This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ee072b22-d511-4e36-bf63-9dea3fed9955.roa
File:                     ee072b22-d511-4e36-bf63-9dea3fed9955.roa (raw, json)
Hash identifier:          f5k0gx/DOPQkPp35oe/wo5hLiU1LSM2/gQcO9vMzCfs=
Subject key identifier:   60:BC:F6:3B:97:02:DC:32:99:6E:23:AD:8F:F1:AA:BA:71:6F:67:0A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4EEB5E17B5327D6EFA4D1ACEF430000D55869ECC
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ee072b22-d511-4e36-bf63-9dea3fed9955.roa
Signing time:             Wed 10 Dec 2025 00:00:13 +0000
ROA not before:           Wed 10 Dec 2025 00:00:13 +0000
ROA not after:            Tue 10 Mar 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        56.40.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 03 Jan 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:eb:5e:17:b5:32:7d:6e:fa:4d:1a:ce:f4:30:00:0d:55:86:9e:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 10 00:00:13 2025 GMT
            Not After : Mar 10 23:59:59 2026 GMT
        Subject: serialNumber=475ece7daa4acaf8d82169d1c6d3af14dfd16a6d5f55df725fa6b6c76b9cbe0b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:28:29:5f:5b:c8:d9:8a:26:ca:e1:cd:bf:fe:
                    4a:12:ff:d0:bb:19:9c:19:4a:5d:75:0b:d0:76:0a:
                    38:db:3a:26:87:75:0f:a5:e1:05:3e:05:4e:19:9d:
                    18:28:29:4b:a3:a6:8a:df:65:55:2d:4a:ed:10:14:
                    ae:60:76:5f:8b:f0:c6:e7:05:14:32:37:df:2e:8c:
                    af:5c:9c:31:e8:71:05:c1:b9:21:0e:e8:7a:c5:c7:
                    e2:11:7a:6c:53:b8:45:40:8b:fd:c4:8d:00:79:ed:
                    6d:c6:ce:eb:b9:fd:0a:da:02:76:a4:83:82:fe:7b:
                    e7:79:07:fd:a8:86:ee:0a:ed:23:01:5b:b2:d8:36:
                    9d:b9:ac:3b:a9:28:51:81:10:0a:31:6e:ac:e6:2f:
                    01:d6:12:40:6e:b7:37:2a:23:ee:fb:3f:f9:fa:c0:
                    e9:57:f9:4d:80:1c:da:4f:f8:6e:08:87:e1:c3:96:
                    17:3c:2d:3c:cf:94:70:79:fb:02:68:e9:91:58:eb:
                    c9:2a:4d:f3:c4:15:75:71:d4:d6:fa:44:91:12:6d:
                    81:89:33:61:57:78:af:91:c4:a4:f4:2e:9c:4c:41:
                    b3:08:89:37:73:83:67:e8:b6:7a:b0:6c:67:e3:99:
                    6e:27:7c:0f:68:66:a7:c0:e5:52:44:18:75:33:58:
                    a4:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:BC:F6:3B:97:02:DC:32:99:6E:23:AD:8F:F1:AA:BA:71:6F:67:0A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ee072b22-d511-4e36-bf63-9dea3fed9955.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.40.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         a1:0d:2a:21:13:e7:99:36:70:db:97:a2:9a:41:73:85:8f:7c:
         58:b1:d0:ae:6f:f2:c5:c5:ca:06:9a:f2:05:3d:fe:86:92:7f:
         0b:92:65:81:02:10:4d:54:56:59:d0:8e:b9:61:e1:32:fe:b0:
         9e:7b:40:64:f9:12:3b:36:80:25:84:33:34:1b:65:ad:90:b5:
         37:70:34:8c:ff:f6:d0:b0:8f:3e:62:7a:d7:38:20:90:e4:3c:
         68:c9:d9:20:8d:6e:9f:98:52:fb:0a:d0:2a:67:99:a0:43:f3:
         26:c4:46:6f:e4:1e:de:a1:3e:0f:25:5a:a1:af:e9:b2:3a:b6:
         d1:04:f5:de:7b:fe:ba:60:a5:59:cc:ee:6d:7e:20:62:2e:82:
         dc:38:d7:51:58:46:f3:29:97:c5:d4:73:48:b7:f0:33:9e:d5:
         3c:04:bb:4f:6b:e6:b7:e1:a3:04:69:4e:72:dd:05:5d:53:67:
         42:ed:4c:98:6f:11:55:ee:19:0e:47:68:1c:29:17:b0:2a:f8:
         44:8b:98:cd:48:31:5f:14:ae:5a:ca:23:f1:4e:3e:ea:84:aa:
         da:88:b6:e2:58:b2:97:1b:a5:d2:4b:96:73:13:99:67:a3:d3:
         39:fb:c3:82:3e:65:50:ec:b6:1f:25:ea:1c:f3:84:e0:5c:81:
         a6:80:13:c6
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUTuteF7UyfW76TRrO9DAADVWGnswwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMjEwMDAwMDEzWhcNMjYwMzEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A0NzVlY2U3ZGFhNGFjYWY4ZDgyMTY5ZDFjNmQzYWYxNGRm
ZDE2YTZkNWY1NWRmNzI1ZmE2YjZjNzZiOWNiZTBiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzKClfW8jZiibK4c2//koS/9C7GZwZSl11C9B2CjjbOiaH
dQ+l4QU+BU4ZnRgoKUujporfZVUtSu0QFK5gdl+L8MbnBRQyN98ujK9cnDHocQXB
uSEO6HrFx+IRemxTuEVAi/3EjQB57W3Gzuu5/QraAnakg4L+e+d5B/2ohu4K7SMB
W7LYNp25rDupKFGBEAoxbqzmLwHWEkButzcqI+77P/n6wOlX+U2AHNpP+G4Ih+HD
lhc8LTzPlHB5+wJo6ZFY68kqTfPEFXVx1Nb6RJESbYGJM2FXeK+RxKT0LpxMQbMI
iTdzg2fotnqwbGfjmW4nfA9oZqfA5VJEGHUzWKTtAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUYLz2O5cC3DKZbiOtj/GqunFvZwowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2VlMDcyYjIyLWQ1MTEtNGUzNi1iZjYzLTlkZWEzZmVkOTk1NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4KDANBgkqhkiG9w0BAQsFAAOCAQEAoQ0qIRPnmTZw25eimkFzhY98WLHQ
rm/yxcXKBpryBT3+hpJ/C5JlgQIQTVRWWdCOuWHhMv6wnntAZPkSOzaAJYQzNBtl
rZC1N3A0jP/20LCPPmJ61zggkOQ8aMnZII1un5hS+wrQKmeZoEPzJsRGb+Qe3qE+
DyVaoa/psjq20QT13nv+umClWczubX4gYi6C3DjXUVhG8ymXxdRzSLfwM57VPAS7
T2vmt+GjBGlOct0FXVNnQu1MmG8RVe4ZDkdoHCkXsCr4RIuYzUgxXxSuWsoj8U4+
6oSq2oi24liylxul0kuWcxOZZ6PTOfvDgj5lUOy2HyXqHPOE4FyBpoATxg==
-----END CERTIFICATE-----