This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/01d16c1b-49c2-40fe-bdae-b8e6e2bf8000.roa
File:                     01d16c1b-49c2-40fe-bdae-b8e6e2bf8000.roa (raw, json)
Hash identifier:          eTpO6UUirYql3pAqN0U9G/ATGS7BEPaMAQjJk2GEe2s=
Subject key identifier:   0F:54:1F:A6:7C:66:DD:48:08:FB:50:4B:66:A4:0B:4F:64:6E:C3:93
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       572980F0432ABB8EB7CD067636580A252210973D
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/01d16c1b-49c2-40fe-bdae-b8e6e2bf8000.roa
Signing time:             Sat 29 Nov 2025 02:21:08 +0000
ROA not before:           Sat 29 Nov 2025 02:21:08 +0000
ROA not after:            Fri 27 Feb 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        15.220.200.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 04 Dec 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:29:80:f0:43:2a:bb:8e:b7:cd:06:76:36:58:0a:25:22:10:97:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov 29 02:21:08 2025 GMT
            Not After : Feb 27 23:59:59 2026 GMT
        Subject: serialNumber=64896bf7a83d1d7d213bb488313ca8a564a8c936fce9c486685e9bfbf045e249, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:e5:83:28:9c:05:11:94:85:21:2b:60:97:74:
                    32:0c:58:13:66:11:bb:06:63:70:e8:38:ee:f2:41:
                    29:26:d1:8f:e6:d4:cc:e9:c6:ce:cf:04:f4:cd:8a:
                    9f:c6:ac:4f:d8:e5:ef:cc:fc:94:02:cc:2b:03:98:
                    75:72:a3:9c:95:71:f1:d0:46:65:47:a9:e6:7e:26:
                    55:25:6d:e0:b1:49:b6:65:8e:53:18:79:c6:1d:06:
                    3e:74:4b:aa:a0:18:fc:1e:b7:55:39:11:09:9b:04:
                    07:90:4a:73:ab:66:fc:db:8c:87:42:0a:40:62:ed:
                    b5:df:b7:dd:76:99:3d:73:61:82:61:28:89:de:c2:
                    26:91:3c:f6:a2:d3:69:5d:88:6c:6b:0d:82:30:57:
                    c4:f5:d2:ae:ca:3e:fd:b2:2e:34:ea:76:f1:0c:7e:
                    68:5a:7b:41:ff:2d:e8:7a:83:bf:cb:aa:1a:10:7d:
                    21:a8:c7:8d:b9:eb:37:04:58:8b:a9:1a:4d:5a:92:
                    da:e6:68:12:d5:60:3d:3e:23:ba:93:f8:23:29:de:
                    00:56:01:df:d4:40:29:6b:f2:d4:75:8a:74:b5:9a:
                    a5:1a:78:72:8c:db:2f:2c:dd:f7:cf:33:0c:25:14:
                    0b:c3:6f:b7:94:ef:f8:7b:cc:91:e1:08:a2:f4:97:
                    03:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:54:1F:A6:7C:66:DD:48:08:FB:50:4B:66:A4:0B:4F:64:6E:C3:93
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/01d16c1b-49c2-40fe-bdae-b8e6e2bf8000.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.220.200.0/23

    Signature Algorithm: sha256WithRSAEncryption
         b1:fe:2d:bb:ac:53:a7:37:7c:1e:65:3d:3d:52:4f:20:91:77:
         f2:ac:08:87:44:31:2c:14:cb:2f:15:22:d0:45:08:57:5c:85:
         1b:b3:34:2f:50:c3:d7:c9:52:72:75:0d:94:c8:96:80:95:82:
         84:d1:d4:38:22:45:9a:5f:ab:66:c2:ac:f7:5e:28:35:22:5a:
         62:42:a6:e3:8b:45:1d:70:2a:61:a3:91:6e:eb:ba:5b:82:0f:
         fa:ea:2e:a0:84:99:37:a4:64:62:a5:93:94:15:ee:d6:73:f3:
         4c:cc:83:9a:a8:60:a8:c6:89:16:29:b7:dc:53:5e:43:a5:4d:
         0e:4f:cc:99:12:6f:0c:cb:f1:7d:15:08:2a:57:70:42:56:d2:
         15:97:e7:24:2c:4c:ee:b7:b0:f2:aa:64:5b:90:43:81:8e:52:
         fd:66:9e:d7:a4:08:66:e9:06:19:6c:28:ce:33:17:8a:1d:f2:
         13:09:44:bd:31:be:07:42:f3:95:42:b9:7c:51:5b:ce:7b:50:
         12:e0:00:b0:d1:d6:d8:2f:d4:1f:b4:14:33:96:79:04:6e:ef:
         ec:13:e0:55:55:5e:0c:2e:3f:76:3d:cd:07:71:1e:61:6d:f6:
         7a:f8:e2:97:e0:53:48:98:b8:cf:dc:7a:e5:be:81:ba:89:82:
         a7:f5:1f:7a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVymA8EMqu463zQZ2NlgKJSIQlz0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTI5MDIyMTA4WhcNMjYwMjI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A2NDg5NmJmN2E4M2QxZDdkMjEzYmI0ODgzMTNjYThhNTY0
YThjOTM2ZmNlOWM0ODY2ODVlOWJmYmYwNDVlMjQ5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCm5YMonAURlIUhK2CXdDIMWBNmEbsGY3DoOO7yQSkm0Y/m
1Mzpxs7PBPTNip/GrE/Y5e/M/JQCzCsDmHVyo5yVcfHQRmVHqeZ+JlUlbeCxSbZl
jlMYecYdBj50S6qgGPwet1U5EQmbBAeQSnOrZvzbjIdCCkBi7bXft912mT1zYYJh
KInewiaRPPai02ldiGxrDYIwV8T10q7KPv2yLjTqdvEMfmhae0H/Leh6g7/LqhoQ
fSGox4256zcEWIupGk1aktrmaBLVYD0+I7qT+CMp3gBWAd/UQClr8tR1inS1mqUa
eHKM2y8s3ffPMwwlFAvDb7eU7/h7zJHhCKL0lwNpAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUD1Qfpnxm3UgI+1BLZqQLT2Ruw5MwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzAxZDE2YzFiLTQ5YzItNDBmZS1iZGFlLWI4ZTZlMmJmODAwMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEP3MgwDQYJKoZIhvcNAQELBQADggEBALH+LbusU6c3fB5lPT1STyCRd/Ks
CIdEMSwUyy8VItBFCFdchRuzNC9Qw9fJUnJ1DZTIloCVgoTR1DgiRZpfq2bCrPde
KDUiWmJCpuOLRR1wKmGjkW7ruluCD/rqLqCEmTekZGKlk5QV7tZz80zMg5qoYKjG
iRYpt9xTXkOlTQ5PzJkSbwzL8X0VCCpXcEJW0hWX5yQsTO63sPKqZFuQQ4GOUv1m
ntekCGbpBhlsKM4zF4od8hMJRL0xvgdC85VCuXxRW857UBLgALDR1tgv1B+0FDOW
eQRu7+wT4FVVXgwuP3Y9zQdxHmFt9nr44pfgU0iYuM/ceuW+gbqJgqf1H3o=
-----END CERTIFICATE-----