This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/31b3c27f-c2a6-4964-8eb8-dbb3fb26b4d3.roa
File:                     31b3c27f-c2a6-4964-8eb8-dbb3fb26b4d3.roa (raw, json)
Hash identifier:          Q2jX6iL8ezmp4z6xCEbvAfKRA0ywVarcsMjvSUEU+9k=
Subject key identifier:   E6:2D:6D:BB:1C:60:17:DF:1D:F6:20:84:8A:14:61:79:6F:FF:5E:A5
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       242D890D1719F645361B8E4EEE0F03167126EBF7
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/31b3c27f-c2a6-4964-8eb8-dbb3fb26b4d3.roa
Signing time:             Sat 29 Nov 2025 02:20:35 +0000
ROA not before:           Sat 29 Nov 2025 02:20:35 +0000
ROA not after:            Fri 27 Feb 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.189.128.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 04 Dec 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:2d:89:0d:17:19:f6:45:36:1b:8e:4e:ee:0f:03:16:71:26:eb:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov 29 02:20:35 2025 GMT
            Not After : Feb 27 23:59:59 2026 GMT
        Subject: serialNumber=b9927b3a5e10ebb2fa90feaa210e72f7f97d267356f18b4c3fec9d838f5a5eee, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:89:aa:ce:6e:47:8d:d1:44:6b:5f:2f:e8:e9:
                    61:ad:d2:f3:1f:63:f5:dc:0d:c4:28:85:66:5b:d1:
                    29:ad:e3:1f:9d:f8:5d:bd:ec:b2:7a:49:d2:6c:8c:
                    5f:96:c1:3c:da:06:79:f1:c8:88:65:5e:b3:bb:e4:
                    ae:0c:d1:13:a3:6c:e9:58:7d:af:f9:62:8d:9b:f8:
                    46:b0:fb:66:62:99:92:b9:74:2c:42:dc:66:6d:f6:
                    5f:22:ae:6b:b9:6e:a0:7f:ed:47:88:6f:db:42:a0:
                    51:55:c7:06:ce:92:c6:bf:05:a6:54:fb:a2:ec:3d:
                    aa:60:7c:bd:c3:27:32:ff:9a:46:62:78:1e:3b:af:
                    29:d9:af:34:bb:16:d3:75:d1:1d:a0:3c:c4:2f:b0:
                    df:11:cc:a1:78:46:69:e1:5f:8c:44:2e:f4:75:90:
                    15:d3:50:b2:45:2c:30:fd:ae:d2:6b:6b:c6:94:9f:
                    4c:3c:17:e8:41:d2:89:f5:e3:67:6d:ad:07:9d:5c:
                    a9:f9:77:6f:72:c9:d7:6b:f6:08:a2:9f:d1:6f:6e:
                    f9:8f:d9:30:1c:56:64:01:48:d7:38:03:80:9b:54:
                    0f:9d:86:23:84:1c:ce:86:4c:5d:07:91:a0:20:d6:
                    e9:b1:c7:fe:8a:71:96:37:f0:55:ee:a2:2f:42:f3:
                    ff:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:2D:6D:BB:1C:60:17:DF:1D:F6:20:84:8A:14:61:79:6F:FF:5E:A5
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/31b3c27f-c2a6-4964-8eb8-dbb3fb26b4d3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.189.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         5b:dd:5b:dc:63:c9:f1:69:8f:48:68:a5:e7:30:7a:6a:ad:a3:
         06:3e:ad:05:db:90:5d:5f:e7:cb:9a:8e:da:21:f9:e2:0a:46:
         a6:c5:54:03:ab:17:4f:44:90:f8:60:a7:79:15:b0:ba:15:4d:
         29:f1:12:af:46:9f:e3:20:a1:1e:60:e1:5e:b5:e0:6e:cc:14:
         d3:2f:b8:ae:56:15:b4:a1:4c:55:a1:3a:20:f2:69:7e:5f:3d:
         e7:92:87:98:4a:8f:0f:2f:2b:3c:82:dd:aa:b7:de:99:50:f5:
         15:28:c9:11:d0:69:c5:34:b9:8c:26:35:d7:c8:c0:1b:62:7b:
         a6:7a:ad:48:9f:d8:5e:8c:fb:d2:78:29:25:d1:1e:da:b3:b7:
         88:f6:53:d9:74:9c:75:c6:8b:a3:9b:36:38:b8:0b:62:1a:4e:
         76:80:99:d1:fc:23:cd:82:e5:99:1f:2a:a8:5e:47:01:d7:d4:
         90:76:1f:52:94:e8:5c:d9:3c:ee:0e:96:95:47:25:ba:bb:83:
         10:94:56:a6:70:1b:f1:94:2b:65:d7:5a:d4:7e:1d:00:30:2d:
         c5:95:ec:52:ae:a1:58:a2:57:33:b7:42:69:f8:c2:91:7b:71:
         55:6e:50:13:2f:86:7d:55:77:9c:4d:20:d0:c1:1c:90:da:d6:
         d0:85:68:ea
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJC2JDRcZ9kU2G45O7g8DFnEm6/cwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTI5MDIyMDM1WhcNMjYwMjI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BiOTkyN2IzYTVlMTBlYmIyZmE5MGZlYWEyMTBlNzJmN2Y5
N2QyNjczNTZmMThiNGMzZmVjOWQ4MzhmNWE1ZWVlMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCriarObkeN0URrXy/o6WGt0vMfY/XcDcQohWZb0Smt4x+d
+F297LJ6SdJsjF+WwTzaBnnxyIhlXrO75K4M0ROjbOlYfa/5Yo2b+Eaw+2ZimZK5
dCxC3GZt9l8irmu5bqB/7UeIb9tCoFFVxwbOksa/BaZU+6LsPapgfL3DJzL/mkZi
eB47rynZrzS7FtN10R2gPMQvsN8RzKF4RmnhX4xELvR1kBXTULJFLDD9rtJra8aU
n0w8F+hB0on142dtrQedXKn5d29yyddr9giin9FvbvmP2TAcVmQBSNc4A4CbVA+d
hiOEHM6GTF0HkaAg1umxx/6KcZY38FXuoi9C8/9LAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU5i1tuxxgF98d9iCEihRheW//XqUwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzMxYjNjMjdmLWMyYTYtNDk2NC04ZWI4LWRiYjNmYjI2YjRkMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAY2vYAwDQYJKoZIhvcNAQELBQADggEBAFvdW9xjyfFpj0hopecwemqtowY+
rQXbkF1f58uajtoh+eIKRqbFVAOrF09EkPhgp3kVsLoVTSnxEq9Gn+MgoR5g4V61
4G7MFNMvuK5WFbShTFWhOiDyaX5fPeeSh5hKjw8vKzyC3aq33plQ9RUoyRHQacU0
uYwmNdfIwBtie6Z6rUif2F6M+9J4KSXRHtqzt4j2U9l0nHXGi6ObNji4C2IaTnaA
mdH8I82C5ZkfKqheRwHX1JB2H1KU6FzZPO4OlpVHJbq7gxCUVqZwG/GUK2XXWtR+
HQAwLcWV7FKuoViiVzO3Qmn4wpF7cVVuUBMvhn1Vd5xNINDBHJDa1tCFaOo=
-----END CERTIFICATE-----