This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/056c132e-4148-44cc-b263-a445ceafabdd.roa
File:                     056c132e-4148-44cc-b263-a445ceafabdd.roa (raw, json)
Hash identifier:          dGPhvlhGkMgTk2U20oO+dW9JC/QjpN71BALi2I2Es2I=
Subject key identifier:   2C:7C:2F:30:D3:B0:66:A1:5A:54:09:84:47:07:0B:FD:1D:24:C5:FD
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       2613C7C5769499E5A7904FF4A4467514DA4181B2
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/056c132e-4148-44cc-b263-a445ceafabdd.roa
Signing time:             Sat 15 Nov 2025 02:11:11 +0000
ROA not before:           Sat 15 Nov 2025 02:11:11 +0000
ROA not after:            Sat 20 Dec 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        18.253.64.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 22 Nov 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:13:c7:c5:76:94:99:e5:a7:90:4f:f4:a4:46:75:14:da:41:81:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov 15 02:11:11 2025 GMT
            Not After : Dec 20 23:59:59 2025 GMT
        Subject: serialNumber=f323815f8e4c3bd0d4b58bb8f8ae2bd82c8fcb368067a7c97029504cec2ce919, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:a5:b9:0a:af:24:50:0e:9c:83:01:70:54:3e:
                    f0:9d:49:48:e3:33:7e:3e:8e:40:ad:3e:2c:cf:d6:
                    06:e8:ee:5e:c6:41:e4:6c:25:9c:37:3d:7e:39:32:
                    cd:b1:8a:c1:80:94:96:67:09:fc:60:62:5a:80:b8:
                    c5:7e:97:0c:82:35:a5:8f:62:a9:79:8e:5a:4d:8d:
                    c4:ee:74:27:14:85:0d:0a:91:cf:63:17:40:c3:75:
                    cb:23:a4:42:73:2d:ed:3f:ce:70:f5:c6:0b:f7:49:
                    69:45:cc:dc:ac:ce:0f:86:2f:8f:e9:88:89:58:d6:
                    cc:82:4f:e2:3f:ab:1e:5b:64:47:d2:46:7e:e9:49:
                    bc:5d:5c:de:9d:34:82:f2:f8:38:cd:46:03:c7:c4:
                    a8:b5:98:68:cb:65:b9:05:0a:39:40:1f:e8:97:33:
                    48:36:77:4a:b7:5e:20:20:4c:76:18:d7:05:5f:cb:
                    7b:8e:8a:84:85:63:81:95:58:5d:2a:22:1a:55:a3:
                    2e:9f:92:4a:29:c5:d5:2a:71:b1:61:01:e3:c4:cc:
                    a7:24:4c:21:d3:0a:02:f9:ba:7d:74:58:da:fc:a3:
                    00:2e:f8:d0:e6:e5:94:f0:bc:26:7c:d2:47:67:06:
                    dd:c8:d5:fe:41:1c:d3:89:e2:31:1f:7e:b0:ce:4a:
                    33:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:7C:2F:30:D3:B0:66:A1:5A:54:09:84:47:07:0B:FD:1D:24:C5:FD
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/056c132e-4148-44cc-b263-a445ceafabdd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.253.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         0f:1b:35:11:ea:32:61:c5:89:32:40:e2:49:b2:e3:80:9e:ed:
         e7:ac:23:45:fc:0e:e6:62:d0:6e:21:61:5f:e3:bc:f2:b5:09:
         b1:2f:20:ec:fd:1f:a9:c1:10:3b:40:1a:d3:32:22:36:4a:74:
         b3:cf:b5:a1:c7:e0:81:c6:17:9b:42:a8:9f:99:f5:06:df:23:
         1c:41:c8:fe:28:74:d5:9b:eb:7a:68:91:1d:09:98:b6:f0:6b:
         c1:62:86:2f:a3:39:c3:91:2a:42:4b:62:6b:e5:b6:61:d4:43:
         ec:03:5b:06:91:cd:91:16:e1:58:34:e9:2d:b7:f1:75:d5:90:
         10:48:a5:89:c5:30:c5:1b:1f:11:a6:1c:a5:30:9a:4f:e8:c9:
         be:be:9c:78:cf:60:91:5f:5a:b5:be:09:87:3f:45:d4:21:68:
         05:20:54:3d:69:b6:a2:ad:82:65:36:b1:9e:f0:67:cb:fb:e9:
         e1:a1:1a:48:e0:52:09:da:92:99:05:cf:e3:a4:84:e7:19:70:
         1f:b2:fd:18:68:29:ee:e9:c2:d8:dd:a1:24:5a:21:f6:11:77:
         77:ac:ee:0d:05:ae:ed:5b:b2:88:9d:1d:b9:0f:f6:88:2d:8b:
         1d:dc:ce:e7:29:dc:b4:55:80:35:f8:52:ee:fb:f6:6b:08:07:
         30:73:cb:7e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJhPHxXaUmeWnkE/0pEZ1FNpBgbIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTE1MDIxMTExWhcNMjUxMjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0BmMzIzODE1ZjhlNGMzYmQwZDRiNThiYjhmOGFlMmJkODJj
OGZjYjM2ODA2N2E3Yzk3MDI5NTA0Y2VjMmNlOTE5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDDpbkKryRQDpyDAXBUPvCdSUjjM34+jkCtPizP1gbo7l7G
QeRsJZw3PX45Ms2xisGAlJZnCfxgYlqAuMV+lwyCNaWPYql5jlpNjcTudCcUhQ0K
kc9jF0DDdcsjpEJzLe0/znD1xgv3SWlFzNyszg+GL4/piIlY1syCT+I/qx5bZEfS
Rn7pSbxdXN6dNILy+DjNRgPHxKi1mGjLZbkFCjlAH+iXM0g2d0q3XiAgTHYY1wVf
y3uOioSFY4GVWF0qIhpVoy6fkkopxdUqcbFhAePEzKckTCHTCgL5un10WNr8owAu
+NDm5ZTwvCZ80kdnBt3I1f5BHNOJ4jEffrDOSjMvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQULHwvMNOwZqFaVAmERwcL/R0kxf0wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzA1NmMxMzJlLTQxNDgtNDRjYy1iMjYzLWE0NDVjZWFmYWJkZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAYS/UAwDQYJKoZIhvcNAQELBQADggEBAA8bNRHqMmHFiTJA4kmy44Ce7ees
I0X8DuZi0G4hYV/jvPK1CbEvIOz9H6nBEDtAGtMyIjZKdLPPtaHH4IHGF5tCqJ+Z
9QbfIxxByP4odNWb63pokR0JmLbwa8Fihi+jOcORKkJLYmvltmHUQ+wDWwaRzZEW
4Vg06S238XXVkBBIpYnFMMUbHxGmHKUwmk/oyb6+nHjPYJFfWrW+CYc/RdQhaAUg
VD1ptqKtgmU2sZ7wZ8v76eGhGkjgUgnakpkFz+OkhOcZcB+y/RhoKe7pwtjdoSRa
IfYRd3es7g0Fru1bsoidHbkP9ogtix3czucp3LRVgDX4Uu779msIBzBzy34=
-----END CERTIFICATE-----