This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c5b31f49-3c0f-4875-8cf7-dd3bb270d2b6.roa
File:                     c5b31f49-3c0f-4875-8cf7-dd3bb270d2b6.roa (raw, json)
Hash identifier:          WW0XVRxsOC75uEJKneN7rCkkZHE+NErLlsDCLoWU8DI=
Subject key identifier:   91:1E:04:CD:5F:AD:F9:D8:39:56:BD:52:DF:8E:ED:3E:D9:3F:31:A4
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       60C0002190280D5B90731C4660AA97E1B0F5DEC1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c5b31f49-3c0f-4875-8cf7-dd3bb270d2b6.roa
Signing time:             Wed 12 Nov 2025 01:30:43 +0000
ROA not before:           Wed 12 Nov 2025 01:30:43 +0000
ROA not after:            Wed 17 Dec 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        23.21.128.0/17 maxlen: 17
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:c0:00:21:90:28:0d:5b:90:73:1c:46:60:aa:97:e1:b0:f5:de:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 12 01:30:43 2025 GMT
            Not After : Dec 17 23:59:59 2025 GMT
        Subject: serialNumber=6152ebbbd452c6e48e88feb3478f6e946f864024fa274223c2a8e288fdc197f7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:41:51:c3:2a:ec:44:95:aa:6e:a7:96:56:51:
                    4b:76:b7:e3:e7:af:60:5f:90:4e:5e:53:15:b4:94:
                    0b:e0:79:62:2b:2d:33:a3:b7:c2:86:90:a0:6f:cb:
                    3a:8d:b6:ea:08:9a:3c:f1:2e:f9:e2:a7:1c:b4:6a:
                    30:44:b2:ba:45:20:4d:41:3e:78:4d:c1:92:4b:1f:
                    f3:1b:b6:7e:04:ca:6a:7b:5d:d6:87:70:e2:02:70:
                    4d:29:0e:36:db:73:d8:48:aa:56:42:c6:1e:36:53:
                    15:aa:43:96:16:eb:b3:ba:2c:24:26:ce:5a:8d:57:
                    8d:59:84:12:ba:fd:1d:87:fa:51:b4:a4:62:60:4c:
                    49:d1:b0:4f:2a:8d:11:d4:7a:6a:5c:3d:04:50:87:
                    f8:43:6c:4d:bf:df:49:5a:8a:ab:34:79:c3:d6:61:
                    66:67:d2:b7:a5:80:88:ae:da:29:6c:db:54:e2:06:
                    f1:15:73:0e:30:3c:3a:2f:76:4a:ad:04:59:96:88:
                    64:21:ed:3a:82:db:c5:86:f8:65:5d:ce:57:80:e3:
                    a5:15:88:6d:47:6d:a5:a1:e7:37:d8:ba:95:83:6f:
                    7e:7f:7c:b5:56:45:9f:39:a0:e8:0d:a4:22:ec:d4:
                    a0:6e:07:23:a1:a3:29:77:c3:33:6e:81:ee:c6:c3:
                    21:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:1E:04:CD:5F:AD:F9:D8:39:56:BD:52:DF:8E:ED:3E:D9:3F:31:A4
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c5b31f49-3c0f-4875-8cf7-dd3bb270d2b6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.21.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         9f:8f:52:81:2e:ca:ad:91:1e:d1:62:60:f1:b9:f6:24:e5:62:
         a5:98:fa:e7:1d:54:c8:4a:14:72:07:b9:cd:23:2d:3d:fa:38:
         b7:0b:d0:b3:bd:64:47:7e:6e:d1:84:61:a3:91:3c:f0:31:0d:
         57:39:4c:88:b2:cc:3e:36:f2:3a:91:4e:46:d8:25:78:ee:e6:
         63:2a:e6:7c:20:a1:90:64:e2:8a:3a:d5:dc:e0:f3:bd:99:b5:
         b3:fc:73:99:95:07:7f:be:89:1c:44:49:8d:b5:2c:49:93:b9:
         b9:e4:e3:ca:45:0d:e8:39:30:38:02:4f:6c:1c:3a:14:b9:15:
         db:36:dc:07:ce:d5:5c:92:59:91:95:a3:46:f2:bb:3b:2a:c0:
         4b:ba:fa:69:04:a5:39:fe:5e:42:81:b7:8a:3c:60:a1:d5:b2:
         c6:1c:1c:e7:35:b3:c1:49:0e:cb:5a:c9:ff:40:c4:d2:38:16:
         eb:d5:32:72:d2:a9:41:bf:aa:fe:43:44:b1:04:a3:4b:a2:e0:
         f2:13:6c:ff:ec:6a:67:39:21:96:f0:a7:fe:0f:fc:fa:9b:3d:
         ef:12:b7:42:e9:20:44:a3:a7:a9:ad:e7:4e:d3:8a:91:9b:96:
         b6:3f:5f:8a:08:0c:05:cb:e0:91:bb:0a:55:b2:46:ed:46:78:
         72:de:5d:7a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYMAAIZAoDVuQcxxGYKqX4bD13sEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEyMDEzMDQzWhcNMjUxMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A2MTUyZWJiYmQ0NTJjNmU0OGU4OGZlYjM0NzhmNmU5NDZm
ODY0MDI0ZmEyNzQyMjNjMmE4ZTI4OGZkYzE5N2Y3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC8QVHDKuxElapup5ZWUUt2t+Pnr2BfkE5eUxW0lAvgeWIr
LTOjt8KGkKBvyzqNtuoImjzxLvnipxy0ajBEsrpFIE1BPnhNwZJLH/Mbtn4Eymp7
XdaHcOICcE0pDjbbc9hIqlZCxh42UxWqQ5YW67O6LCQmzlqNV41ZhBK6/R2H+lG0
pGJgTEnRsE8qjRHUempcPQRQh/hDbE2/30laiqs0ecPWYWZn0relgIiu2ils21Ti
BvEVcw4wPDovdkqtBFmWiGQh7TqC28WG+GVdzleA46UViG1HbaWh5zfYupWDb35/
fLVWRZ85oOgNpCLs1KBuByOhoyl3wzNuge7GwyFTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUkR4EzV+t+dg5Vr1S347tPtk/MaQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M1YjMxZjQ5LTNjMGYtNDg3NS04Y2Y3LWRkM2JiMjcwZDJiNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAcXFYAwDQYJKoZIhvcNAQELBQADggEBAJ+PUoEuyq2RHtFiYPG59iTlYqWY
+ucdVMhKFHIHuc0jLT36OLcL0LO9ZEd+btGEYaORPPAxDVc5TIiyzD428jqRTkbY
JXju5mMq5nwgoZBk4oo61dzg872ZtbP8c5mVB3++iRxESY21LEmTubnk48pFDeg5
MDgCT2wcOhS5Fds23AfO1VySWZGVo0byuzsqwEu6+mkEpTn+XkKBt4o8YKHVssYc
HOc1s8FJDstayf9AxNI4FuvVMnLSqUG/qv5DRLEEo0ui4PITbP/samc5IZbwp/4P
/PqbPe8St0LpIESjp6mt507TipGblrY/X4oIDAXL4JG7ClWyRu1GeHLeXXo=
-----END CERTIFICATE-----