This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a743602a-d845-4844-9c21-e83cce7c9b6a.roa
File:                     a743602a-d845-4844-9c21-e83cce7c9b6a.roa (raw, json)
Hash identifier:          pmkMAHah5NKLv2ZxuXttlubvXyLR2NWjhOd+6Iv2gis=
Subject key identifier:   60:4F:E6:B7:A3:B2:C7:6B:B8:94:B4:6A:9A:67:6A:82:40:8F:F5:89
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       586ADB5024759BD09C280F195FCF2748E66BC1DB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a743602a-d845-4844-9c21-e83cce7c9b6a.roa
Signing time:             Sat 22 Nov 2025 01:00:12 +0000
ROA not before:           Sat 22 Nov 2025 01:00:12 +0000
ROA not after:            Fri 20 Feb 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.163.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:6a:db:50:24:75:9b:d0:9c:28:0f:19:5f:cf:27:48:e6:6b:c1:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 22 01:00:12 2025 GMT
            Not After : Feb 20 23:59:59 2026 GMT
        Subject: serialNumber=7cb7b2e91f01ee5730ef86d234096a605afb75897258ab9759f00e5e81f470b7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:90:64:04:98:c2:bb:91:d1:d2:77:5f:0d:e0:
                    13:04:d7:ea:e8:ea:69:8c:5d:82:ca:04:45:f2:3e:
                    07:0a:16:c6:40:36:86:4d:5a:2e:c8:31:17:40:6b:
                    1d:66:ee:0c:57:d2:99:be:98:24:36:79:78:26:c6:
                    9b:93:93:e2:8d:1f:ef:c3:0e:7f:0a:1e:ea:b5:8c:
                    d8:e6:9d:03:83:d8:97:b6:1c:35:b2:5c:8e:33:61:
                    ef:de:93:85:ed:36:5f:f1:c7:60:dd:b8:aa:0c:ec:
                    b1:94:e1:4a:65:c8:94:6b:c4:ee:53:63:e5:d7:b2:
                    f6:c1:18:7a:24:dc:8e:3f:4d:db:c8:a1:16:a7:89:
                    a2:af:10:a9:e0:7d:03:92:6d:f8:9e:de:c0:7c:3a:
                    25:66:c8:04:bf:b4:a7:08:bf:9e:96:82:0f:e5:63:
                    9e:1c:11:9f:04:d6:0e:9d:77:3a:21:32:e4:33:e7:
                    3d:13:c8:dc:cf:80:c5:3c:23:11:a6:43:46:07:ba:
                    cc:cb:a2:32:7c:d6:ca:9e:fd:9f:aa:f5:6a:ac:d5:
                    7a:fb:2a:4b:e2:7a:8d:35:f2:9d:55:08:8d:62:c4:
                    06:cc:c9:8b:e3:84:d4:81:de:ba:fa:8b:d2:81:ea:
                    a1:1a:dc:d7:cb:d4:00:9d:d8:f2:eb:1e:57:9e:9e:
                    bf:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:4F:E6:B7:A3:B2:C7:6B:B8:94:B4:6A:9A:67:6A:82:40:8F:F5:89
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a743602a-d845-4844-9c21-e83cce7c9b6a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.163.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:4b:da:c3:12:51:ad:b2:6c:c7:87:3b:3f:5d:3b:6b:df:04:
         84:4c:f9:ce:b2:52:e6:9e:d0:e2:d2:24:37:be:8a:46:d0:0a:
         c1:a6:1c:bb:d4:5e:15:ee:c9:87:f9:a5:89:00:7a:83:a6:04:
         47:ab:4f:5f:dd:e7:cb:62:91:b8:57:66:cf:fc:b5:75:95:07:
         ff:04:47:d5:38:c4:a7:32:61:ba:1c:40:91:ac:57:e8:54:b9:
         fb:82:d9:23:06:43:05:7c:15:b8:9f:bc:cd:e7:1b:05:b9:7f:
         e6:b7:2f:21:73:08:2b:dc:a2:53:1d:f5:58:c5:6e:b9:32:18:
         9f:a2:67:cb:ad:16:57:b4:ce:5d:8d:8d:dc:86:31:2a:19:9d:
         f0:13:3f:b7:7d:75:35:39:49:fd:f2:6c:33:25:32:75:1e:0b:
         c3:f7:cc:16:a4:f8:a6:e3:e0:7b:87:10:3a:5a:ba:ee:03:04:
         45:5f:98:ac:a8:39:9c:e1:aa:9d:6c:cd:d9:6d:17:7c:ac:2e:
         6e:27:2e:f5:ee:fb:29:02:8c:97:dd:59:aa:0c:c0:b1:18:8d:
         1a:bc:a2:06:3d:5d:a5:db:9f:6d:5b:71:00:8d:d3:2c:76:19:
         10:a4:15:66:07:92:bc:0f:60:3d:62:bd:a4:32:bf:76:33:cf:
         29:99:6e:c7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUWGrbUCR1m9CcKA8ZX88nSOZrwdswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTIyMDEwMDEyWhcNMjYwMjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A3Y2I3YjJlOTFmMDFlZTU3MzBlZjg2ZDIzNDA5NmE2MDVh
ZmI3NTg5NzI1OGFiOTc1OWYwMGU1ZTgxZjQ3MGI3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDEkGQEmMK7kdHSd18N4BME1+ro6mmMXYLKBEXyPgcKFsZA
NoZNWi7IMRdAax1m7gxX0pm+mCQ2eXgmxpuTk+KNH+/DDn8KHuq1jNjmnQOD2Je2
HDWyXI4zYe/ek4XtNl/xx2DduKoM7LGU4UplyJRrxO5TY+XXsvbBGHok3I4/TdvI
oRaniaKvEKngfQOSbfie3sB8OiVmyAS/tKcIv56Wgg/lY54cEZ8E1g6ddzohMuQz
5z0TyNzPgMU8IxGmQ0YHuszLojJ81sqe/Z+q9Wqs1Xr7Kkvieo018p1VCI1ixAbM
yYvjhNSB3rr6i9KB6qEa3NfL1ACd2PLrHleenr9BAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUYE/mt6Oyx2u4lLRqmmdqgkCP9YkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E3NDM2MDJhLWQ4NDUtNDg0NC05YzIxLWU4M2NjZTdjOWI2YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTaMwDQYJKoZIhvcNAQELBQADggEBAKNL2sMSUa2ybMeHOz9dO2vfBIRM
+c6yUuae0OLSJDe+ikbQCsGmHLvUXhXuyYf5pYkAeoOmBEerT1/d58tikbhXZs/8
tXWVB/8ER9U4xKcyYbocQJGsV+hUufuC2SMGQwV8FbifvM3nGwW5f+a3LyFzCCvc
olMd9VjFbrkyGJ+iZ8utFle0zl2NjdyGMSoZnfATP7d9dTU5Sf3ybDMlMnUeC8P3
zBak+Kbj4HuHEDpauu4DBEVfmKyoOZzhqp1szdltF3ysLm4nLvXu+ykCjJfdWaoM
wLEYjRq8ogY9XaXbn21bcQCN0yx2GRCkFWYHkrwPYD1ivaQyv3YzzymZbsc=
-----END CERTIFICATE-----