This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a656ff06-dd61-4a24-a01f-a8fcac8be378.roa
File:                     a656ff06-dd61-4a24-a01f-a8fcac8be378.roa (raw, json)
Hash identifier:          7t1ZewohUVoTQFxm89tvB3HGGJfzuMqI4CfrD7ZXevk=
Subject key identifier:   80:BD:A8:0B:30:33:F0:B9:5A:1F:DB:2A:63:F7:BC:1F:F4:90:13:1B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0CB7A674929036BC7B372DC12FB86D5030FCF399
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a656ff06-dd61-4a24-a01f-a8fcac8be378.roa
Signing time:             Sun 16 Nov 2025 00:10:43 +0000
ROA not before:           Sun 16 Nov 2025 00:10:43 +0000
ROA not after:            Sun 21 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        70.232.120.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:b7:a6:74:92:90:36:bc:7b:37:2d:c1:2f:b8:6d:50:30:fc:f3:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 16 00:10:43 2025 GMT
            Not After : Dec 21 23:59:59 2025 GMT
        Subject: serialNumber=0b1346d419f2af686be92014af0df54931ee4eea78814437b99a3e957c5635eb, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:23:01:f1:27:50:d2:85:e6:6a:43:a4:89:9b:
                    35:b8:81:cf:88:86:c0:b3:44:65:44:0f:2f:d3:93:
                    22:ce:6e:9d:01:d0:26:38:be:81:5e:69:86:77:30:
                    dc:a8:9e:8d:c3:eb:c0:bc:1d:7b:11:41:6e:39:49:
                    42:23:9e:4b:87:d8:17:11:28:84:60:07:da:f0:ca:
                    81:17:07:be:75:63:4c:0b:cb:0a:15:e5:77:04:07:
                    71:48:61:bf:c9:59:2a:71:3d:95:de:07:2d:ce:2e:
                    88:c8:87:3e:2b:c0:6e:5f:ea:35:b3:a5:05:1c:07:
                    1f:52:18:6f:cd:89:47:a7:79:ab:99:80:1f:6b:36:
                    a3:15:6c:cc:85:76:96:a0:49:d1:86:81:69:0a:86:
                    d6:b6:57:a8:aa:91:8c:35:65:51:05:eb:8b:e1:84:
                    2f:97:e7:52:22:e5:43:ef:84:39:d0:33:24:10:d2:
                    86:03:9b:05:90:53:ab:72:87:69:74:03:99:cd:84:
                    6e:2b:f8:15:a8:09:e6:c1:12:6a:1f:19:77:bd:29:
                    bd:cf:6b:50:21:ab:1f:62:c5:5e:d9:28:19:37:43:
                    9f:70:d1:2f:eb:c1:af:0b:93:71:de:a8:9b:ae:3b:
                    04:a7:a1:0d:a1:c8:23:1f:63:d1:8c:64:bc:3e:5f:
                    8f:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:BD:A8:0B:30:33:F0:B9:5A:1F:DB:2A:63:F7:BC:1F:F4:90:13:1B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a656ff06-dd61-4a24-a01f-a8fcac8be378.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  70.232.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7a:1e:13:aa:03:e8:74:55:a8:e6:1d:e4:d2:f3:bc:81:d9:0d:
         2d:a5:31:0c:bc:0d:c8:44:e3:d1:d0:74:fd:e3:92:49:ab:92:
         1f:e5:95:28:c4:62:b1:34:2f:5a:c5:6e:59:d5:4f:f2:79:c6:
         dc:ec:70:57:6a:4d:3a:a0:dc:71:1b:de:35:ff:6c:26:95:a7:
         e8:d7:53:a8:95:b3:0b:7e:c2:fb:4d:4d:1b:98:6f:d6:a9:45:
         7c:e4:bd:03:03:74:23:8c:7d:0b:9a:de:c1:78:9e:1a:bc:91:
         be:d5:b3:db:e8:64:4f:75:84:fd:b6:3d:cf:b4:04:7e:0d:75:
         db:e8:c5:57:e4:d7:49:40:8d:34:ae:e0:35:e3:e6:09:74:b8:
         8d:99:e2:0f:3b:97:b0:0f:12:67:af:b6:55:80:49:21:2c:f3:
         76:d5:77:1c:cc:08:21:f8:70:fc:f5:91:ae:bd:70:cf:7c:e4:
         da:dd:28:52:f5:cc:b0:1b:96:81:bc:89:52:15:0e:65:6f:57:
         3e:f3:7f:27:27:42:ce:98:56:7a:cb:3c:54:3c:bb:5b:ee:1c:
         9b:85:33:f7:cc:55:b8:d8:a1:0f:f7:58:a6:c0:63:02:93:99:
         71:f7:84:e6:40:79:73:18:0d:16:56:83:af:12:70:bb:77:5f:
         08:d3:dd:99
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDLemdJKQNrx7Ny3BL7htUDD885kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTE2MDAxMDQzWhcNMjUxMjIxMjM1OTU5
WjB6MUkwRwYDVQQFE0AwYjEzNDZkNDE5ZjJhZjY4NmJlOTIwMTRhZjBkZjU0OTMx
ZWU0ZWVhNzg4MTQ0MzdiOTlhM2U5NTdjNTYzNWViMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDgIwHxJ1DSheZqQ6SJmzW4gc+IhsCzRGVEDy/TkyLObp0B
0CY4voFeaYZ3MNyono3D68C8HXsRQW45SUIjnkuH2BcRKIRgB9rwyoEXB751Y0wL
ywoV5XcEB3FIYb/JWSpxPZXeBy3OLojIhz4rwG5f6jWzpQUcBx9SGG/NiUeneauZ
gB9rNqMVbMyFdpagSdGGgWkKhta2V6iqkYw1ZVEF64vhhC+X51Ii5UPvhDnQMyQQ
0oYDmwWQU6tyh2l0A5nNhG4r+BWoCebBEmofGXe9Kb3Pa1Ahqx9ixV7ZKBk3Q59w
0S/rwa8Lk3HeqJuuOwSnoQ2hyCMfY9GMZLw+X48ZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUgL2oCzAz8LlaH9sqY/e8H/SQExswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E2NTZmZjA2LWRkNjEtNGEyNC1hMDFmLWE4ZmNhYzhiZTM3OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJG6HgwDQYJKoZIhvcNAQELBQADggEBAHoeE6oD6HRVqOYd5NLzvIHZDS2l
MQy8DchE49HQdP3jkkmrkh/llSjEYrE0L1rFblnVT/J5xtzscFdqTTqg3HEb3jX/
bCaVp+jXU6iVswt+wvtNTRuYb9apRXzkvQMDdCOMfQua3sF4nhq8kb7Vs9voZE91
hP22Pc+0BH4NddvoxVfk10lAjTSu4DXj5gl0uI2Z4g87l7APEmevtlWASSEs83bV
dxzMCCH4cPz1ka69cM985NrdKFL1zLAbloG8iVIVDmVvVz7zfycnQs6YVnrLPFQ8
u1vuHJuFM/fMVbjYoQ/3WKbAYwKTmXH3hOZAeXMYDRZWg68ScLt3XwjT3Zk=
-----END CERTIFICATE-----