This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1c67054c-b258-414c-a2d5-529dd737a58f.roa
File:                     1c67054c-b258-414c-a2d5-529dd737a58f.roa (raw, json)
Hash identifier:          UGf8A+f5vKmIriKxJgSrnJGFnWFrTrbSgivz+h+J+nk=
Subject key identifier:   03:47:ED:12:B6:5D:61:0B:E3:B4:51:67:1D:46:BC:39:D7:01:A8:28
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       4735F7666ED10F9F0ABA65AAA6B41625D18E242B
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1c67054c-b258-414c-a2d5-529dd737a58f.roa
Signing time:             Sat 15 Nov 2025 02:21:54 +0000
ROA not before:           Sat 15 Nov 2025 02:21:54 +0000
ROA not after:            Sat 20 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        15.220.120.0/21 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 04 Dec 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:35:f7:66:6e:d1:0f:9f:0a:ba:65:aa:a6:b4:16:25:d1:8e:24:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov 15 02:21:54 2025 GMT
            Not After : Dec 20 23:59:59 2025 GMT
        Subject: serialNumber=ef803bb56c48a8a9cb505fa3359836ea39389107b21466580ea183397fa54650, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:1f:38:a0:19:26:2d:e2:9e:df:d3:24:13:1c:
                    31:9b:71:f2:ec:f1:94:d6:0e:f1:55:c1:ca:90:d9:
                    72:f0:4f:ce:6c:79:fb:4e:cd:a6:91:ab:02:a8:0f:
                    f6:84:41:65:10:f0:67:40:81:5e:9c:f1:2f:3b:f6:
                    3b:f1:9b:bd:f6:90:66:59:82:43:57:aa:16:b8:1f:
                    d6:fe:c7:75:cd:18:1c:82:b3:c6:cd:88:03:52:ad:
                    0f:78:b8:5a:e8:ef:00:f6:f1:39:7f:fc:9f:42:29:
                    5f:ec:93:e4:c0:14:17:e6:58:95:de:56:3c:87:ab:
                    ae:99:3d:e4:dc:f5:60:db:ac:47:44:5b:b7:05:85:
                    4c:2b:2c:1b:e6:14:14:f2:ea:30:e1:37:7d:a0:8d:
                    92:9d:b3:13:28:87:f0:1b:ae:70:1c:53:bc:5c:10:
                    da:66:73:f2:f9:af:07:32:08:fa:09:10:7c:20:48:
                    6f:c9:1c:3d:36:9d:0a:b8:ad:e3:2d:34:18:1f:44:
                    aa:47:64:4a:3f:3b:05:7a:36:75:b4:b1:cd:11:f5:
                    da:78:cd:f6:8f:db:82:3d:1b:e0:57:c9:e3:67:f9:
                    6e:d9:34:71:86:56:f8:7d:6c:95:49:13:d1:4e:bb:
                    8e:4e:6d:b1:dc:46:5c:f9:aa:ad:f6:24:86:85:3b:
                    1c:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:47:ED:12:B6:5D:61:0B:E3:B4:51:67:1D:46:BC:39:D7:01:A8:28
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1c67054c-b258-414c-a2d5-529dd737a58f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.220.120.0/21

    Signature Algorithm: sha256WithRSAEncryption
         18:28:dc:09:4a:b0:5c:89:34:cf:21:7a:65:ba:c6:5c:9f:3b:
         d2:ca:fe:2e:3d:ad:b6:35:86:d0:fd:21:25:ee:77:7d:f6:93:
         a5:ca:43:57:74:78:db:98:36:78:f9:5e:e0:bf:31:ef:18:16:
         35:12:77:17:14:b0:71:a9:cb:8a:4e:d3:bd:28:bb:76:e0:b2:
         6a:e1:58:7d:b0:52:7a:e3:2a:00:9c:2b:28:6c:a6:69:86:e2:
         d8:e7:05:99:82:b5:03:59:ae:5d:9f:b9:e1:4a:77:18:14:ce:
         e2:e5:cf:38:73:b5:6d:a2:79:a9:a8:0e:fe:f0:aa:16:4c:da:
         90:ff:ea:46:a4:80:aa:cf:a0:69:cc:cf:85:13:1a:12:af:09:
         59:91:4a:30:cf:b4:1e:77:56:30:b7:e1:0d:31:61:61:a3:29:
         ed:db:3f:3c:74:a1:69:27:ca:9d:ea:6c:7b:59:68:85:3d:24:
         eb:c6:18:5d:51:86:8c:07:05:03:81:de:26:8a:a9:5e:3f:78:
         3e:d0:8c:9b:f2:7a:5f:e2:49:e7:92:cd:27:6a:83:0a:df:3d:
         c6:5a:aa:99:e2:33:d4:16:b3:ef:3c:30:2b:63:c4:83:42:d7:
         5a:21:ac:73:af:f9:27:4b:24:98:e8:19:c4:68:53:4e:a4:30:
         e7:02:2b:e2
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURzX3Zm7RD58KumWqprQWJdGOJCswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTE1MDIyMTU0WhcNMjUxMjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0BlZjgwM2JiNTZjNDhhOGE5Y2I1MDVmYTMzNTk4MzZlYTM5
Mzg5MTA3YjIxNDY2NTgwZWExODMzOTdmYTU0NjUwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvHzigGSYt4p7f0yQTHDGbcfLs8ZTWDvFVwcqQ2XLwT85s
eftOzaaRqwKoD/aEQWUQ8GdAgV6c8S879jvxm732kGZZgkNXqha4H9b+x3XNGByC
s8bNiANSrQ94uFro7wD28Tl//J9CKV/sk+TAFBfmWJXeVjyHq66ZPeTc9WDbrEdE
W7cFhUwrLBvmFBTy6jDhN32gjZKdsxMoh/AbrnAcU7xcENpmc/L5rwcyCPoJEHwg
SG/JHD02nQq4reMtNBgfRKpHZEo/OwV6NnW0sc0R9dp4zfaP24I9G+BXyeNn+W7Z
NHGGVvh9bJVJE9FOu45ObbHcRlz5qq32JIaFOxzHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUA0ftErZdYQvjtFFnHUa8OdcBqCgwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzFjNjcwNTRjLWIyNTgtNDE0Yy1hMmQ1LTUyOWRkNzM3YTU4Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMP3HgwDQYJKoZIhvcNAQELBQADggEBABgo3AlKsFyJNM8hemW6xlyfO9LK
/i49rbY1htD9ISXud332k6XKQ1d0eNuYNnj5XuC/Me8YFjUSdxcUsHGpy4pO070o
u3bgsmrhWH2wUnrjKgCcKyhspmmG4tjnBZmCtQNZrl2fueFKdxgUzuLlzzhztW2i
eamoDv7wqhZM2pD/6kakgKrPoGnMz4UTGhKvCVmRSjDPtB53VjC34Q0xYWGjKe3b
Pzx0oWknyp3qbHtZaIU9JOvGGF1RhowHBQOB3iaKqV4/eD7QjJvyel/iSeeSzSdq
gwrfPcZaqpniM9QWs+88MCtjxINC11ohrHOv+SdLJJjoGcRoU06kMOcCK+I=
-----END CERTIFICATE-----