93:68:bb:ab:
                    2f:4a:98:3d:d1:19:48:44:6a:fc:29:4f:e3:c5:dc:
                    34:2a:5e:64:8b:44:8b:7f:d8:27:1e:61:33:18:80:
                    40:ef:01:51:5f:67:07:cd:e2:d8:ab:8a:2d:15:44:
                    55:bf:a4:23:40:03:bd:9f:8f:08:47:81:d1:d7:49:
                    43:05:e0:94:9b:71:03:dd:bb:a8:e5:3c:8e:29:20:
                    5a:ca:f2:aa:aa:04:15:0f:1b:7d:9c:f3:4e:3e:3e:
                    fa:f7:80:4b:ec:76:16:2a:c1:89:e1:8c:ce:d4:8a:
                    3e:65:4f:70:f2:8e:24:a2:2f:f4:92:e5:34:3c:0b:
                    f8:7a:0e:b7:82:ff:8b:8a:ab:a9:d5:6c:c1:c7:c9:
                    34:83:0d:e2:10:7a:be:3b:1e:a0:41:e3:72:7d:dc:
                    56:59:60:b2:62:a9:97:c2:61:48:81:ff:2c:82:7a:
                    b5:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:C2:28:EC:3F:BB:53:0E:E9:1A:58:94:64:A0:FA:46:43:FE:12:D9
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9296230d-b510-447f-8d60-91a5403453bc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  107.21.64.0/20

    Signature Algorithm: sha256WithRSAEncryption
         6d:e7:6d:d8:66:7e:f3:7e:20:fe:c7:1a:eb:b9:4d:8b:0d:13:
         88:6b:38:7d:c4:15:5e:8b:73:4a:cd:11:35:b8:2b:45:02:04:
         80:e4:62:c7:9f:15:aa:5a:b9:30:cf:e6:f6:31:11:bd:bc:17:
         e7:c8:98:3b:b0:81:2f:cb:08:28:29:7b:a2:19:4a:19:51:0e:
         18:60:3e:84:77:c0:2d:c5:f6:da:d3:6e:2b:85:c0:9c:c4:25:
         4c:f4:a5:99:17:51:65:a7:cf:de:df:76:08:22:3a:cf:3e:fb:
         7f:d8:63:2c:5f:41:68:8b:e4:a3:74:98:25:bf:97:2c:6d:55:
         b8:66:3c:2f:1d:3d:2b:59:7e:ca:00:bf:4f:26:e3:b1:20:d1:
         60:cd:3a:6a:82:5e:62:b2:69:dc:6e:2a:b3:f0:b9:87:4b:0c:
         c8:35:a1:e9:02:89:47:08:f6:28:8b:d5:e4:86:75:27:b2:2e:
         7b:a3:bf:0f:71:1a:68:ff:7a:67:29:58:a6:59:fe:91:55:1d:
         98:77:19:e8:11:90:13:54:80:ff:b3:1b:d2:11:37:75:2b:67:
         ce:5b:dc:8f:da:ff:25:8c:cb:c4:0f:ac:75:62:4d:35:96:0f:
         48:10:48:da:34:1c:73:81:fd:4d:bb:c0:d8:1e:61:a9:59:1e:
         62:e6:be:e6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDnw8mbNwiz/TOdxkSLlGUAuLgK4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDAyMTE0WhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0AzYjhmZGQ5NGMwZmFjOWIzYWNiNzM5YzYyYjkwODZjNmU0
MGQyOTVlNDg4MzFkNTg3NTYxMDM3NDk0NzE1Y2RkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCdji1MjEtfx5y1Oq0nKuIhTj1D2S557bdjbOdT2NXshZLu
Qc4pVCuRq/tv+uyB7QbvuDR60rQ0nWT08EIszc68OMtArj365m4xqUkqtvcGJNz8
OrJ/k2i7qy9KmD3RGUhEavwpT+PF3DQqXmSLRIt/2CceYTMYgEDvAVFfZwfN4tir
ii0VRFW/pCNAA72fjwhHgdHXSUMF4JSbcQPdu6jlPI4pIFrK8qqqBBUPG32c804+
Pvr3gEvsdhYqwYnhjM7Uij5lT3DyjiSiL/SS5TQ8C/h6DreC/4uKq6nVbMHHyTSD
DeIQer47HqBB43J93FZZYLJiqZfCYUiB/yyCerVtAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUocIo7D+7Uw7pGliUZKD6RkP+EtkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzkyOTYyMzBkLWI1MTAtNDQ3Zi04ZDYwLTkxYTU0MDM0NTNiYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBARrFUAwDQYJKoZIhvcNAQELBQADggEBAG3nbdhmfvN+IP7HGuu5TYsNE4hr
OH3EFV6Lc0rNETW4K0UCBIDkYsefFapauTDP5vYxEb28F+fImDuwgS/LCCgpe6IZ
ShlRDhhgPoR3wC3F9trTbiuFwJzEJUz0pZkXUWWnz97fdggiOs8++3/YYyxfQWiL
5KN0mCW/lyxtVbhmPC8dPStZfsoAv08m47Eg0WDNOmqCXmKyadxuKrPwuYdLDMg1
oekCiUcI9iiL1eSGdSeyLnujvw9xGmj/emcpWKZZ/pFVHZh3GegRkBNUgP+zG9IR
N3UrZ85b3I/a/yWMy8QPrHViTTWWD0gQSNo0HHOB/U27wNgeYalZHmLmvuY=
-----END CERTIFICATE-----