This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/126de986-01c8-490c-bf22-c5770a1efd7c.roa
File:                     126de986-01c8-490c-bf22-c5770a1efd7c.roa (raw, json)
Hash identifier:          ofr8/ydwZ7w4+hV7dw7IEPQ/gfcfaUl67vShWYnfX0k=
Subject key identifier:   FB:25:06:76:33:3E:CC:E1:DE:9D:72:C9:D5:88:9F:C2:75:E5:6A:92
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       092B9114727FA8B0B8A5FE9C42354D7BA801F42D
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/126de986-01c8-490c-bf22-c5770a1efd7c.roa
Signing time:             Mon 10 Nov 2025 01:00:57 +0000
ROA not before:           Mon 10 Nov 2025 01:00:57 +0000
ROA not after:            Mon 15 Dec 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        54.196.0.0/15 maxlen: 15
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 22 Nov 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:2b:91:14:72:7f:a8:b0:b8:a5:fe:9c:42:35:4d:7b:a8:01:f4:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov 10 01:00:57 2025 GMT
            Not After : Dec 15 23:59:59 2025 GMT
        Subject: serialNumber=482566b5c669c8c261479c6077cdceec369f681d0ed5c41e9c092d2b46889cc0, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:33:05:3a:d0:8b:c2:c6:1a:71:e0:2b:33:3c:
                    53:e3:7c:6c:20:38:5a:7a:72:08:94:d2:a5:a2:5b:
                    b5:14:d6:1d:05:3d:30:66:a1:43:96:e4:e5:2f:fe:
                    19:17:0d:a2:97:ab:a8:ee:1a:87:2c:b2:87:23:05:
                    19:a9:29:6e:9c:57:ca:93:81:42:5f:b0:35:af:c6:
                    1d:0d:0e:9d:86:44:cd:ea:46:5a:b2:b5:f5:dd:7f:
                    bd:e4:78:3b:fe:54:1d:1b:63:82:8e:7f:87:57:12:
                    00:d6:d3:cd:be:2d:93:4b:24:7c:ba:f8:72:e7:f5:
                    bc:09:b3:ce:3b:c4:13:43:d4:d3:57:ed:1c:72:45:
                    c6:23:71:71:13:2f:f1:fe:31:5e:d8:64:a5:c8:b5:
                    a9:1c:60:97:0b:27:f1:ba:d2:67:bf:00:4c:d1:c6:
                    09:34:35:05:87:4a:86:1c:a5:98:b9:32:eb:05:a6:
                    df:db:5a:e2:4a:3b:ed:02:32:50:6b:35:01:d5:87:
                    9e:0d:a9:9b:42:bd:6e:09:c2:6d:5e:2b:00:fb:89:
                    c8:5e:75:5c:73:48:bb:4f:72:7e:71:a2:1a:7b:b7:
                    fa:91:3f:43:ce:0c:2c:86:b9:21:51:ab:97:3a:8c:
                    10:69:1f:3f:bc:43:3f:84:c1:5f:1b:af:c3:ce:15:
                    96:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:25:06:76:33:3E:CC:E1:DE:9D:72:C9:D5:88:9F:C2:75:E5:6A:92
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/126de986-01c8-490c-bf22-c5770a1efd7c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.196.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         1c:9e:c8:9e:31:4b:b7:bb:a6:77:96:e7:08:43:bb:4f:05:db:
         3d:c1:06:df:43:fa:e4:24:7c:b4:fc:b9:16:e1:f4:3e:b7:ec:
         11:af:42:65:29:1d:e4:f6:db:00:e8:ce:10:12:93:6f:c8:46:
         79:06:57:5e:c6:56:b9:a1:55:4e:92:86:73:c6:04:51:b3:58:
         55:4e:b3:0e:4a:cc:e3:47:cf:dd:28:4b:05:f7:a0:a0:0e:45:
         ba:f3:be:55:e3:67:9b:d1:d3:8e:50:7e:8d:51:19:4c:b6:94:
         47:bd:7d:69:cf:1b:25:1d:ec:b0:2e:a2:af:13:02:b7:8d:56:
         9e:32:77:d1:60:53:8e:94:5b:0f:d4:dc:5c:6f:74:f7:80:63:
         e0:2b:c6:d3:e9:33:75:ec:5f:7e:6b:73:aa:4d:44:33:2e:63:
         35:90:81:3c:7d:a5:75:c6:51:e3:d3:fc:c2:00:65:07:37:d0:
         3c:2a:7c:aa:b7:9b:92:c9:59:33:de:e6:e7:f0:4e:17:1b:1d:
         9e:04:c5:79:3a:fd:8d:ef:be:33:0e:b7:98:21:30:78:55:85:
         c2:31:a1:c7:b3:22:48:09:c9:58:e7:fc:7b:d5:ec:f8:af:84:
         00:a6:2d:b4:8e:5c:86:c9:7d:ba:c0:ff:77:35:0e:c1:a3:2b:
         a1:bd:c6:1f
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUCSuRFHJ/qLC4pf6cQjVNe6gB9C0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTEwMDEwMDU3WhcNMjUxMjE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A0ODI1NjZiNWM2NjljOGMyNjE0NzljNjA3N2NkY2VlYzM2
OWY2ODFkMGVkNWM0MWU5YzA5MmQyYjQ2ODg5Y2MwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCwMwU60IvCxhpx4CszPFPjfGwgOFp6cgiU0qWiW7UU1h0F
PTBmoUOW5OUv/hkXDaKXq6juGocssocjBRmpKW6cV8qTgUJfsDWvxh0NDp2GRM3q
RlqytfXdf73keDv+VB0bY4KOf4dXEgDW082+LZNLJHy6+HLn9bwJs847xBND1NNX
7RxyRcYjcXETL/H+MV7YZKXItakcYJcLJ/G60me/AEzRxgk0NQWHSoYcpZi5MusF
pt/bWuJKO+0CMlBrNQHVh54NqZtCvW4Jwm1eKwD7ichedVxzSLtPcn5xohp7t/qR
P0PODCyGuSFRq5c6jBBpHz+8Qz+EwV8br8POFZZ3AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU+yUGdjM+zOHenXLJ1YifwnXlapIwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzEyNmRlOTg2LTAxYzgtNDkwYy1iZjIyLWM1NzcwYTFlZmQ3Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwE2xDANBgkqhkiG9w0BAQsFAAOCAQEAHJ7InjFLt7umd5bnCEO7TwXbPcEG
30P65CR8tPy5FuH0PrfsEa9CZSkd5PbbAOjOEBKTb8hGeQZXXsZWuaFVTpKGc8YE
UbNYVU6zDkrM40fP3ShLBfegoA5FuvO+VeNnm9HTjlB+jVEZTLaUR719ac8bJR3s
sC6irxMCt41WnjJ30WBTjpRbD9TcXG9094Bj4CvG0+kzdexffmtzqk1EMy5jNZCB
PH2ldcZR49P8wgBlBzfQPCp8qrebkslZM97m5/BOFxsdngTFeTr9je++Mw63mCEw
eFWFwjGhx7MiSAnJWOf8e9Xs+K+EAKYttI5chsl9usD/dzUOwaMrob3GHw==
-----END CERTIFICATE-----