This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9e3973a0-6f9e-4d6a-981e-b0146a441803.roa
File:                     9e3973a0-6f9e-4d6a-981e-b0146a441803.roa (raw, json)
Hash identifier:          yhcExun3XLvsYej+dR+HAQvStk9mbvC7AkMULOZ2gGc=
Subject key identifier:   F1:C2:E9:95:FE:27:CA:E0:88:8B:FB:15:6B:20:3C:14:67:76:A4:12
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0E7C0EE048D64AB90EEF61C44022AEB582BF7E36
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9e3973a0-6f9e-4d6a-981e-b0146a441803.roa
Signing time:             Sat 22 Nov 2025 00:51:00 +0000
ROA not before:           Sat 22 Nov 2025 00:51:00 +0000
ROA not after:            Fri 20 Feb 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.236.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:7c:0e:e0:48:d6:4a:b9:0e:ef:61:c4:40:22:ae:b5:82:bf:7e:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 22 00:51:00 2025 GMT
            Not After : Feb 20 23:59:59 2026 GMT
        Subject: serialNumber=87f2786b6b2bfe2880f6d86082f75a46ce97aa4830c3d28c78d3a2955a129257, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:28:c9:57:c5:79:69:b6:68:de:07:a1:c0:11:
                    aa:75:fb:a8:0e:69:33:f7:31:d3:ea:1b:1a:2e:91:
                    39:06:f1:7e:72:c4:54:ea:d2:75:01:5b:68:51:2b:
                    16:c8:c5:9e:20:df:b7:34:ee:3c:37:36:30:68:a1:
                    8f:d1:de:a0:56:9e:d8:1d:4a:7d:84:d5:0e:db:b6:
                    26:05:35:b5:9e:58:03:36:e4:96:93:eb:84:0f:c5:
                    10:83:10:2d:37:12:7a:ae:1d:80:87:db:7c:0f:e1:
                    7b:77:82:c0:c6:85:29:d1:03:18:dc:4b:83:bf:f7:
                    20:3b:25:82:6f:e8:e8:8e:5f:c4:a0:3d:30:f9:70:
                    73:05:93:f2:07:d0:e6:b3:38:31:69:d0:40:2d:61:
                    33:a0:b0:77:5e:32:50:f4:f2:65:3b:72:a7:f3:b4:
                    90:53:16:33:5c:1c:b1:fc:01:a0:d3:aa:1f:23:2e:
                    2d:c8:20:ea:68:1e:90:f6:7a:54:e1:34:6c:74:91:
                    f5:25:d1:3e:bd:7c:70:4b:39:30:30:f9:55:a5:9b:
                    4e:84:30:b5:5a:44:bf:21:a6:16:79:f4:88:50:a4:
                    f1:a4:d0:05:6a:29:10:a9:53:26:36:c2:c7:75:8f:
                    25:7e:cd:ca:06:7c:1b:90:c8:f0:f7:3b:23:72:f4:
                    a6:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:C2:E9:95:FE:27:CA:E0:88:8B:FB:15:6B:20:3C:14:67:76:A4:12
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9e3973a0-6f9e-4d6a-981e-b0146a441803.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.236.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:2e:53:23:e8:9d:da:a2:86:88:32:85:11:d8:78:da:96:b4:
         c7:73:1a:5c:2d:a0:d4:65:94:71:5e:a4:92:77:a4:8b:c7:cb:
         82:a7:1f:e3:27:48:d5:c1:f7:8f:65:a3:a5:2c:22:94:ff:1f:
         e8:ab:c1:94:51:cb:08:e0:6c:15:7d:c7:19:d9:15:92:c6:22:
         a5:b4:65:93:b9:7e:ad:e8:ce:e2:74:27:8d:b1:7f:d9:b9:d5:
         2c:8c:fa:83:19:c3:9d:34:a4:1e:53:ab:0f:58:ca:75:35:4d:
         b7:f2:f8:d7:eb:63:04:df:c8:c1:d7:0d:95:48:4f:82:86:cb:
         0d:fd:e7:85:69:e3:57:1f:1f:8d:34:8d:d2:70:ef:fa:80:8c:
         98:61:e9:d1:37:5c:01:1e:bc:b8:7c:68:9c:1f:71:93:61:d0:
         28:f2:fb:37:28:21:2f:a9:d3:b4:26:f3:e7:19:e3:b9:d2:a1:
         80:27:59:46:10:c2:f7:ba:4d:54:df:7e:ce:68:aa:92:ba:2b:
         ea:cd:2e:6b:53:0a:53:5f:f1:8f:e5:e0:9e:b6:be:b6:92:3d:
         a8:e1:63:d0:3c:16:67:2a:78:e5:30:67:cd:53:69:d3:b8:d6:
         5d:37:75:23:94:83:fd:99:59:23:31:a3:ac:7b:b0:ec:89:da:
         2b:3e:33:97
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDnwO4EjWSrkO72HEQCKutYK/fjYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTIyMDA1MTAwWhcNMjYwMjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A4N2YyNzg2YjZiMmJmZTI4ODBmNmQ4NjA4MmY3NWE0NmNl
OTdhYTQ4MzBjM2QyOGM3OGQzYTI5NTVhMTI5MjU3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDcKMlXxXlptmjeB6HAEap1+6gOaTP3MdPqGxoukTkG8X5y
xFTq0nUBW2hRKxbIxZ4g37c07jw3NjBooY/R3qBWntgdSn2E1Q7btiYFNbWeWAM2
5JaT64QPxRCDEC03EnquHYCH23wP4Xt3gsDGhSnRAxjcS4O/9yA7JYJv6OiOX8Sg
PTD5cHMFk/IH0OazODFp0EAtYTOgsHdeMlD08mU7cqfztJBTFjNcHLH8AaDTqh8j
Li3IIOpoHpD2elThNGx0kfUl0T69fHBLOTAw+VWlm06EMLVaRL8hphZ59IhQpPGk
0AVqKRCpUyY2wsd1jyV+zcoGfBuQyPD3OyNy9KZJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU8cLplf4nyuCIi/sVayA8FGd2pBIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzllMzk3M2EwLTZmOWUtNGQ2YS05ODFlLWIwMTQ2YTQ0MTgwMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTewwDQYJKoZIhvcNAQELBQADggEBABouUyPondqihogyhRHYeNqWtMdz
GlwtoNRllHFepJJ3pIvHy4KnH+MnSNXB949lo6UsIpT/H+irwZRRywjgbBV9xxnZ
FZLGIqW0ZZO5fq3ozuJ0J42xf9m51SyM+oMZw500pB5Tqw9YynU1Tbfy+NfrYwTf
yMHXDZVIT4KGyw3954Vp41cfH400jdJw7/qAjJhh6dE3XAEevLh8aJwfcZNh0Cjy
+zcoIS+p07Qm8+cZ47nSoYAnWUYQwve6TVTffs5oqpK6K+rNLmtTClNf8Y/l4J62
vraSPajhY9A8FmcqeOUwZ81TadO41l03dSOUg/2ZWSMxo6x7sOyJ2is+M5c=
-----END CERTIFICATE-----