This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b0cdb99c-80ae-4cab-9dda-4da4b37568c7.roa
File:                     b0cdb99c-80ae-4cab-9dda-4da4b37568c7.roa (raw, json)
Hash identifier:          ISb/7xUg2HZT9skOxm3oIzwEmPhKZltyJSUMVJKWtGk=
Subject key identifier:   87:75:FF:21:6D:87:26:67:48:9B:8B:57:3F:4E:4C:09:47:BA:A2:DD
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       504CA2F41B990C60ADE0033D54E494DB0BB12538
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b0cdb99c-80ae-4cab-9dda-4da4b37568c7.roa
Signing time:             Tue 11 Nov 2025 00:30:14 +0000
ROA not before:           Tue 11 Nov 2025 00:30:14 +0000
ROA not after:            Tue 16 Dec 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        107.20.0.0/14 maxlen: 14
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:4c:a2:f4:1b:99:0c:60:ad:e0:03:3d:54:e4:94:db:0b:b1:25:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 11 00:30:14 2025 GMT
            Not After : Dec 16 23:59:59 2025 GMT
        Subject: serialNumber=6e5df3e8f2b43a6c5fbeaeb3e841ba8892a69bb1f8aeae3e5d7ea26a1cfead3e, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:39:60:37:bd:9c:dd:ee:d2:31:33:93:41:90:
                    fc:48:1a:05:0c:f5:0f:e7:91:7f:4a:06:e5:73:b5:
                    66:97:8d:9d:1a:b9:2a:d8:3f:79:d5:96:77:43:2f:
                    56:48:63:07:1d:8d:41:59:b2:49:99:23:46:ca:e8:
                    ff:b1:e5:bc:c4:d2:d3:ea:a6:34:da:62:39:20:73:
                    01:53:92:dd:29:91:b8:c1:21:f8:eb:28:e4:3f:d7:
                    21:61:5b:90:70:85:4d:8d:43:da:c2:96:ad:43:81:
                    99:cc:fe:26:45:73:7a:f2:9f:ed:76:88:9f:3b:a6:
                    3d:86:76:57:3d:7c:54:76:7b:29:f5:e2:2a:04:f0:
                    d6:77:fb:66:14:7e:73:f6:c3:40:54:24:2e:6e:32:
                    06:4e:ba:fd:cf:f8:ca:3b:c4:c3:00:d7:9a:c3:69:
                    75:ff:51:cd:22:72:f9:a0:73:af:55:cc:07:b3:a9:
                    dc:f7:3e:90:5e:4a:c0:f2:f6:1a:55:a1:80:5e:fc:
                    f4:92:74:a2:6e:30:fd:dd:2b:7b:2c:8c:9e:d5:56:
                    ef:03:74:d6:d2:f6:a0:db:38:9e:8c:d5:d6:d2:df:
                    f2:3b:83:e7:4e:b8:64:ea:59:0c:d4:17:92:65:45:
                    d8:a8:81:bc:9d:84:11:83:70:3d:bd:02:29:f3:aa:
                    a3:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:75:FF:21:6D:87:26:67:48:9B:8B:57:3F:4E:4C:09:47:BA:A2:DD
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b0cdb99c-80ae-4cab-9dda-4da4b37568c7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  107.20.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         0d:ed:9c:7d:df:56:cb:60:69:de:b8:10:9d:f9:7c:f1:8f:47:
         d4:a5:8f:3d:dd:1e:cf:26:03:ad:31:ca:a9:67:ab:78:77:86:
         ac:2f:43:65:cb:ba:e6:50:8c:2e:9a:3b:58:6b:7b:6d:f9:70:
         fe:08:4b:f9:7f:00:e3:47:c0:0c:a3:69:25:18:e4:ab:c8:07:
         fe:ef:f0:84:70:05:6b:aa:8f:98:8d:5d:70:45:2e:c3:6e:91:
         25:f3:5a:b0:41:44:27:69:95:c1:5c:33:7a:60:87:0d:8e:ff:
         f7:63:50:2e:55:e9:cb:1e:0c:28:57:5a:3d:e8:b4:5b:39:3a:
         14:e9:44:73:26:99:e6:9b:2a:51:b3:a8:b9:be:c4:01:b4:0d:
         9b:57:a4:2b:00:9c:45:b4:70:1d:b6:eb:c3:40:11:4c:71:26:
         75:32:8c:e5:45:f0:e0:79:9c:6f:36:dc:e8:92:b6:8a:06:7f:
         49:7b:89:9d:e0:39:a2:df:39:e9:e3:a9:0a:69:24:7a:ba:d2:
         20:3c:33:64:5f:ba:a4:19:3e:be:ea:15:08:bb:6c:b3:b1:6e:
         2f:15:95:1c:55:e6:5d:fe:28:bf:94:1e:13:88:66:7e:60:49:
         cf:3e:e9:0a:d0:2e:01:46:9a:a6:7d:51:94:0a:7d:aa:76:ce:
         a2:04:66:a3
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUUEyi9BuZDGCt4AM9VOSU2wuxJTgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDAzMDE0WhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A2ZTVkZjNlOGYyYjQzYTZjNWZiZWFlYjNlODQxYmE4ODky
YTY5YmIxZjhhZWFlM2U1ZDdlYTI2YTFjZmVhZDNlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCfOWA3vZzd7tIxM5NBkPxIGgUM9Q/nkX9KBuVztWaXjZ0a
uSrYP3nVlndDL1ZIYwcdjUFZskmZI0bK6P+x5bzE0tPqpjTaYjkgcwFTkt0pkbjB
IfjrKOQ/1yFhW5BwhU2NQ9rClq1DgZnM/iZFc3ryn+12iJ87pj2Gdlc9fFR2eyn1
4ioE8NZ3+2YUfnP2w0BUJC5uMgZOuv3P+Mo7xMMA15rDaXX/Uc0icvmgc69VzAez
qdz3PpBeSsDy9hpVoYBe/PSSdKJuMP3dK3ssjJ7VVu8DdNbS9qDbOJ6M1dbS3/I7
g+dOuGTqWQzUF5JlRdiogbydhBGDcD29AinzqqOZAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUh3X/IW2HJmdIm4tXP05MCUe6ot0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2IwY2RiOTljLTgwYWUtNGNhYi05ZGRhLTRkYTRiMzc1NjhjNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwJrFDANBgkqhkiG9w0BAQsFAAOCAQEADe2cfd9Wy2Bp3rgQnfl88Y9H1KWP
Pd0ezyYDrTHKqWereHeGrC9DZcu65lCMLpo7WGt7bflw/ghL+X8A40fADKNpJRjk
q8gH/u/whHAFa6qPmI1dcEUuw26RJfNasEFEJ2mVwVwzemCHDY7/92NQLlXpyx4M
KFdaPei0Wzk6FOlEcyaZ5psqUbOoub7EAbQNm1ekKwCcRbRwHbbrw0ARTHEmdTKM
5UXw4Hmcbzbc6JK2igZ/SXuJneA5ot856eOpCmkkerrSIDwzZF+6pBk+vuoVCLts
s7FuLxWVHFXmXf4ov5QeE4hmfmBJzz7pCtAuAUaapn1RlAp9qnbOogRmow==
-----END CERTIFICATE-----