This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/65258b34-5141-4495-8461-b0210b9b4965.roa
File:                     65258b34-5141-4495-8461-b0210b9b4965.roa (raw, json)
Hash identifier:          XmHxaSJL8kXkBw4fGF/A2lwY8d479qHPnzWX59Y+uF0=
Subject key identifier:   AD:A3:F6:2B:47:DE:68:97:17:95:DA:77:6E:2C:95:24:12:29:DD:C7
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1CB04BF5C02254998B47CB10CFC80569FFB28E42
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/65258b34-5141-4495-8461-b0210b9b4965.roa
Signing time:             Thu 11 Dec 2025 00:01:17 +0000
ROA not before:           Thu 11 Dec 2025 00:01:17 +0000
ROA not after:            Wed 11 Mar 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        56.164.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 03 Jan 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1c:b0:4b:f5:c0:22:54:99:8b:47:cb:10:cf:c8:05:69:ff:b2:8e:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 11 00:01:17 2025 GMT
            Not After : Mar 11 23:59:59 2026 GMT
        Subject: serialNumber=e2f17b37c405bdf76b7361898135589ed46e6007259c9fa9d2171903bb1ba653, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:16:21:99:92:39:44:5d:dd:ac:01:76:77:a7:
                    85:a7:43:a1:be:d6:95:3c:dd:3c:a9:ce:c1:a3:9a:
                    53:a9:66:04:77:15:de:c5:0b:a5:5e:da:3f:a5:fb:
                    7b:07:af:f4:1e:b4:62:f9:88:02:7b:77:5e:6d:e3:
                    eb:02:93:50:02:29:a5:71:e8:e8:cf:6e:ba:69:a2:
                    90:57:90:1c:b2:6e:55:19:07:57:5e:29:20:97:72:
                    1b:26:a0:37:46:52:39:b1:d1:e9:e1:8c:87:47:28:
                    79:4a:77:48:c2:35:7e:c9:74:80:58:9e:87:71:c9:
                    12:d7:ee:0a:bd:1f:e4:23:cd:eb:cb:8c:2b:01:bb:
                    c1:77:61:ec:e1:be:be:cd:27:1b:5c:58:36:7b:3d:
                    1e:7e:1d:d5:87:e1:f3:42:be:ee:f9:08:f2:4c:a4:
                    63:96:69:a7:ad:02:a8:84:72:dc:e1:b6:89:95:42:
                    11:42:33:36:2a:dc:42:e0:ba:87:ec:d9:f7:50:be:
                    b9:51:01:14:d4:8f:ea:ed:07:55:fd:4e:5f:88:b2:
                    58:0c:76:ba:d2:a6:dd:83:80:4e:68:94:fa:a4:a0:
                    92:e6:d7:a2:cd:65:ff:c5:7d:7c:26:dc:08:3f:21:
                    03:9e:0b:b1:ec:e7:4c:7c:8a:59:46:40:c2:6f:f7:
                    05:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:A3:F6:2B:47:DE:68:97:17:95:DA:77:6E:2C:95:24:12:29:DD:C7
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/65258b34-5141-4495-8461-b0210b9b4965.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.164.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         3e:7c:79:f2:44:a2:53:21:f3:32:a6:b4:65:b0:42:09:49:c2:
         32:b6:e0:ec:52:70:b1:b6:b6:a1:66:ae:92:48:e3:d7:ae:0a:
         08:01:b3:c0:5f:a3:1b:fc:45:cd:c3:50:83:9c:b9:f4:e4:3a:
         53:1f:5e:35:71:91:a9:23:ca:fe:11:00:cc:e4:fa:29:4d:d5:
         24:8c:b8:8d:67:73:f9:7b:32:3e:ea:8f:95:f3:cb:45:13:b0:
         54:af:6e:f7:f7:1a:b8:20:56:6c:7d:a1:34:53:39:4b:92:90:
         14:f8:25:bf:8a:df:04:2a:3c:f2:89:21:93:52:8a:44:59:1c:
         b5:19:a2:2e:2b:7b:c8:8b:9b:c8:79:b7:c3:9f:6f:7f:59:99:
         4b:f1:68:f9:57:02:0c:95:a4:5f:f7:77:90:87:c5:39:b7:54:
         a8:8c:58:95:6e:57:fc:de:6a:55:a0:2e:1d:1b:16:b0:f5:6d:
         4b:b5:f4:84:6f:56:c7:fc:74:e7:65:a6:eb:90:06:39:0b:9f:
         52:9d:bf:0d:2e:0b:8c:d7:a5:f6:cd:f5:ab:a3:34:95:bb:b6:
         56:1b:1e:48:bb:59:d9:0a:ef:ad:aa:e7:0c:28:00:62:b8:da:
         77:bf:b5:ed:97:8d:1f:9b:2a:8b:f0:a0:4c:3f:40:52:9c:83:
         aa:02:19:16
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUHLBL9cAiVJmLR8sQz8gFaf+yjkIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMjExMDAwMTE3WhcNMjYwMzExMjM1OTU5
WjB6MUkwRwYDVQQFE0BlMmYxN2IzN2M0MDViZGY3NmI3MzYxODk4MTM1NTg5ZWQ0
NmU2MDA3MjU5YzlmYTlkMjE3MTkwM2JiMWJhNjUzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDiFiGZkjlEXd2sAXZ3p4WnQ6G+1pU83TypzsGjmlOpZgR3
Fd7FC6Ve2j+l+3sHr/QetGL5iAJ7d15t4+sCk1ACKaVx6OjPbrppopBXkByyblUZ
B1deKSCXchsmoDdGUjmx0enhjIdHKHlKd0jCNX7JdIBYnodxyRLX7gq9H+QjzevL
jCsBu8F3Yezhvr7NJxtcWDZ7PR5+HdWH4fNCvu75CPJMpGOWaaetAqiEctzhtomV
QhFCMzYq3ELguofs2fdQvrlRARTUj+rtB1X9Tl+IslgMdrrSpt2DgE5olPqkoJLm
16LNZf/FfXwm3Ag/IQOeC7Hs50x8illGQMJv9wX9AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUraP2K0feaJcXldp3biyVJBIp3ccwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY1MjU4YjM0LTUxNDEtNDQ5NS04NDYxLWIwMjEwYjliNDk2NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4pDANBgkqhkiG9w0BAQsFAAOCAQEAPnx58kSiUyHzMqa0ZbBCCUnCMrbg
7FJwsba2oWaukkjj164KCAGzwF+jG/xFzcNQg5y59OQ6Ux9eNXGRqSPK/hEAzOT6
KU3VJIy4jWdz+XsyPuqPlfPLRROwVK9u9/cauCBWbH2hNFM5S5KQFPglv4rfBCo8
8okhk1KKRFkctRmiLit7yIubyHm3w59vf1mZS/Fo+VcCDJWkX/d3kIfFObdUqIxY
lW5X/N5qVaAuHRsWsPVtS7X0hG9Wx/x052Wm65AGOQufUp2/DS4LjNel9s31q6M0
lbu2VhseSLtZ2QrvrarnDCgAYrjad7+17ZeNH5sqi/CgTD9AUpyDqgIZFg==
-----END CERTIFICATE-----