This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2b40ac1e-e997-4852-9eb8-c845296d5869.roa
File:                     2b40ac1e-e997-4852-9eb8-c845296d5869.roa (raw, json)
Hash identifier:          7IblePwkJwmi3c0DanVZmJBM83npqliTe1Zba/tz4+k=
Subject key identifier:   EC:3D:ED:82:59:4D:DA:0E:D7:1C:D0:D3:D7:A6:79:74:4C:29:9B:24
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       54CCCA7AF5AC93F99B1A951D844ACB321674031C
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2b40ac1e-e997-4852-9eb8-c845296d5869.roa
Signing time:             Sat 15 Nov 2025 03:40:07 +0000
ROA not before:           Sat 15 Nov 2025 03:40:07 +0000
ROA not after:            Sat 20 Dec 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        35.153.2.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 24 Nov 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:cc:ca:7a:f5:ac:93:f9:9b:1a:95:1d:84:4a:cb:32:16:74:03:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov 15 03:40:07 2025 GMT
            Not After : Dec 20 23:59:59 2025 GMT
        Subject: serialNumber=598370fb4d803ef09f3a8ef68db8cc5743c05af671794cd2db8790d1a00961af, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:32:57:62:32:f4:d1:71:7a:60:93:9a:af:b7:
                    59:75:2b:43:4c:6e:58:fb:30:7f:29:36:21:af:c3:
                    34:16:39:4c:5e:b4:55:a2:1b:c9:b9:af:d5:41:8f:
                    a7:01:10:d3:07:59:91:ec:ea:71:64:08:ae:1d:e1:
                    3a:73:59:cb:0b:76:e6:4c:23:d4:8d:36:6a:3b:00:
                    2b:d1:a8:c0:32:bb:df:d9:f5:b4:93:f0:83:8e:e5:
                    e3:53:8f:c9:ef:56:04:47:47:db:7e:f4:9d:79:d0:
                    01:2d:d2:8e:77:45:a3:f1:9d:fc:eb:a6:30:ba:9c:
                    c4:69:0d:91:21:68:70:01:1c:1b:89:b3:84:51:f9:
                    a8:5d:70:80:f4:e0:c3:5a:f4:0a:38:f6:f1:06:99:
                    8e:de:d6:6a:94:0a:51:28:15:1f:7b:31:3c:18:62:
                    01:b3:58:4c:1d:1d:24:27:ff:f6:9e:b3:c9:1d:2a:
                    f5:99:58:e7:8b:2c:b5:0c:31:b7:9e:ad:2a:08:d9:
                    71:6f:a3:c0:93:ec:11:89:84:1d:50:2d:1b:b8:93:
                    37:c0:0a:7c:b0:ae:9d:02:c1:06:31:21:1f:86:a3:
                    7d:b9:cb:29:14:08:f8:8f:fa:14:3c:1f:0e:5b:56:
                    3b:92:5c:9c:25:6f:b3:d5:7e:68:12:da:16:4f:05:
                    ad:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:3D:ED:82:59:4D:DA:0E:D7:1C:D0:D3:D7:A6:79:74:4C:29:9B:24
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2b40ac1e-e997-4852-9eb8-c845296d5869.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.153.2.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2e:81:ae:98:78:e2:6e:79:26:95:62:5e:de:e5:62:7a:08:ec:
         03:d4:37:c2:4e:af:08:6e:2f:ce:31:a0:ff:c4:46:8e:fd:5f:
         f2:dd:4c:40:77:0b:7f:07:81:05:34:f1:6f:0a:cb:30:90:e0:
         0f:f0:43:da:c7:ec:b6:4c:b6:52:ab:43:5b:71:33:62:da:51:
         6a:8e:a6:61:66:0c:80:b9:ca:79:eb:85:1a:0f:46:e1:f5:1d:
         dd:2b:8e:d6:ad:71:a0:6b:01:a1:58:5c:cf:fc:09:98:c0:bb:
         72:26:29:42:63:4a:00:d6:a5:ad:3f:ce:74:8b:09:70:f6:cd:
         9b:13:d3:06:dc:e2:06:fa:2e:db:91:25:b6:39:81:ea:44:8a:
         bb:96:4e:88:e9:7f:0a:45:16:8b:0d:40:5d:b4:8b:09:1f:c2:
         38:74:3c:44:ad:8f:b9:8d:d9:c5:0a:f6:0c:2e:20:05:64:7b:
         b6:b6:aa:d3:18:47:57:53:aa:5e:be:ac:5e:f4:41:77:a5:d5:
         0f:58:8e:d7:cf:64:3d:bd:15:50:a8:e7:25:00:92:21:75:34:
         8d:65:fa:5b:a9:a0:d4:a2:87:fe:40:b8:d5:6d:ce:4e:d4:52:
         c8:de:3e:a9:28:bb:46:73:02:a2:3a:5f:b4:d7:d7:c1:8b:91:
         38:a1:d9:c1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVMzKevWsk/mbGpUdhErLMhZ0AxwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTE1MDM0MDA3WhcNMjUxMjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A1OTgzNzBmYjRkODAzZWYwOWYzYThlZjY4ZGI4Y2M1NzQz
YzA1YWY2NzE3OTRjZDJkYjg3OTBkMWEwMDk2MWFmMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFMldiMvTRcXpgk5qvt1l1K0NMblj7MH8pNiGvwzQWOUxe
tFWiG8m5r9VBj6cBENMHWZHs6nFkCK4d4TpzWcsLduZMI9SNNmo7ACvRqMAyu9/Z
9bST8IOO5eNTj8nvVgRHR9t+9J150AEt0o53RaPxnfzrpjC6nMRpDZEhaHABHBuJ
s4RR+ahdcID04MNa9Ao49vEGmY7e1mqUClEoFR97MTwYYgGzWEwdHSQn//aes8kd
KvWZWOeLLLUMMbeerSoI2XFvo8CT7BGJhB1QLRu4kzfACnywrp0CwQYxIR+Go325
yykUCPiP+hQ8Hw5bVjuSXJwlb7PVfmgS2hZPBa3FAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU7D3tgllN2g7XHNDT16Z5dEwpmyQwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzJiNDBhYzFlLWU5OTctNDg1Mi05ZWI4LWM4NDUyOTZkNTg2OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEjmQIwDQYJKoZIhvcNAQELBQADggEBAC6Brph44m55JpViXt7lYnoI7APU
N8JOrwhuL84xoP/ERo79X/LdTEB3C38HgQU08W8KyzCQ4A/wQ9rH7LZMtlKrQ1tx
M2LaUWqOpmFmDIC5ynnrhRoPRuH1Hd0rjtatcaBrAaFYXM/8CZjAu3ImKUJjSgDW
pa0/znSLCXD2zZsT0wbc4gb6LtuRJbY5gepEiruWTojpfwpFFosNQF20iwkfwjh0
PEStj7mN2cUK9gwuIAVke7a2qtMYR1dTql6+rF70QXel1Q9YjtfPZD29FVCo5yUA
kiF1NI1l+lupoNSih/5AuNVtzk7UUsjePqkou0ZzAqI6X7TX18GLkTih2cE=
-----END CERTIFICATE-----