This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cdb704b6-b401-4fcf-a13c-0891a9c175c2.roa
File:                     cdb704b6-b401-4fcf-a13c-0891a9c175c2.roa (raw, json)
Hash identifier:          CZsfQ9yiR/HhgKfrMhCocuJ/DsfoLJS50aRly2ht0fU=
Subject key identifier:   DD:BE:7C:5E:F0:2A:A7:7B:37:E9:86:19:3E:75:FA:2D:DE:64:51:A1
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       76131BF7BF703F04C49974F1778DC247207D4C9F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cdb704b6-b401-4fcf-a13c-0891a9c175c2.roa
Signing time:             Wed 12 Nov 2025 01:21:18 +0000
ROA not before:           Wed 12 Nov 2025 01:21:18 +0000
ROA not after:            Wed 17 Dec 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        23.22.0.0/15 maxlen: 15
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:13:1b:f7:bf:70:3f:04:c4:99:74:f1:77:8d:c2:47:20:7d:4c:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 12 01:21:18 2025 GMT
            Not After : Dec 17 23:59:59 2025 GMT
        Subject: serialNumber=c9336808ce2a0fe93d6c6240a1f1823f5136470a1df08b5f607619f8d924ad70, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:5b:a2:9c:33:79:7f:cc:9e:cd:0e:0b:c8:1a:
                    44:29:7a:be:41:f2:d9:66:2c:6d:71:af:47:ff:9a:
                    af:70:71:91:04:f1:ca:c1:96:e6:1d:72:0b:66:f3:
                    68:4e:8c:ff:87:b3:65:9e:9c:52:89:7b:ef:3f:a3:
                    bb:98:46:af:5a:bc:6a:e8:e3:de:98:61:77:36:97:
                    88:28:16:8d:82:20:9d:c6:6f:2e:e8:ba:1f:27:0c:
                    0a:cb:a1:5a:28:2d:f5:a6:78:9e:48:1b:30:58:30:
                    03:60:5a:4a:70:79:4d:7e:e6:27:f4:39:d3:89:ce:
                    98:e7:ae:8d:c9:ea:58:c3:75:d4:6e:72:7d:6b:5e:
                    6b:a5:b2:1f:3f:60:66:93:43:cc:ff:bd:45:db:1c:
                    6e:93:40:25:19:d7:93:57:46:72:a2:40:c1:e5:db:
                    8d:eb:af:cf:c3:0d:b3:56:5a:b2:3e:b4:fb:7e:30:
                    0f:72:96:d7:d1:d5:1f:b7:78:b5:15:67:00:b6:4a:
                    11:63:bf:ab:74:71:04:df:14:61:5b:f1:b4:a7:32:
                    48:20:4b:29:36:d5:82:ca:53:2b:93:63:83:05:8e:
                    3c:9b:31:8f:1a:82:03:77:fd:77:5b:22:b5:6e:66:
                    51:b2:4a:01:82:d6:ef:4d:1b:87:29:25:1f:e8:41:
                    3d:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:BE:7C:5E:F0:2A:A7:7B:37:E9:86:19:3E:75:FA:2D:DE:64:51:A1
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cdb704b6-b401-4fcf-a13c-0891a9c175c2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.22.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         c6:87:66:17:ed:2b:ca:a6:f4:77:62:fb:7d:c4:6c:98:f2:e9:
         61:05:3e:9c:26:4f:41:d0:48:42:ac:1a:d1:16:65:d8:32:02:
         fb:dd:ef:ec:fe:97:8c:38:81:d6:c1:72:c1:5e:d6:e8:24:e7:
         ad:e1:f5:3e:b7:1f:c9:26:c1:4e:cd:96:9f:1c:b9:ec:0c:2e:
         7e:d3:ff:7f:27:ff:9d:27:e9:8e:4b:b7:94:ca:0e:38:50:f9:
         e1:ac:b3:98:1f:90:3f:a7:64:9f:8e:c5:c7:e1:e2:53:2f:49:
         88:8e:14:ce:eb:27:b8:b0:0b:ad:a4:18:c1:88:61:e5:50:c9:
         f3:78:43:6e:10:a7:15:58:0c:b2:f4:f8:05:30:18:e4:f2:b3:
         6e:03:1c:dd:33:2a:71:56:8f:34:c0:3d:be:89:97:67:2c:c4:
         26:ce:6c:a6:d3:b6:d9:c0:12:60:97:f8:ef:b2:64:63:bb:0e:
         9c:ce:4c:7b:73:22:00:ca:72:0d:0c:47:1a:4d:60:67:f1:55:
         76:3c:48:d2:ee:d6:a0:2b:e9:08:eb:47:94:de:52:1a:6a:7d:
         87:f3:72:8e:ca:4f:4d:db:59:ff:02:90:d8:7b:30:f4:41:7c:
         97:ed:ec:22:b0:31:d2:37:ef:ab:fc:36:72:33:73:2a:93:64:
         26:c5:67:fe
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUdhMb979wPwTEmXTxd43CRyB9TJ8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEyMDEyMTE4WhcNMjUxMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BjOTMzNjgwOGNlMmEwZmU5M2Q2YzYyNDBhMWYxODIzZjUx
MzY0NzBhMWRmMDhiNWY2MDc2MTlmOGQ5MjRhZDcwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDmW6KcM3l/zJ7NDgvIGkQper5B8tlmLG1xr0f/mq9wcZEE
8crBluYdcgtm82hOjP+Hs2WenFKJe+8/o7uYRq9avGro496YYXc2l4goFo2CIJ3G
by7ouh8nDArLoVooLfWmeJ5IGzBYMANgWkpweU1+5if0OdOJzpjnro3J6ljDddRu
cn1rXmulsh8/YGaTQ8z/vUXbHG6TQCUZ15NXRnKiQMHl243rr8/DDbNWWrI+tPt+
MA9yltfR1R+3eLUVZwC2ShFjv6t0cQTfFGFb8bSnMkggSyk21YLKUyuTY4MFjjyb
MY8aggN3/XdbIrVuZlGySgGC1u9NG4cpJR/oQT1LAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU3b58XvAqp3s36YYZPnX6Ld5kUaEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NkYjcwNGI2LWI0MDEtNGZjZi1hMTNjLTA4OTFhOWMxNzVjMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEXFjANBgkqhkiG9w0BAQsFAAOCAQEAxodmF+0ryqb0d2L7fcRsmPLpYQU+
nCZPQdBIQqwa0RZl2DIC+93v7P6XjDiB1sFywV7W6CTnreH1PrcfySbBTs2Wnxy5
7AwuftP/fyf/nSfpjku3lMoOOFD54ayzmB+QP6dkn47Fx+HiUy9JiI4UzusnuLAL
raQYwYhh5VDJ83hDbhCnFVgMsvT4BTAY5PKzbgMc3TMqcVaPNMA9vomXZyzEJs5s
ptO22cASYJf477JkY7sOnM5Me3MiAMpyDQxHGk1gZ/FVdjxI0u7WoCvpCOtHlN5S
Gmp9h/NyjspPTdtZ/wKQ2Hsw9EF8l+3sIrAx0jfvq/w2cjNzKpNkJsVn/g==
-----END CERTIFICATE-----