This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0fb5e281-d545-4001-97fa-007bbac7fd98.roa
File:                     0fb5e281-d545-4001-97fa-007bbac7fd98.roa (raw, json)
Hash identifier:          QbdrD91+6acOw2LStpba34V3WL24LeeEJWMqq3/Gd54=
Subject key identifier:   8B:FE:91:70:F0:73:16:BD:D2:AA:A5:CD:86:50:32:C6:81:CA:A4:19
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       61A5D72CB74CC232012A0092030D7AC0B9EE57E2
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0fb5e281-d545-4001-97fa-007bbac7fd98.roa
Signing time:             Sat 15 Nov 2025 04:30:50 +0000
ROA not before:           Sat 15 Nov 2025 04:30:50 +0000
ROA not after:            Sat 20 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        152.25.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 20 Nov 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:a5:d7:2c:b7:4c:c2:32:01:2a:00:92:03:0d:7a:c0:b9:ee:57:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov 15 04:30:50 2025 GMT
            Not After : Dec 20 23:59:59 2025 GMT
        Subject: serialNumber=ff608331ffefd0921bcaa995c77f84c9fed4d0d4411cb5857ec24a188c09d7fa, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:11:3c:99:6f:c0:cf:69:93:2b:37:43:af:8e:
                    25:38:06:9a:03:ce:4b:b3:cb:b7:be:f4:44:73:f3:
                    6f:63:72:4f:64:a5:1a:38:7a:3a:cc:4c:d4:96:72:
                    1c:59:c1:83:5f:2a:77:8f:32:46:e6:67:90:52:08:
                    2e:44:da:fa:06:31:f1:25:5c:90:6c:d6:67:22:c3:
                    d3:1f:df:ba:60:df:b4:e1:01:41:3d:9e:11:34:32:
                    6c:cb:ea:6c:85:61:50:f8:b6:aa:73:a5:34:c1:6e:
                    fe:00:d9:63:bf:31:a2:d7:3e:2a:3e:c1:5f:c3:4d:
                    3c:3f:ed:d9:43:99:5f:4c:08:37:d1:58:04:56:45:
                    60:ab:db:ee:3f:38:57:90:03:ed:98:b9:07:9c:95:
                    f8:56:b0:a2:e0:c9:00:d8:c4:cb:3d:bc:1a:09:38:
                    b2:f8:88:2a:59:b9:18:c9:21:86:f4:9b:57:cc:a3:
                    96:46:ac:a3:11:10:92:fc:1e:57:a0:04:df:bb:46:
                    ae:6f:c1:d0:90:50:34:94:05:0a:dd:46:3a:22:ce:
                    17:a3:34:3b:30:77:76:ee:6e:b2:ca:db:5d:d7:27:
                    ec:c2:0e:5f:66:80:25:27:c5:9f:9a:43:a6:fa:6a:
                    fc:0a:03:1f:a5:8a:e8:fb:33:ab:2c:a9:15:62:7f:
                    e4:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:FE:91:70:F0:73:16:BD:D2:AA:A5:CD:86:50:32:C6:81:CA:A4:19
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0fb5e281-d545-4001-97fa-007bbac7fd98.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  152.25.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         69:79:64:4e:2a:47:e2:c7:20:0e:7a:15:a2:8c:36:f8:36:27:
         ec:49:43:f4:c3:5d:3b:e9:84:f2:d9:d2:50:18:c9:3b:a1:87:
         5c:b2:41:0a:d1:98:43:c7:95:97:d6:f2:2e:b6:28:0c:5c:e7:
         9c:34:08:5f:e5:26:95:53:9f:62:47:31:23:9f:11:98:00:dc:
         32:5e:d8:8c:39:b9:8c:63:3c:8e:71:f9:48:53:38:cd:a9:0e:
         dd:ff:27:1e:0c:18:20:a0:6a:1d:44:90:20:33:73:78:e8:3b:
         70:82:9d:8e:a7:47:1f:b3:f7:4b:a8:49:18:48:92:b1:6c:af:
         0e:b8:42:0d:8c:99:4e:47:e1:2f:c8:10:93:8a:83:78:6d:20:
         c2:35:bd:de:c9:b2:da:23:b2:cd:53:4e:e3:53:58:fd:8b:f9:
         a1:37:85:8e:b0:aa:cb:25:9b:23:6d:b1:16:bb:39:e4:60:52:
         a3:06:5d:bc:f4:24:30:ac:69:d3:02:fb:ef:0d:e1:6d:b3:82:
         bf:08:ed:35:8b:47:3a:94:e7:08:9b:cf:d2:58:b1:83:7f:77:
         1c:e4:e4:7e:57:03:87:9d:a0:62:c4:a5:db:81:d3:e4:cd:7f:
         b0:6a:a6:6b:af:cb:f7:6d:f3:b4:88:db:cc:31:ab:0a:50:c4:
         7c:aa:06:f7
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUYaXXLLdMwjIBKgCSAw16wLnuV+IwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTE1MDQzMDUwWhcNMjUxMjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0BmZjYwODMzMWZmZWZkMDkyMWJjYWE5OTVjNzdmODRjOWZl
ZDRkMGQ0NDExY2I1ODU3ZWMyNGExODhjMDlkN2ZhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCsETyZb8DPaZMrN0OvjiU4BpoDzkuzy7e+9ERz829jck9k
pRo4ejrMTNSWchxZwYNfKnePMkbmZ5BSCC5E2voGMfElXJBs1mciw9Mf37pg37Th
AUE9nhE0MmzL6myFYVD4tqpzpTTBbv4A2WO/MaLXPio+wV/DTTw/7dlDmV9MCDfR
WARWRWCr2+4/OFeQA+2YuQeclfhWsKLgyQDYxMs9vBoJOLL4iCpZuRjJIYb0m1fM
o5ZGrKMREJL8HlegBN+7Rq5vwdCQUDSUBQrdRjoizhejNDswd3bubrLK213XJ+zC
Dl9mgCUnxZ+aQ6b6avwKAx+liuj7M6ssqRVif+SDAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUi/6RcPBzFr3SqqXNhlAyxoHKpBkwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzBmYjVlMjgxLWQ1NDUtNDAwMS05N2ZhLTAwN2JiYWM3ZmQ5OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCYGTANBgkqhkiG9w0BAQsFAAOCAQEAaXlkTipH4scgDnoVoow2+DYn7ElD
9MNdO+mE8tnSUBjJO6GHXLJBCtGYQ8eVl9byLrYoDFznnDQIX+UmlVOfYkcxI58R
mADcMl7YjDm5jGM8jnH5SFM4zakO3f8nHgwYIKBqHUSQIDNzeOg7cIKdjqdHH7P3
S6hJGEiSsWyvDrhCDYyZTkfhL8gQk4qDeG0gwjW93smy2iOyzVNO41NY/Yv5oTeF
jrCqyyWbI22xFrs55GBSowZdvPQkMKxp0wL77w3hbbOCvwjtNYtHOpTnCJvP0lix
g393HOTkflcDh52gYsSl24HT5M1/sGqma6/L923ztIjbzDGrClDEfKoG9w==
-----END CERTIFICATE-----