This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/29176684-9654-4098-a54e-bbbf4bfb5f09.roa
File:                     29176684-9654-4098-a54e-bbbf4bfb5f09.roa (raw, json)
Hash identifier:          ljLANqkKobuJ8cPVjjHjqqfTIfbqkfwD5baAxFFL7LY=
Subject key identifier:   13:33:69:89:3F:16:85:9C:57:11:62:B5:66:EF:51:1A:FF:04:7B:A1
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       331F2EBD5176AFE0F80C76C9A2104789E53F3AE1
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/29176684-9654-4098-a54e-bbbf4bfb5f09.roa
Signing time:             Mon 10 Nov 2025 01:00:05 +0000
ROA not before:           Mon 10 Nov 2025 01:00:05 +0000
ROA not after:            Mon 15 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.182.78.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 04 Dec 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            33:1f:2e:bd:51:76:af:e0:f8:0c:76:c9:a2:10:47:89:e5:3f:3a:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov 10 01:00:05 2025 GMT
            Not After : Dec 15 23:59:59 2025 GMT
        Subject: serialNumber=83606074970d042b15c839fe51ccb49139c4c6986d686cda15b8fe84c28c5f98, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:ba:19:01:12:49:5c:88:d1:21:0c:40:3a:c7:
                    78:88:f8:ca:f9:97:02:47:e3:9d:e2:41:18:02:8c:
                    f3:c6:39:4a:15:b6:94:cf:53:16:59:ef:8d:41:a1:
                    95:7d:35:1e:79:af:da:a1:f5:ca:ca:a6:60:0d:b9:
                    36:9c:73:76:b9:dc:8c:a9:10:0d:0c:14:e3:df:18:
                    8e:b3:d4:4f:81:d5:76:a9:b3:d7:0b:ca:73:d1:2d:
                    fd:8e:04:30:af:33:2f:51:79:69:66:cf:d1:74:85:
                    3c:c0:52:49:17:a4:43:5b:58:5b:c0:46:07:13:60:
                    53:03:5d:dc:87:8a:22:0d:3a:19:61:9f:f8:e1:10:
                    d0:90:39:57:4f:5c:73:7d:a3:96:94:1c:42:be:cc:
                    a6:94:67:ae:e7:cc:f9:fa:a7:74:cf:ba:1d:15:9e:
                    d9:9f:30:4b:ef:7a:f3:1d:61:85:1b:37:ac:9d:fa:
                    0d:9c:54:5c:14:d5:9b:4f:61:99:37:d1:df:a5:f2:
                    60:a8:01:0e:7d:70:08:26:c7:5f:78:b7:fc:2a:37:
                    77:28:66:f3:e8:7b:c2:1d:b6:40:ca:1e:94:46:5b:
                    07:7c:47:ed:88:d0:eb:30:47:b0:6e:04:e4:d5:aa:
                    dd:c4:9d:04:77:5b:d4:47:0c:38:4b:bc:93:b1:92:
                    1f:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:33:69:89:3F:16:85:9C:57:11:62:B5:66:EF:51:1A:FF:04:7B:A1
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/29176684-9654-4098-a54e-bbbf4bfb5f09.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.182.78.0/23

    Signature Algorithm: sha256WithRSAEncryption
         26:1f:b2:82:4e:5b:12:07:fb:52:62:c1:89:42:f9:89:c8:4c:
         9b:9e:db:e6:6c:1c:09:a5:30:f7:c8:29:c5:43:bc:d6:fb:79:
         02:ee:30:ae:8a:3c:e6:de:45:72:5f:c7:11:5c:13:fb:37:75:
         e2:b2:83:f0:0e:52:43:69:7c:e7:4d:f5:c8:4f:ab:d8:ee:26:
         c3:cf:34:6a:06:67:43:e4:80:a3:ee:90:48:b0:ff:ec:35:a2:
         cc:b7:f5:50:4a:d2:03:71:a1:04:e2:bf:7a:0c:15:88:a8:79:
         d0:f4:77:3e:a8:df:46:c9:59:74:e5:a6:6f:4c:f0:f8:55:1e:
         1e:7a:c5:01:7e:62:68:ec:05:d7:ad:c0:50:05:39:dc:10:ea:
         1c:6a:cc:52:47:d7:d1:db:29:e6:2e:73:9d:ed:7e:a1:9f:c0:
         18:75:51:64:98:bb:21:90:88:93:ea:ac:65:14:f7:0f:20:a0:
         4b:41:ec:85:1a:02:f5:55:61:2d:ab:37:13:cb:13:52:e4:e0:
         43:c5:fc:0f:1a:b3:b1:34:4d:9e:28:18:08:22:dc:6d:a4:15:
         ac:45:52:b8:6e:05:05:c6:fa:25:ce:09:fb:a1:15:3e:e3:5f:
         ad:aa:e8:74:cc:dd:51:1a:02:04:9d:b3:2b:8a:91:9d:9e:eb:
         e6:00:6a:53
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMx8uvVF2r+D4DHbJohBHieU/OuEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTEwMDEwMDA1WhcNMjUxMjE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A4MzYwNjA3NDk3MGQwNDJiMTVjODM5ZmU1MWNjYjQ5MTM5
YzRjNjk4NmQ2ODZjZGExNWI4ZmU4NGMyOGM1Zjk4MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/uhkBEklciNEhDEA6x3iI+Mr5lwJH453iQRgCjPPGOUoV
tpTPUxZZ741BoZV9NR55r9qh9crKpmANuTacc3a53IypEA0MFOPfGI6z1E+B1Xap
s9cLynPRLf2OBDCvMy9ReWlmz9F0hTzAUkkXpENbWFvARgcTYFMDXdyHiiINOhlh
n/jhENCQOVdPXHN9o5aUHEK+zKaUZ67nzPn6p3TPuh0VntmfMEvvevMdYYUbN6yd
+g2cVFwU1ZtPYZk30d+l8mCoAQ59cAgmx194t/wqN3coZvPoe8IdtkDKHpRGWwd8
R+2I0OswR7BuBOTVqt3EnQR3W9RHDDhLvJOxkh9PAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUEzNpiT8WhZxXEWK1Zu9RGv8Ee6EwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzI5MTc2Njg0LTk2NTQtNDA5OC1hNTRlLWJiYmY0YmZiNWYwOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAE2tk4wDQYJKoZIhvcNAQELBQADggEBACYfsoJOWxIH+1JiwYlC+YnITJue
2+ZsHAmlMPfIKcVDvNb7eQLuMK6KPObeRXJfxxFcE/s3deKyg/AOUkNpfOdN9chP
q9juJsPPNGoGZ0PkgKPukEiw/+w1osy39VBK0gNxoQTiv3oMFYioedD0dz6o30bJ
WXTlpm9M8PhVHh56xQF+YmjsBdetwFAFOdwQ6hxqzFJH19HbKeYuc53tfqGfwBh1
UWSYuyGQiJPqrGUU9w8goEtB7IUaAvVVYS2rNxPLE1Lk4EPF/A8as7E0TZ4oGAgi
3G2kFaxFUrhuBQXG+iXOCfuhFT7jX62q6HTM3VEaAgSdsyuKkZ2e6+YAalM=
-----END CERTIFICATE-----