This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f0dc6def-824b-44e4-953e-03bc03efa024.roa
File:                     f0dc6def-824b-44e4-953e-03bc03efa024.roa (raw, json)
Hash identifier:          iL1Qi1nnhX7TgBH/ncFWUCrRSu0S1dLf65ogS6DHwR8=
Subject key identifier:   45:61:03:DA:0F:CC:1B:89:28:D6:2B:FA:F5:92:80:7F:0A:CF:91:33
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4AC249896B230D4E10F211499F9F5E7DAB3D1030
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f0dc6def-824b-44e4-953e-03bc03efa024.roa
Signing time:             Thu 20 Nov 2025 00:10:46 +0000
ROA not before:           Thu 20 Nov 2025 00:10:46 +0000
ROA not after:            Wed 18 Feb 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        40.229.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:c2:49:89:6b:23:0d:4e:10:f2:11:49:9f:9f:5e:7d:ab:3d:10:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 20 00:10:46 2025 GMT
            Not After : Feb 18 23:59:59 2026 GMT
        Subject: serialNumber=0c200b2378dbec1a838211dc0360962665871d8e4bfd7ef661af4039114e5f0b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:d2:7a:a0:63:c8:12:8f:63:23:fd:10:8b:01:
                    a1:0e:44:b6:35:a4:fe:23:a7:1d:95:7c:32:61:dc:
                    d6:ea:27:ec:ef:88:26:d8:4f:b1:44:2d:ca:4f:92:
                    53:1f:3f:d0:48:05:e8:d0:38:90:f6:cb:c9:9c:08:
                    20:16:0b:5e:93:82:65:47:b3:ea:a7:7c:96:45:6f:
                    8f:19:a2:ed:f6:e2:91:ac:5f:8e:d2:2b:5e:30:5f:
                    70:5f:6f:0f:80:04:d2:67:67:87:a0:27:4c:0d:cc:
                    68:39:2d:74:82:33:42:13:20:54:0c:45:f9:fc:82:
                    6a:78:29:dd:dd:70:ea:1f:b7:08:4b:97:f9:80:77:
                    41:c3:0a:46:3d:9f:ce:78:3b:0e:c6:d0:11:9b:73:
                    d1:68:dd:c6:4e:ff:ba:af:b6:c6:25:57:10:68:55:
                    75:06:0f:74:73:91:44:25:d2:62:7a:38:eb:42:a1:
                    75:f0:45:fc:d0:ef:66:56:85:c9:46:98:ce:b1:9a:
                    b9:00:a6:8e:e0:42:0a:d1:7d:fd:1c:cd:55:e2:91:
                    5d:5b:96:6d:bf:00:91:10:1e:53:7b:20:89:9c:6b:
                    5b:2a:45:58:eb:40:65:ef:8a:10:c0:91:7f:79:19:
                    24:06:c7:a5:af:88:dc:49:e7:fb:60:06:19:4f:26:
                    38:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:61:03:DA:0F:CC:1B:89:28:D6:2B:FA:F5:92:80:7F:0A:CF:91:33
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f0dc6def-824b-44e4-953e-03bc03efa024.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  40.229.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         c2:a1:1a:19:97:30:35:db:ca:ba:c3:5b:56:00:3e:46:36:82:
         fd:b9:2f:45:89:9d:12:5c:30:51:00:2e:01:78:3f:03:ab:3f:
         df:39:8c:41:e0:48:b3:17:e7:18:db:13:08:6f:24:40:11:51:
         93:10:64:c3:5f:61:3d:55:4b:47:6a:66:bb:b4:e4:2b:2f:25:
         1b:b5:83:85:0b:74:c9:d9:c9:01:0e:18:8e:4b:82:5a:05:2e:
         d2:76:22:9e:b2:50:3e:bb:00:5e:03:29:b1:b0:67:f2:fa:78:
         8e:3b:9d:72:1a:0b:f6:af:6d:02:1e:0f:8a:d1:f7:31:73:a3:
         56:80:fa:d5:12:be:d7:29:2a:1c:9b:06:6b:52:ef:14:ad:c1:
         19:77:fd:96:2f:74:46:5d:64:96:98:eb:9d:8d:34:89:da:26:
         ea:84:b3:db:9f:0d:70:c6:3f:3e:6a:ef:05:4f:d6:aa:0c:e2:
         f7:36:a3:88:b9:48:7c:f2:f6:d3:3e:ba:d2:4d:a5:f9:22:d0:
         ab:78:e2:02:eb:c1:15:ff:cf:8a:ff:8c:77:b6:e8:df:ac:72:
         d6:53:0c:53:d2:f5:aa:2f:b3:71:ec:aa:08:50:da:9b:2f:e1:
         6b:3e:98:a3:a3:bf:0c:6a:64:6d:08:9c:2f:85:0a:54:cc:46:
         d3:35:66:04
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUSsJJiWsjDU4Q8hFJn59efas9EDAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTIwMDAxMDQ2WhcNMjYwMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AwYzIwMGIyMzc4ZGJlYzFhODM4MjExZGMwMzYwOTYyNjY1
ODcxZDhlNGJmZDdlZjY2MWFmNDAzOTExNGU1ZjBiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDR0nqgY8gSj2Mj/RCLAaEORLY1pP4jpx2VfDJh3NbqJ+zv
iCbYT7FELcpPklMfP9BIBejQOJD2y8mcCCAWC16TgmVHs+qnfJZFb48Zou324pGs
X47SK14wX3Bfbw+ABNJnZ4egJ0wNzGg5LXSCM0ITIFQMRfn8gmp4Kd3dcOoftwhL
l/mAd0HDCkY9n854Ow7G0BGbc9Fo3cZO/7qvtsYlVxBoVXUGD3RzkUQl0mJ6OOtC
oXXwRfzQ72ZWhclGmM6xmrkApo7gQgrRff0czVXikV1blm2/AJEQHlN7IImca1sq
RVjrQGXvihDAkX95GSQGx6WviNxJ5/tgBhlPJjg1AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQURWED2g/MG4ko1iv69ZKAfwrPkTMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2YwZGM2ZGVmLTgyNGItNDRlNC05NTNlLTAzYmMwM2VmYTAyNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAo5TANBgkqhkiG9w0BAQsFAAOCAQEAwqEaGZcwNdvKusNbVgA+RjaC/bkv
RYmdElwwUQAuAXg/A6s/3zmMQeBIsxfnGNsTCG8kQBFRkxBkw19hPVVLR2pmu7Tk
Ky8lG7WDhQt0ydnJAQ4YjkuCWgUu0nYinrJQPrsAXgMpsbBn8vp4jjudchoL9q9t
Ah4PitH3MXOjVoD61RK+1ykqHJsGa1LvFK3BGXf9li90Rl1klpjrnY00idom6oSz
258NcMY/PmrvBU/Wqgzi9zajiLlIfPL20z660k2l+SLQq3jiAuvBFf/Piv+Md7bo
36xy1lMMU9L1qi+zceyqCFDamy/haz6Yo6O/DGpkbQicL4UKVMxG0zVmBA==
-----END CERTIFICATE-----