This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/056c132e-4148-44cc-b263-a445ceafabdd.roa
File:                     056c132e-4148-44cc-b263-a445ceafabdd.roa (raw, json)
Hash identifier:          v4EbWT0JVmCmSkDqlebZdsENEaBs90FvN8ju7+Oh/AE=
Subject key identifier:   1A:36:DC:33:25:7A:60:84:98:6B:C2:43:CB:C8:7D:D2:8F:52:08:35
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       455EE83B38E751F60DF73E86993196F095E89612
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/056c132e-4148-44cc-b263-a445ceafabdd.roa
Signing time:             Wed 10 Dec 2025 02:01:20 +0000
ROA not before:           Wed 10 Dec 2025 02:01:20 +0000
ROA not after:            Tue 10 Mar 2026 23:59:59 +0000
asID:                     8987
IP address blocks:        18.253.64.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Dec 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:5e:e8:3b:38:e7:51:f6:0d:f7:3e:86:99:31:96:f0:95:e8:96:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Dec 10 02:01:20 2025 GMT
            Not After : Mar 10 23:59:59 2026 GMT
        Subject: serialNumber=b41dba1c6c4bea6c393f940d8cd5e5786e359655bd4401f333a14a669729b48a, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:5c:41:89:60:b2:b9:36:58:da:59:1a:5f:35:
                    89:27:d6:95:25:df:c5:10:50:06:fa:61:b4:fb:3a:
                    5a:02:27:e0:29:00:f5:25:90:80:9d:f4:3e:12:7d:
                    1c:cb:0c:02:bd:26:66:cc:f5:70:ea:c5:55:63:65:
                    d9:1b:dc:d1:80:b3:21:a7:e8:8f:fe:32:40:72:10:
                    4f:ef:0d:09:ba:0f:18:f7:6a:f8:ef:77:32:ed:88:
                    61:73:f0:59:05:7e:6e:00:d0:e6:07:3d:d9:84:cd:
                    35:92:f2:4e:a2:3f:5e:97:2c:96:50:a9:98:71:54:
                    2c:f7:8b:eb:a5:0b:43:96:70:c4:28:44:61:31:27:
                    08:b7:48:96:15:71:50:59:f4:82:ae:40:94:c8:ed:
                    e5:70:67:33:78:c6:20:ac:20:74:cf:1b:b3:88:ca:
                    89:17:8c:3b:20:90:b8:88:ed:92:ea:40:e8:eb:e1:
                    e1:5a:b0:34:cb:70:c4:3b:06:74:21:21:f9:77:cc:
                    b4:3d:d6:a5:68:53:d2:4f:ca:ff:7b:c9:af:b9:ae:
                    bf:4c:ed:a7:ea:4d:3f:d1:66:af:2c:47:9b:28:49:
                    59:c6:ed:40:ec:da:20:ef:c8:24:41:82:70:c8:b0:
                    cf:92:b9:35:c7:dd:cf:6a:ba:63:25:25:2a:72:01:
                    b2:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:36:DC:33:25:7A:60:84:98:6B:C2:43:CB:C8:7D:D2:8F:52:08:35
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/056c132e-4148-44cc-b263-a445ceafabdd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.253.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         4c:2e:2c:cb:0d:01:cb:8e:a6:bb:85:6b:34:4d:8b:6a:78:b3:
         32:7c:af:18:4f:6f:9c:60:dc:bf:d5:69:c0:6c:1b:bb:38:41:
         ee:d4:b0:70:f8:84:6f:3e:c5:2d:09:f4:05:69:f2:ce:0c:29:
         fc:14:a9:67:9d:09:65:ac:2a:60:3b:d2:e2:a1:30:51:d6:54:
         a3:94:9c:93:8c:1b:69:13:2a:7e:23:71:86:e6:a8:a5:85:70:
         fa:53:2e:09:13:e7:a2:67:d4:a2:8b:d8:ca:3d:d4:9c:60:30:
         b9:25:dc:19:c2:9b:7a:99:20:d1:62:51:cc:85:a3:1f:3e:ff:
         6c:2f:f4:03:17:d7:48:ea:4c:75:32:3c:e9:17:63:28:7b:f2:
         f8:dd:4f:bb:22:82:9e:37:c5:10:b3:08:d4:55:b4:88:b3:ab:
         2b:2c:b3:b2:64:cc:7b:f4:92:4e:30:bf:af:7b:be:7f:6f:7d:
         0b:69:de:68:37:62:cb:a5:31:9a:48:13:a7:9b:ea:27:51:ef:
         c0:42:26:e2:28:6d:88:a6:84:24:a4:41:95:f8:9d:4a:e1:22:
         36:ad:4c:a4:5d:7c:ba:25:d5:bf:11:0c:c9:77:85:7e:40:f4:
         23:37:0e:97:ab:57:97:db:7d:51:53:7c:ed:77:22:91:aa:d4:
         b4:65:59:4c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURV7oOzjnUfYN9z6GmTGW8JXolhIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMjEwMDIwMTIwWhcNMjYwMzEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BiNDFkYmExYzZjNGJlYTZjMzkzZjk0MGQ4Y2Q1ZTU3ODZl
MzU5NjU1YmQ0NDAxZjMzM2ExNGE2Njk3MjliNDhhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCEXEGJYLK5NljaWRpfNYkn1pUl38UQUAb6YbT7OloCJ+Ap
APUlkICd9D4SfRzLDAK9JmbM9XDqxVVjZdkb3NGAsyGn6I/+MkByEE/vDQm6Dxj3
avjvdzLtiGFz8FkFfm4A0OYHPdmEzTWS8k6iP16XLJZQqZhxVCz3i+ulC0OWcMQo
RGExJwi3SJYVcVBZ9IKuQJTI7eVwZzN4xiCsIHTPG7OIyokXjDsgkLiI7ZLqQOjr
4eFasDTLcMQ7BnQhIfl3zLQ91qVoU9JPyv97ya+5rr9M7afqTT/RZq8sR5soSVnG
7UDs2iDvyCRBgnDIsM+SuTXH3c9qumMlJSpyAbI1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUGjbcMyV6YISYa8JDy8h90o9SCDUwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzA1NmMxMzJlLTQxNDgtNDRjYy1iMjYzLWE0NDVjZWFmYWJkZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAYS/UAwDQYJKoZIhvcNAQELBQADggEBAEwuLMsNAcuOpruFazRNi2p4szJ8
rxhPb5xg3L/VacBsG7s4Qe7UsHD4hG8+xS0J9AVp8s4MKfwUqWedCWWsKmA70uKh
MFHWVKOUnJOMG2kTKn4jcYbmqKWFcPpTLgkT56Jn1KKL2Mo91JxgMLkl3BnCm3qZ
INFiUcyFox8+/2wv9AMX10jqTHUyPOkXYyh78vjdT7sigp43xRCzCNRVtIizqyss
s7JkzHv0kk4wv697vn9vfQtp3mg3YsulMZpIE6eb6idR78BCJuIobYimhCSkQZX4
nUrhIjatTKRdfLol1b8RDMl3hX5A9CM3DperV5fbfVFTfO13IpGq1LRlWUw=
-----END CERTIFICATE-----