This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c2b618a0-430d-4d27-abca-4e06f4648926.roa
File:                     c2b618a0-430d-4d27-abca-4e06f4648926.roa (raw, json)
Hash identifier:          WlouZC69Is2w/TvEZ20qRzHE/s5MLq5xBKFQGuE55/o=
Subject key identifier:   85:44:08:74:72:EF:10:57:B8:46:77:5B:12:52:3C:55:D2:30:BC:EB
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1FEA1140F8D4BEA3A5520AEFC5787E94D35255C5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c2b618a0-430d-4d27-abca-4e06f4648926.roa
Signing time:             Sat 22 Nov 2025 00:31:16 +0000
ROA not before:           Sat 22 Nov 2025 00:31:16 +0000
ROA not after:            Fri 20 Feb 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        64.252.119.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:ea:11:40:f8:d4:be:a3:a5:52:0a:ef:c5:78:7e:94:d3:52:55:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 22 00:31:16 2025 GMT
            Not After : Feb 20 23:59:59 2026 GMT
        Subject: serialNumber=f388f42c072774a9c004157cf2f09f8b76041fa08e9fe44c4d5914cdb621d9e3, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:dd:2d:32:be:0d:16:d4:17:b9:1a:cb:55:eb:
                    84:48:9a:8b:d1:18:cf:18:79:74:17:9e:97:24:32:
                    09:3e:97:4c:99:5a:0a:d0:08:78:79:cf:9a:d1:10:
                    25:05:85:1e:e0:76:64:2d:b9:73:78:82:30:26:a8:
                    ad:27:00:b7:f9:88:87:76:ad:09:41:e7:d1:fa:87:
                    c0:c3:c2:de:18:dc:5b:79:c0:1a:3a:bb:9b:fa:a7:
                    2c:07:df:48:c8:7f:cb:a5:82:d8:83:be:e9:57:28:
                    08:c9:63:7f:a3:8e:3f:a9:42:1a:60:2c:4a:54:b9:
                    19:55:8e:d8:86:ed:25:72:2b:8f:a6:d9:e2:a5:cc:
                    e1:89:c6:94:7e:9b:37:53:a8:fd:6e:e6:b1:26:0e:
                    aa:d1:b0:fb:f6:ce:48:00:94:45:b6:49:b4:e7:45:
                    f1:e2:8d:31:15:03:9f:61:e7:36:d2:30:67:08:b2:
                    24:17:29:6a:c0:1e:94:7c:85:2e:76:ec:f2:ae:35:
                    f5:e3:57:e7:aa:4e:66:58:90:b2:09:72:07:18:1d:
                    30:40:e9:02:f6:ce:9b:2a:4b:3e:58:0d:e1:45:80:
                    96:c0:b9:73:9d:ae:c5:0a:fa:48:97:c5:ec:ff:9d:
                    a4:36:01:5f:93:55:e2:c6:6e:1e:51:a1:75:f8:6b:
                    21:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:44:08:74:72:EF:10:57:B8:46:77:5B:12:52:3C:55:D2:30:BC:EB
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c2b618a0-430d-4d27-abca-4e06f4648926.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.252.119.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d3:39:42:40:7d:bb:e7:60:79:c6:ff:68:50:25:e1:06:ae:0e:
         9c:7c:1a:6e:4c:03:8e:9b:4f:55:cb:7a:8d:b9:04:9c:b0:65:
         bd:41:f0:1c:90:a4:c8:90:ae:00:b0:11:3e:79:c5:a5:c5:00:
         f6:ac:b0:1d:4b:54:89:72:be:fe:64:00:66:1a:0b:d5:1c:b7:
         bc:31:9a:0c:75:09:82:d0:22:88:64:43:ba:f1:ef:ac:c0:3e:
         3f:35:d6:dc:e4:61:6e:0f:4c:9c:f3:2f:02:40:c1:69:2e:66:
         db:0d:13:6b:c6:5e:e1:4f:d8:70:b1:0e:33:c4:13:28:2c:8c:
         8f:ec:9f:aa:bf:63:78:89:64:f7:64:07:93:ae:f6:44:3a:c3:
         97:30:e5:8e:ad:07:9d:a8:1b:45:2c:68:41:b5:2a:fd:8d:e6:
         09:42:c3:ff:ea:ec:f0:01:3f:b3:e5:88:dc:7a:79:ac:a6:8a:
         2f:f7:dc:76:ee:e5:9a:ab:63:fb:56:6e:d4:9a:83:a1:e8:f2:
         61:a5:90:e9:c1:b4:b9:b6:84:fc:5c:2a:42:a0:f7:11:5e:91:
         21:f3:9f:e7:3e:6c:40:9b:6e:e4:a1:1d:b4:f5:90:9c:a6:6c:
         78:b5:a3:01:d2:ac:92:ca:0c:aa:04:14:d6:18:87:d5:f0:54:
         5a:b0:b5:9d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUH+oRQPjUvqOlUgrvxXh+lNNSVcUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTIyMDAzMTE2WhcNMjYwMjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0BmMzg4ZjQyYzA3Mjc3NGE5YzAwNDE1N2NmMmYwOWY4Yjc2
MDQxZmEwOGU5ZmU0NGM0ZDU5MTRjZGI2MjFkOWUzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDE3S0yvg0W1Be5GstV64RImovRGM8YeXQXnpckMgk+l0yZ
WgrQCHh5z5rRECUFhR7gdmQtuXN4gjAmqK0nALf5iId2rQlB59H6h8DDwt4Y3Ft5
wBo6u5v6pywH30jIf8ulgtiDvulXKAjJY3+jjj+pQhpgLEpUuRlVjtiG7SVyK4+m
2eKlzOGJxpR+mzdTqP1u5rEmDqrRsPv2zkgAlEW2SbTnRfHijTEVA59h5zbSMGcI
siQXKWrAHpR8hS527PKuNfXjV+eqTmZYkLIJcgcYHTBA6QL2zpsqSz5YDeFFgJbA
uXOdrsUK+kiXxez/naQ2AV+TVeLGbh5RoXX4ayH3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUhUQIdHLvEFe4RndbElI8VdIwvOswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2MyYjYxOGEwLTQzMGQtNGQyNy1hYmNhLTRlMDZmNDY0ODkyNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABA/HcwDQYJKoZIhvcNAQELBQADggEBANM5QkB9u+dgecb/aFAl4QauDpx8
Gm5MA46bT1XLeo25BJywZb1B8ByQpMiQrgCwET55xaXFAPassB1LVIlyvv5kAGYa
C9Uct7wxmgx1CYLQIohkQ7rx76zAPj811tzkYW4PTJzzLwJAwWkuZtsNE2vGXuFP
2HCxDjPEEygsjI/sn6q/Y3iJZPdkB5Ou9kQ6w5cw5Y6tB52oG0UsaEG1Kv2N5glC
w//q7PABP7PliNx6eaymii/33Hbu5ZqrY/tWbtSag6Ho8mGlkOnBtLm2hPxcKkKg
9xFekSHzn+c+bECbbuShHbT1kJymbHi1owHSrJLKDKoEFNYYh9XwVFqwtZ0=
-----END CERTIFICATE-----