This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3ab011af-fada-4c8e-b056-1a9dfdb769da.roa
File:                     3ab011af-fada-4c8e-b056-1a9dfdb769da.roa (raw, json)
Hash identifier:          Kp3s97u11d89SGFPuwn2TOfrdRFsxkr0QjHhoe8MrM4=
Subject key identifier:   CB:45:96:D4:46:CC:46:B8:9E:ED:CE:CE:68:C7:5B:5A:56:3F:6C:EE
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       D4DD3B1687A525235BF6DE7B409D557D582F14
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3ab011af-fada-4c8e-b056-1a9dfdb769da.roa
Signing time:             Sat 15 Nov 2025 01:11:00 +0000
ROA not before:           Sat 15 Nov 2025 01:11:00 +0000
ROA not after:            Sat 20 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.119.224.0/21 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 04 Dec 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            d4:dd:3b:16:87:a5:25:23:5b:f6:de:7b:40:9d:55:7d:58:2f:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov 15 01:11:00 2025 GMT
            Not After : Dec 20 23:59:59 2025 GMT
        Subject: serialNumber=76918fe4198ae0816351e008c20297aa633b06644d36f6e07f853b9bc2d2c816, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:35:a9:64:5b:7d:04:3e:2b:45:7c:72:d2:de:
                    35:6c:ac:33:47:04:90:58:d4:39:a7:af:4d:a9:1f:
                    26:f3:ac:f3:63:e6:29:8b:a4:7a:ab:64:31:15:29:
                    5f:0e:f8:54:35:d7:8e:a6:51:c6:3d:f1:c1:ef:91:
                    0b:ff:32:95:6a:74:fa:60:8e:f3:98:35:9f:0f:5c:
                    53:37:22:40:61:f5:c2:83:41:0b:e3:73:ec:88:68:
                    14:94:a5:8e:60:6d:98:f3:00:cf:a5:8f:3e:97:72:
                    90:de:98:af:09:15:8f:a3:27:ab:77:16:3a:0a:25:
                    ef:76:ab:89:b0:16:4f:0c:3d:22:5b:91:f0:cd:d9:
                    4c:64:d6:88:b9:fe:f5:f0:71:71:8f:5d:40:74:25:
                    e7:19:d2:58:88:a6:68:b0:97:e6:7f:88:e2:c2:d4:
                    1b:de:2e:d7:82:a4:4b:a6:b7:fd:a5:60:68:cd:d3:
                    13:06:b3:71:a8:e0:ed:1f:89:1f:f1:47:f6:48:65:
                    e3:dc:96:7c:47:13:e5:fe:e3:82:83:7f:60:74:a3:
                    ef:ea:fc:c3:b2:ea:c4:04:6c:d1:88:5f:f4:cb:b2:
                    3c:d6:7b:b6:f1:cb:ec:3b:20:bf:06:a6:35:84:76:
                    2b:5b:e1:79:73:17:fe:22:b7:45:ec:85:4a:f8:44:
                    37:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:45:96:D4:46:CC:46:B8:9E:ED:CE:CE:68:C7:5B:5A:56:3F:6C:EE
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3ab011af-fada-4c8e-b056-1a9dfdb769da.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.119.224.0/21

    Signature Algorithm: sha256WithRSAEncryption
         2a:ca:0c:c4:fe:1b:7f:65:eb:66:10:f8:e3:fb:e8:bc:7f:e3:
         50:5e:40:f8:54:6f:82:cb:47:24:c9:14:58:30:aa:69:df:b4:
         e8:39:55:bf:94:d7:48:4b:10:fa:9a:aa:d6:1f:dc:59:a1:c8:
         8f:77:cc:df:5b:e8:b3:d5:e5:7e:b2:93:94:ef:3d:1c:98:0a:
         b8:5d:c4:71:b0:df:f0:e6:ea:68:f8:f8:cb:0a:e6:56:d6:98:
         a9:df:7f:86:c5:e6:b7:02:52:c8:30:5a:a3:78:b0:2a:4e:5c:
         94:fc:11:db:02:71:9c:54:74:9f:cf:34:61:4e:0a:24:bc:34:
         f8:03:5e:6d:fa:e7:b5:7f:3e:88:e2:85:90:c3:4d:e3:cf:78:
         64:ca:52:ff:96:d6:b1:48:0a:e2:00:8e:0b:a3:7a:28:81:a4:
         f3:9c:64:14:f6:1f:96:47:73:3e:f8:21:d1:d2:71:49:d9:0f:
         18:17:5c:59:cf:65:9e:4f:b1:6b:e8:b0:f4:03:75:43:1d:03:
         c1:77:57:5e:0d:37:87:aa:51:5d:3e:5d:93:19:45:df:0f:9d:
         67:75:5d:37:2c:5d:6c:52:30:20:26:27:ae:62:3e:36:83:de:
         92:92:58:93:94:7f:b1:1a:77:a7:2d:e6:92:5a:f5:57:19:21:
         c2:c9:42:d1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUANTdOxaHpSUjW/bee0CdVX1YLxQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTE1MDExMTAwWhcNMjUxMjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A3NjkxOGZlNDE5OGFlMDgxNjM1MWUwMDhjMjAyOTdhYTYz
M2IwNjY0NGQzNmY2ZTA3Zjg1M2I5YmMyZDJjODE2MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDfNalkW30EPitFfHLS3jVsrDNHBJBY1Dmnr02pHybzrPNj
5imLpHqrZDEVKV8O+FQ1146mUcY98cHvkQv/MpVqdPpgjvOYNZ8PXFM3IkBh9cKD
QQvjc+yIaBSUpY5gbZjzAM+ljz6XcpDemK8JFY+jJ6t3FjoKJe92q4mwFk8MPSJb
kfDN2Uxk1oi5/vXwcXGPXUB0JecZ0liIpmiwl+Z/iOLC1BveLteCpEumt/2lYGjN
0xMGs3Go4O0fiR/xR/ZIZePclnxHE+X+44KDf2B0o+/q/MOy6sQEbNGIX/TLsjzW
e7bxy+w7IL8GpjWEditb4XlzF/4it0XshUr4RDeRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUy0WW1EbMRrie7c7OaMdbWlY/bO4wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzNhYjAxMWFmLWZhZGEtNGM4ZS1iMDU2LTFhOWRmZGI3NjlkYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAM0d+AwDQYJKoZIhvcNAQELBQADggEBACrKDMT+G39l62YQ+OP76Lx/41Be
QPhUb4LLRyTJFFgwqmnftOg5Vb+U10hLEPqaqtYf3FmhyI93zN9b6LPV5X6yk5Tv
PRyYCrhdxHGw3/Dm6mj4+MsK5lbWmKnff4bF5rcCUsgwWqN4sCpOXJT8EdsCcZxU
dJ/PNGFOCiS8NPgDXm3657V/PojihZDDTePPeGTKUv+W1rFICuIAjgujeiiBpPOc
ZBT2H5ZHcz74IdHScUnZDxgXXFnPZZ5PsWvosPQDdUMdA8F3V14NN4eqUV0+XZMZ
Rd8PnWd1XTcsXWxSMCAmJ65iPjaD3pKSWJOUf7Ead6ct5pJa9VcZIcLJQtE=
-----END CERTIFICATE-----