This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/216fe048-3ab4-4534-8023-6903a6fb09fe.roa
File:                     216fe048-3ab4-4534-8023-6903a6fb09fe.roa (raw, json)
Hash identifier:          bGMDQSYxnukZSMAjlfCYO/72n0cDQ3CNaMIpgx6AShU=
Subject key identifier:   90:F1:D0:19:11:15:C0:94:BC:A3:DD:E8:AB:BC:64:B8:20:7A:08:50
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       6C609D28A0CDAE6E9B7EF8B7A844A57FE3A285F9
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/216fe048-3ab4-4534-8023-6903a6fb09fe.roa
Signing time:             Sat 29 Nov 2025 02:00:07 +0000
ROA not before:           Sat 29 Nov 2025 02:00:07 +0000
ROA not after:            Fri 27 Feb 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        3.253.224.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 04 Dec 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:60:9d:28:a0:cd:ae:6e:9b:7e:f8:b7:a8:44:a5:7f:e3:a2:85:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov 29 02:00:07 2025 GMT
            Not After : Feb 27 23:59:59 2026 GMT
        Subject: serialNumber=36c5105c1bdd0e9f9013c4f47d357aedd573968a6992272067dddc6203d4cf7e, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:86:e2:c1:0d:52:8d:00:cb:f1:09:34:cf:c8:
                    45:18:48:16:5d:6e:50:16:11:b4:d5:ea:c7:f1:00:
                    b1:77:6f:01:72:77:ac:9a:b7:54:4e:cc:56:d7:f0:
                    51:35:4e:24:86:c5:51:83:7e:18:d9:97:4b:05:98:
                    e6:ec:71:c2:0d:5c:0f:d1:77:b4:a4:a7:2d:bc:0d:
                    9c:54:24:49:5b:ff:e3:5f:5e:2e:20:f5:e4:1e:86:
                    be:fc:fa:bd:e1:c1:e4:14:66:8d:c2:8f:58:1c:29:
                    ef:7c:0a:72:42:bf:ef:d9:2e:8c:66:bc:06:56:38:
                    36:d3:6e:19:3b:af:55:31:35:dc:9f:c8:84:73:fe:
                    9e:a5:2e:1d:91:c9:50:ba:13:49:b9:93:c1:7b:c4:
                    51:00:f9:21:6c:b3:89:70:5f:1d:13:6a:95:7b:d2:
                    74:eb:eb:c2:94:a7:83:86:7b:66:dd:a6:9f:fe:f6:
                    a1:2c:84:b4:cc:ee:a2:cc:7b:34:74:57:1f:cf:df:
                    74:ad:6b:a8:6a:4b:e4:10:61:53:4b:2f:fe:31:92:
                    13:48:63:6c:7f:aa:99:fe:a3:6e:f0:bc:f3:2e:d6:
                    cf:eb:32:cc:04:5a:8b:d6:58:b8:2c:cd:77:17:6d:
                    1d:9f:81:00:0b:22:c9:24:7b:b0:43:ff:c5:c3:84:
                    ec:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:F1:D0:19:11:15:C0:94:BC:A3:DD:E8:AB:BC:64:B8:20:7A:08:50
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/216fe048-3ab4-4534-8023-6903a6fb09fe.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.253.224.0/22

    Signature Algorithm: sha256WithRSAEncryption
         22:67:4a:97:c2:d6:ef:9e:0c:e8:2d:a6:04:04:1b:af:f2:d1:
         44:58:45:02:bf:4b:48:1f:88:6d:23:8a:e2:5a:87:20:ed:fb:
         f1:90:cd:77:69:aa:c4:06:e2:87:fa:79:5c:b7:df:f1:d1:9d:
         c2:a8:9d:2a:21:81:87:20:9d:41:4f:46:b2:43:be:bb:05:79:
         d0:a9:59:5d:8e:04:11:35:a4:3b:fd:fe:32:ab:0d:18:43:aa:
         2c:fa:c3:94:2d:c5:24:b2:b6:67:63:3b:9a:c5:02:9d:98:69:
         42:93:22:28:8a:34:a5:7a:42:40:d9:52:a0:70:e1:84:3d:28:
         c6:7e:ea:1e:cc:9f:41:d7:4d:27:e1:7c:ef:10:f3:94:98:02:
         f4:b6:a6:f4:41:0b:96:6a:cf:5c:a9:e7:6d:12:5a:ad:98:86:
         b9:1c:0e:57:ec:b2:79:6b:9a:ac:67:5b:a6:26:f1:7a:c2:22:
         32:94:55:be:31:f2:35:70:36:76:a3:92:3d:04:fe:66:3c:ff:
         ce:40:9d:92:27:91:35:2e:99:7b:94:4b:ee:83:f2:8d:b2:e1:
         2f:6f:55:29:91:23:6c:aa:15:90:38:1b:d0:90:20:ba:78:af:
         49:f7:6c:8c:4f:1e:1c:a5:eb:57:12:6c:5d:6f:3e:21:e1:40:
         a7:b4:6c:b6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbGCdKKDNrm6bfvi3qESlf+OihfkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTI5MDIwMDA3WhcNMjYwMjI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNmM1MTA1YzFiZGQwZTlmOTAxM2M0ZjQ3ZDM1N2FlZGQ1
NzM5NjhhNjk5MjI3MjA2N2RkZGM2MjAzZDRjZjdlMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDohuLBDVKNAMvxCTTPyEUYSBZdblAWEbTV6sfxALF3bwFy
d6yat1ROzFbX8FE1TiSGxVGDfhjZl0sFmObsccINXA/Rd7Skpy28DZxUJElb/+Nf
Xi4g9eQehr78+r3hweQUZo3Cj1gcKe98CnJCv+/ZLoxmvAZWODbTbhk7r1UxNdyf
yIRz/p6lLh2RyVC6E0m5k8F7xFEA+SFss4lwXx0TapV70nTr68KUp4OGe2bdpp/+
9qEshLTM7qLMezR0Vx/P33Sta6hqS+QQYVNLL/4xkhNIY2x/qpn+o27wvPMu1s/r
MswEWovWWLgszXcXbR2fgQALIskke7BD/8XDhOw3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUkPHQGREVwJS8o93oq7xkuCB6CFAwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzIxNmZlMDQ4LTNhYjQtNDUzNC04MDIzLTY5MDNhNmZiMDlmZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAID/eAwDQYJKoZIhvcNAQELBQADggEBACJnSpfC1u+eDOgtpgQEG6/y0URY
RQK/S0gfiG0jiuJahyDt+/GQzXdpqsQG4of6eVy33/HRncKonSohgYcgnUFPRrJD
vrsFedCpWV2OBBE1pDv9/jKrDRhDqiz6w5QtxSSytmdjO5rFAp2YaUKTIiiKNKV6
QkDZUqBw4YQ9KMZ+6h7Mn0HXTSfhfO8Q85SYAvS2pvRBC5Zqz1yp520SWq2Yhrkc
DlfssnlrmqxnW6Ym8XrCIjKUVb4x8jVwNnajkj0E/mY8/85AnZInkTUumXuUS+6D
8o2y4S9vVSmRI2yqFZA4G9CQILp4r0n3bIxPHhyl61cSbF1vPiHhQKe0bLY=
-----END CERTIFICATE-----