This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/99922d4f-b1fc-43d5-9674-a085ad312500.roa
File:                     99922d4f-b1fc-43d5-9674-a085ad312500.roa (raw, json)
Hash identifier:          fe7PNaH/2XczMwTslL2pM4oKTcqRZPa0uc55PKR7bCk=
Subject key identifier:   76:43:DF:DF:73:AE:02:5E:6A:65:EC:4D:EC:EA:D6:E9:F3:3F:93:65
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0C2CBFBE4FD7B423A0145F5A7B41A7E23120CB6C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/99922d4f-b1fc-43d5-9674-a085ad312500.roa
Signing time:             Tue 18 Nov 2025 00:10:30 +0000
ROA not before:           Tue 18 Nov 2025 00:10:30 +0000
ROA not after:            Mon 16 Feb 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        104.153.118.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:2c:bf:be:4f:d7:b4:23:a0:14:5f:5a:7b:41:a7:e2:31:20:cb:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 18 00:10:30 2025 GMT
            Not After : Feb 16 23:59:59 2026 GMT
        Subject: serialNumber=ac2bb0c0c619faac4fac36b3c14cbc926cfb59d70e8c96922df2a4ce207fca64, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:39:cb:93:cb:0f:7c:f3:8f:b3:04:70:9e:8a:
                    c3:a6:76:c9:70:ef:5f:3b:69:59:48:dd:0a:dc:0f:
                    70:30:b6:8b:3a:7a:22:40:58:ce:3b:ae:c6:9d:05:
                    22:e2:5c:d1:35:f9:bc:b5:5f:af:4e:f5:7e:5c:a2:
                    ad:5d:c9:e0:4f:f8:5d:ae:b5:d7:6c:80:06:86:23:
                    31:01:97:1d:e5:a9:3f:94:29:27:62:fd:0f:ad:0a:
                    15:8c:f1:b0:3d:ff:af:3a:50:f8:94:71:98:14:26:
                    94:fd:ed:ad:e8:e3:8d:5a:3b:29:84:80:d5:12:5b:
                    70:5f:fa:48:fb:68:ee:9a:3e:10:82:59:1b:a2:02:
                    28:d4:47:d6:b4:c2:cc:80:79:51:cc:d2:f1:7c:20:
                    54:52:bf:31:e3:65:03:db:79:a8:55:92:89:f0:5d:
                    c7:04:35:ce:2e:e5:6e:b6:48:8e:8f:5a:1e:a1:da:
                    cc:f2:b2:0a:78:ed:05:bb:b6:a4:2c:6c:52:5d:67:
                    f6:d8:c4:4c:7e:4c:df:e6:72:d9:38:b9:b0:c7:5d:
                    c6:0d:10:9b:92:5e:e6:3d:a0:2b:15:46:15:2b:43:
                    26:11:0e:3c:58:d1:ba:ed:6a:69:32:c0:e3:9d:8e:
                    8f:01:02:0d:29:4f:84:d7:5b:93:dd:d0:e0:e3:0a:
                    8c:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:43:DF:DF:73:AE:02:5E:6A:65:EC:4D:EC:EA:D6:E9:F3:3F:93:65
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/99922d4f-b1fc-43d5-9674-a085ad312500.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.153.118.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:bd:38:6f:63:76:05:88:c3:c2:7a:cd:e4:87:a8:1f:45:e5:
         cf:6f:ba:82:62:1d:ef:57:d9:83:5b:87:a7:61:96:ef:4f:08:
         0c:6f:94:ba:07:d8:28:11:5b:fb:ed:0e:6e:d9:53:9a:4a:15:
         5d:f8:c8:b8:be:45:2f:7c:66:84:61:72:1f:a4:6f:8f:98:16:
         e6:bb:a9:f4:7d:ab:a7:65:af:18:58:f7:59:3e:21:13:6c:cd:
         71:08:e5:8d:c1:c1:45:3d:92:8c:29:00:82:aa:16:df:64:21:
         8c:92:d5:4a:81:a6:e0:b1:ed:df:63:b3:46:15:8b:17:f4:15:
         33:80:27:2f:6a:14:b4:06:be:0c:ef:05:81:d6:ff:04:1f:f6:
         8e:b3:7a:d6:f1:64:b7:79:84:fb:f2:22:41:64:65:6f:3b:bd:
         e7:87:d4:87:17:7a:f4:a5:83:c1:54:4d:e8:aa:1d:9c:09:c8:
         35:62:2a:8a:00:85:e5:ed:9c:a5:22:8a:3b:5f:84:18:78:31:
         2c:a8:bd:04:aa:c0:d6:4f:d7:c5:88:0f:85:78:08:2b:b4:19:
         8c:f8:60:45:a2:19:68:57:6b:e1:0c:39:e2:f4:c0:4c:9f:cb:
         ff:6c:cc:20:43:45:bc:85:60:9e:a5:85:9e:c6:86:80:80:98:
         66:f8:70:11
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDCy/vk/XtCOgFF9ae0Gn4jEgy2wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTE4MDAxMDMwWhcNMjYwMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BhYzJiYjBjMGM2MTlmYWFjNGZhYzM2YjNjMTRjYmM5MjZj
ZmI1OWQ3MGU4Yzk2OTIyZGYyYTRjZTIwN2ZjYTY0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCSOcuTyw9884+zBHCeisOmdslw7187aVlI3QrcD3Awtos6
eiJAWM47rsadBSLiXNE1+by1X69O9X5coq1dyeBP+F2utddsgAaGIzEBlx3lqT+U
KSdi/Q+tChWM8bA9/686UPiUcZgUJpT97a3o441aOymEgNUSW3Bf+kj7aO6aPhCC
WRuiAijUR9a0wsyAeVHM0vF8IFRSvzHjZQPbeahVkonwXccENc4u5W62SI6PWh6h
2szysgp47QW7tqQsbFJdZ/bYxEx+TN/mctk4ubDHXcYNEJuSXuY9oCsVRhUrQyYR
DjxY0brtamkywOOdjo8BAg0pT4TXW5Pd0ODjCoxVAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUdkPf33OuAl5qZexN7OrW6fM/k2UwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk5OTIyZDRmLWIxZmMtNDNkNS05Njc0LWEwODVhZDMxMjUwMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABomXYwDQYJKoZIhvcNAQELBQADggEBAG69OG9jdgWIw8J6zeSHqB9F5c9v
uoJiHe9X2YNbh6dhlu9PCAxvlLoH2CgRW/vtDm7ZU5pKFV34yLi+RS98ZoRhch+k
b4+YFua7qfR9q6dlrxhY91k+IRNszXEI5Y3BwUU9kowpAIKqFt9kIYyS1UqBpuCx
7d9js0YVixf0FTOAJy9qFLQGvgzvBYHW/wQf9o6zetbxZLd5hPvyIkFkZW87veeH
1IcXevSlg8FUTeiqHZwJyDViKooAheXtnKUiijtfhBh4MSyovQSqwNZP18WID4V4
CCu0GYz4YEWiGWhXa+EMOeL0wEyfy/9szCBDRbyFYJ6lhZ7GhoCAmGb4cBE=
-----END CERTIFICATE-----