This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/af447631-2ee0-48e3-99c1-aabf4304ee15.roa
File:                     af447631-2ee0-48e3-99c1-aabf4304ee15.roa (raw, json)
Hash identifier:          9xAvkn73MGd4XGw0mKrbGLTFECfHMiaI9pQXULMc/yU=
Subject key identifier:   46:A8:52:86:7A:4A:93:A2:A2:AE:9F:68:5E:63:AD:CD:1C:B9:72:82
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       63196A9D311CE5774B68FDF736F8ADF9797819CF
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/af447631-2ee0-48e3-99c1-aabf4304ee15.roa
Signing time:             Tue 11 Nov 2025 00:40:53 +0000
ROA not before:           Tue 11 Nov 2025 00:40:53 +0000
ROA not after:            Tue 16 Dec 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        107.20.144.0/20 maxlen: 20
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:19:6a:9d:31:1c:e5:77:4b:68:fd:f7:36:f8:ad:f9:79:78:19:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 11 00:40:53 2025 GMT
            Not After : Dec 16 23:59:59 2025 GMT
        Subject: serialNumber=cfc473d297120d9f6d3a52c0ab099eb430feed3d3c042cdd0c7ccf5d19d6a47b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:c9:64:f9:1c:d7:dc:24:c6:ea:ee:3d:13:9f:
                    9d:0d:90:30:f2:5a:bd:91:db:55:f2:82:fa:66:35:
                    c4:3d:77:73:22:8d:09:64:81:70:a5:0d:f7:bb:86:
                    fc:cd:44:3d:08:8e:cf:09:ce:37:32:6d:49:b7:89:
                    1c:14:f5:11:6e:15:0a:f5:e8:43:42:8f:6a:92:13:
                    b2:e2:c8:bb:99:36:ff:3c:cb:12:f3:92:c9:af:51:
                    2b:55:a0:53:e7:a0:eb:93:c8:5b:ee:cd:b3:8d:ce:
                    f8:5e:46:06:31:b7:07:2d:85:76:2c:22:99:ce:1f:
                    cb:c5:c2:8b:34:1a:21:70:a1:25:55:d4:32:75:30:
                    14:a7:2f:50:28:31:e6:84:e5:61:c0:96:b4:af:40:
                    8b:08:c7:de:7c:ac:8f:0c:50:c8:3c:46:79:1a:39:
                    66:5b:22:fb:f8:ea:7c:42:58:41:33:62:47:36:e2:
                    d2:e0:b9:c7:8b:7f:3f:03:2a:95:02:5e:a6:9c:81:
                    23:ef:a3:ca:5f:5d:43:df:9c:8d:1e:64:78:1e:ab:
                    02:43:84:72:30:c8:79:df:41:6e:60:02:51:37:66:
                    b4:88:b4:12:f7:36:85:b7:d1:f3:a0:cf:93:9a:83:
                    3c:ba:b6:60:64:c2:50:14:59:0c:f1:b2:da:55:f5:
                    d7:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:A8:52:86:7A:4A:93:A2:A2:AE:9F:68:5E:63:AD:CD:1C:B9:72:82
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/af447631-2ee0-48e3-99c1-aabf4304ee15.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  107.20.144.0/20

    Signature Algorithm: sha256WithRSAEncryption
         d5:46:59:c7:23:4b:65:93:82:80:16:e3:ad:b4:2e:79:64:80:
         2d:02:80:da:3d:20:85:1e:e5:94:bc:d9:a2:76:fb:50:f3:ac:
         e7:d1:18:a5:73:7c:12:fa:b9:e9:13:81:6e:21:2b:0a:1d:eb:
         67:46:01:bb:7a:1c:58:cb:41:b4:47:c7:7a:b5:30:b9:2c:e6:
         30:8d:27:89:a3:6b:0d:9e:ae:89:c4:38:81:2a:8b:99:9d:b7:
         89:b3:28:48:ea:ea:ea:f8:55:be:b5:ab:02:b7:0a:c0:1a:c4:
         db:03:f9:bf:23:6d:8e:dc:c4:dc:1e:9e:8a:88:05:c6:20:d2:
         9e:0b:41:74:74:30:1d:44:32:50:ba:ac:8b:e7:4b:ab:e6:8e:
         7a:7e:71:f0:60:3d:77:6a:32:a5:3e:a7:83:e0:e8:20:d5:b7:
         d8:7d:e5:49:a2:23:bf:f0:be:71:15:48:c2:f5:90:b1:47:df:
         17:d7:3b:0f:ed:a0:b2:7c:ae:c2:83:28:2f:0a:a2:fd:6b:6b:
         e1:bc:20:ae:0d:f6:ba:7a:05:58:3c:bd:98:10:ba:8e:dd:71:
         57:a3:da:d5:aa:cd:4c:47:31:6c:c0:55:52:6a:36:d5:08:fb:
         b3:e4:ff:2b:b0:81:de:4c:83:4d:a7:89:ad:1a:a3:b2:06:11:
         2e:c1:9f:b5
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYxlqnTEc5XdLaP33Nvit+Xl4Gc8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDA0MDUzWhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BjZmM0NzNkMjk3MTIwZDlmNmQzYTUyYzBhYjA5OWViNDMw
ZmVlZDNkM2MwNDJjZGQwYzdjY2Y1ZDE5ZDZhNDdiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCcyWT5HNfcJMbq7j0Tn50NkDDyWr2R21XygvpmNcQ9d3Mi
jQlkgXClDfe7hvzNRD0Ijs8JzjcybUm3iRwU9RFuFQr16ENCj2qSE7LiyLuZNv88
yxLzksmvUStVoFPnoOuTyFvuzbONzvheRgYxtwcthXYsIpnOH8vFwos0GiFwoSVV
1DJ1MBSnL1AoMeaE5WHAlrSvQIsIx958rI8MUMg8RnkaOWZbIvv46nxCWEEzYkc2
4tLguceLfz8DKpUCXqacgSPvo8pfXUPfnI0eZHgeqwJDhHIwyHnfQW5gAlE3ZrSI
tBL3NoW30fOgz5Oagzy6tmBkwlAUWQzxstpV9dehAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQURqhShnpKk6Kirp9oXmOtzRy5coIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FmNDQ3NjMxLTJlZTAtNDhlMy05OWMxLWFhYmY0MzA0ZWUxNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBARrFJAwDQYJKoZIhvcNAQELBQADggEBANVGWccjS2WTgoAW4620LnlkgC0C
gNo9IIUe5ZS82aJ2+1DzrOfRGKVzfBL6uekTgW4hKwod62dGAbt6HFjLQbRHx3q1
MLks5jCNJ4mjaw2eronEOIEqi5mdt4mzKEjq6ur4Vb61qwK3CsAaxNsD+b8jbY7c
xNwenoqIBcYg0p4LQXR0MB1EMlC6rIvnS6vmjnp+cfBgPXdqMqU+p4Pg6CDVt9h9
5UmiI7/wvnEVSML1kLFH3xfXOw/toLJ8rsKDKC8Kov1ra+G8IK4N9rp6BVg8vZgQ
uo7dcVej2tWqzUxHMWzAVVJqNtUI+7Pk/yuwgd5Mg02nia0ao7IGES7Bn7U=
-----END CERTIFICATE-----