This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3ad02644-60fe-41b8-bdc5-7402a3456a23.roa
File:                     3ad02644-60fe-41b8-bdc5-7402a3456a23.roa (raw, json)
Hash identifier:          UEuInSR5e2a6r/JtGvnecnKHugqf6DNVf/xfJeagWxo=
Subject key identifier:   13:D7:DE:53:51:D6:0E:06:F3:7F:A8:4D:D7:8D:DF:CE:37:E8:D3:41
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       0E96632FF8BB164479285859210DBD6FC43FCAF9
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3ad02644-60fe-41b8-bdc5-7402a3456a23.roa
Signing time:             Mon 10 Nov 2025 01:40:07 +0000
ROA not before:           Mon 10 Nov 2025 01:40:07 +0000
ROA not after:            Mon 15 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.94.147.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 04 Dec 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:96:63:2f:f8:bb:16:44:79:28:58:59:21:0d:bd:6f:c4:3f:ca:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov 10 01:40:07 2025 GMT
            Not After : Dec 15 23:59:59 2025 GMT
        Subject: serialNumber=66649f5e730456000eb9dc25a65c265a381f81d5b066f5ac09e4234c078c089e, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:29:e6:90:37:c1:da:4a:b9:9e:d3:24:18:50:
                    78:15:63:c0:10:c1:a1:96:e0:c4:59:1d:c5:82:dc:
                    35:01:65:8f:c8:83:3c:22:ea:08:6a:60:d3:29:0a:
                    ec:ff:4e:a3:21:f9:f3:f5:6b:ee:20:6e:f7:4a:92:
                    f8:0a:32:22:36:3a:ab:7c:5c:26:97:45:82:ce:15:
                    65:17:e2:cc:60:58:d0:ba:3a:1a:d0:83:0d:28:e2:
                    08:24:68:ed:6f:ac:eb:58:43:53:ac:c7:41:0b:c4:
                    f0:8e:1f:4c:60:46:bb:b7:a6:ea:e9:9f:b9:dd:bd:
                    ee:9b:20:9f:e2:aa:1a:04:af:44:35:8d:03:60:66:
                    ab:24:64:2c:72:d8:41:fb:ab:78:b3:b9:aa:f3:09:
                    1b:72:6f:fc:ed:69:44:d4:ff:a7:70:ea:6d:df:44:
                    24:2d:ae:2c:7b:d1:2a:1a:52:15:67:f4:1d:e8:eb:
                    f2:a1:95:e3:4a:1b:44:b3:59:6c:34:ff:2a:f8:bd:
                    89:dc:08:58:02:f1:66:c1:cb:13:21:7e:0f:21:a2:
                    97:66:35:df:a5:f3:9f:03:68:fa:aa:8f:bd:a1:9f:
                    d2:26:b1:ae:5f:57:ce:17:de:a1:b7:73:16:e0:f8:
                    97:97:c2:d3:04:2b:f8:ca:48:85:c6:0b:75:be:fe:
                    bf:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:D7:DE:53:51:D6:0E:06:F3:7F:A8:4D:D7:8D:DF:CE:37:E8:D3:41
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3ad02644-60fe-41b8-bdc5-7402a3456a23.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.94.147.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b4:25:0d:c0:2a:a0:c7:47:4c:79:14:b2:6f:94:e6:46:33:77:
         2a:f2:4c:77:2c:a5:b8:8a:51:98:b8:34:46:c7:1b:68:5b:16:
         9a:63:61:2e:5e:ec:6f:90:a2:0e:da:c0:7f:06:2c:de:65:52:
         b8:5b:a7:69:d2:05:57:63:71:11:cd:f4:22:3b:d1:b8:78:25:
         60:8c:5c:f7:07:27:93:79:05:61:05:39:a5:c9:ea:99:c7:b0:
         a2:75:89:18:37:98:d2:9d:cf:09:7d:7c:9f:08:67:aa:3d:58:
         d3:30:1b:8f:a7:35:a1:b2:7e:f5:2a:f7:7d:79:63:7a:67:59:
         a6:6e:21:fe:69:ce:b6:1c:ef:8b:80:2f:98:74:76:27:76:bd:
         6b:37:3e:7e:87:3a:db:a6:f8:e0:10:87:56:c0:7e:61:c9:16:
         6f:86:a7:55:ce:2d:dd:ec:09:3b:59:61:d1:ce:7c:79:d6:ed:
         56:27:07:65:50:5f:6a:be:8c:93:d3:46:86:4e:78:52:6a:25:
         e4:e0:1e:94:b6:f9:f5:2e:f1:9c:f3:6a:84:2b:68:66:d4:42:
         11:b9:30:c5:d3:79:d4:75:20:9b:0c:52:15:41:20:78:1f:83:
         ca:7a:7e:01:28:85:1f:56:aa:43:9e:ca:b8:ab:87:ac:c0:57:
         fa:46:b8:e3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDpZjL/i7FkR5KFhZIQ29b8Q/yvkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTEwMDE0MDA3WhcNMjUxMjE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A2NjY0OWY1ZTczMDQ1NjAwMGViOWRjMjVhNjVjMjY1YTM4
MWY4MWQ1YjA2NmY1YWMwOWU0MjM0YzA3OGMwODllMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCQKeaQN8HaSrme0yQYUHgVY8AQwaGW4MRZHcWC3DUBZY/I
gzwi6ghqYNMpCuz/TqMh+fP1a+4gbvdKkvgKMiI2Oqt8XCaXRYLOFWUX4sxgWNC6
OhrQgw0o4ggkaO1vrOtYQ1Osx0ELxPCOH0xgRru3purpn7ndve6bIJ/iqhoEr0Q1
jQNgZqskZCxy2EH7q3izuarzCRtyb/ztaUTU/6dw6m3fRCQtrix70SoaUhVn9B3o
6/KhleNKG0SzWWw0/yr4vYncCFgC8WbByxMhfg8hopdmNd+l858DaPqqj72hn9Im
sa5fV84X3qG3cxbg+JeXwtMEK/jKSIXGC3W+/r/FAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUE9feU1HWDgbzf6hN143fzjfo00EwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzNhZDAyNjQ0LTYwZmUtNDFiOC1iZGM1LTc0MDJhMzQ1NmEyMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA0XpMwDQYJKoZIhvcNAQELBQADggEBALQlDcAqoMdHTHkUsm+U5kYzdyry
THcspbiKUZi4NEbHG2hbFppjYS5e7G+Qog7awH8GLN5lUrhbp2nSBVdjcRHN9CI7
0bh4JWCMXPcHJ5N5BWEFOaXJ6pnHsKJ1iRg3mNKdzwl9fJ8IZ6o9WNMwG4+nNaGy
fvUq9315Y3pnWaZuIf5pzrYc74uAL5h0did2vWs3Pn6HOtum+OAQh1bAfmHJFm+G
p1XOLd3sCTtZYdHOfHnW7VYnB2VQX2q+jJPTRoZOeFJqJeTgHpS2+fUu8ZzzaoQr
aGbUQhG5MMXTedR1IJsMUhVBIHgfg8p6fgEohR9WqkOeyrirh6zAV/pGuOM=
-----END CERTIFICATE-----