This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a1b30fd3-2d79-49fc-98d4-3015577eaba9.roa
File:                     a1b30fd3-2d79-49fc-98d4-3015577eaba9.roa (raw, json)
Hash identifier:          b5dGy44dYU32ll5SdY6lOM7/IELRq9v2B8EgeyvFTLc=
Subject key identifier:   42:36:91:ED:B9:04:95:55:3A:F5:E2:2A:86:A8:E8:F0:3C:AF:CA:8C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1856F9687EED58FBA167462873EE690F1540AA70
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a1b30fd3-2d79-49fc-98d4-3015577eaba9.roa
Signing time:             Tue 11 Nov 2025 01:10:58 +0000
ROA not before:           Tue 11 Nov 2025 01:10:58 +0000
ROA not after:            Tue 16 Dec 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        204.236.217.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:56:f9:68:7e:ed:58:fb:a1:67:46:28:73:ee:69:0f:15:40:aa:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 11 01:10:58 2025 GMT
            Not After : Dec 16 23:59:59 2025 GMT
        Subject: serialNumber=d0d603a7276e2f341f6f1d34a965d430bb32410ac631ca97ce3d27c717739325, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:74:a0:37:d8:23:66:e8:0f:50:9b:c0:7e:79:
                    67:c1:15:aa:f4:41:d6:19:04:92:73:56:85:09:d0:
                    16:85:c9:bb:51:3f:00:71:89:74:6b:68:4c:42:81:
                    f3:a1:ee:2e:67:7d:f0:e4:ad:6a:81:a9:5c:fe:4c:
                    a7:37:cf:09:ba:46:06:cd:9a:de:82:6a:60:66:4c:
                    6a:a0:f6:30:09:74:12:bd:47:c6:b0:39:a8:f7:f6:
                    f6:ec:75:a0:b1:fb:67:ab:8c:c6:78:e4:d7:e6:e8:
                    de:03:37:98:4f:c0:24:96:51:1e:ba:ff:86:fb:23:
                    24:9e:60:30:63:73:ee:8f:5d:57:0c:c9:6c:ed:fa:
                    db:c3:a1:75:9b:83:8b:4a:50:83:4d:fe:3e:bd:87:
                    10:96:b0:83:c8:f7:f2:00:16:e5:0f:5c:b4:be:3c:
                    e7:83:80:75:96:86:e9:cc:86:63:e1:f7:f7:38:ab:
                    41:48:5a:8e:e4:57:b6:8d:2f:05:99:07:9a:98:22:
                    7a:9f:d5:24:68:c6:11:58:58:83:bb:dd:e6:a0:6b:
                    10:ff:93:35:fc:64:f5:75:f4:b9:99:0b:e3:6c:ae:
                    f1:2e:95:55:15:03:21:12:b9:38:25:09:c9:d3:85:
                    71:da:b9:4b:9d:77:31:05:e2:a7:45:61:b1:03:11:
                    2c:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:36:91:ED:B9:04:95:55:3A:F5:E2:2A:86:A8:E8:F0:3C:AF:CA:8C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a1b30fd3-2d79-49fc-98d4-3015577eaba9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  204.236.217.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:f7:c1:26:51:2a:c7:86:75:ba:15:ae:2b:ca:6c:16:a7:0d:
         14:51:db:c0:23:9a:ae:f3:0e:df:e3:fb:6f:74:db:9a:7e:b6:
         ad:7e:49:42:1c:2f:73:8d:a5:1e:1b:c9:da:99:a7:b7:cc:10:
         1b:98:2b:c4:ee:96:ed:aa:f1:50:13:4f:32:55:0f:b2:d3:0d:
         b5:ff:83:ed:5f:5f:2d:64:2d:59:2b:4e:7f:ec:6f:26:f5:31:
         d1:39:a0:6a:c7:ab:2f:0a:6f:0a:11:ee:6d:22:11:28:2a:1c:
         58:65:f3:67:9a:64:79:cb:02:b0:b6:ac:a9:f0:3c:e7:42:1f:
         a4:e5:bf:f5:c6:73:61:0c:1e:91:a2:a8:db:9d:ff:be:ee:7c:
         3c:da:2f:f0:61:49:8e:a7:99:bf:54:d9:ec:23:10:37:55:ac:
         44:2c:1a:2d:43:13:88:51:ee:94:c9:f2:f7:db:38:75:97:db:
         44:33:1d:18:b8:a6:f5:2a:8c:d6:e0:32:dc:bd:82:d7:77:23:
         00:52:77:b7:3c:cb:b1:92:b2:b6:61:5e:c0:bf:b9:40:2a:08:
         51:67:e1:61:e5:d4:2d:7a:14:b7:fe:fd:37:e7:01:b9:0e:81:
         95:f5:3e:89:54:4b:e1:9c:c4:10:30:e1:9e:3b:75:a5:51:b5:
         35:93:ae:43
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUGFb5aH7tWPuhZ0Yoc+5pDxVAqnAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDExMDU4WhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BkMGQ2MDNhNzI3NmUyZjM0MWY2ZjFkMzRhOTY1ZDQzMGJi
MzI0MTBhYzYzMWNhOTdjZTNkMjdjNzE3NzM5MzI1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDMdKA32CNm6A9Qm8B+eWfBFar0QdYZBJJzVoUJ0BaFybtR
PwBxiXRraExCgfOh7i5nffDkrWqBqVz+TKc3zwm6RgbNmt6CamBmTGqg9jAJdBK9
R8awOaj39vbsdaCx+2erjMZ45Nfm6N4DN5hPwCSWUR66/4b7IySeYDBjc+6PXVcM
yWzt+tvDoXWbg4tKUINN/j69hxCWsIPI9/IAFuUPXLS+POeDgHWWhunMhmPh9/c4
q0FIWo7kV7aNLwWZB5qYInqf1SRoxhFYWIO73eagaxD/kzX8ZPV19LmZC+NsrvEu
lVUVAyESuTglCcnThXHauUuddzEF4qdFYbEDESxDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUQjaR7bkElVU69eIqhqjo8DyvyowwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ExYjMwZmQzLTJkNzktNDlmYy05OGQ0LTMwMTU1NzdlYWJhOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADM7NkwDQYJKoZIhvcNAQELBQADggEBACX3wSZRKseGdboVrivKbBanDRRR
28Ajmq7zDt/j+29025p+tq1+SUIcL3ONpR4bydqZp7fMEBuYK8Tulu2q8VATTzJV
D7LTDbX/g+1fXy1kLVkrTn/sbyb1MdE5oGrHqy8KbwoR7m0iESgqHFhl82eaZHnL
ArC2rKnwPOdCH6Tlv/XGc2EMHpGiqNud/77ufDzaL/BhSY6nmb9U2ewjEDdVrEQs
Gi1DE4hR7pTJ8vfbOHWX20QzHRi4pvUqjNbgMty9gtd3IwBSd7c8y7GSsrZhXsC/
uUAqCFFn4WHl1C16FLf+/TfnAbkOgZX1PolUS+GcxBAw4Z47daVRtTWTrkM=
-----END CERTIFICATE-----