This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3d8d5bde-3454-48a3-aa94-1772cda89cd1.roa
File:                     3d8d5bde-3454-48a3-aa94-1772cda89cd1.roa (raw, json)
Hash identifier:          ZbcFPI8wugiu3UXUoLS6QK2KDZa/5xsAzZL0ve+Jvw4=
Subject key identifier:   8B:01:5E:B7:43:26:3C:90:C4:31:A6:40:69:5D:F3:F2:EB:C6:47:32
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       74C45C8A018B8CC2066B4CA3B5038A93D8D65E63
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3d8d5bde-3454-48a3-aa94-1772cda89cd1.roa
Signing time:             Sat 29 Nov 2025 01:21:05 +0000
ROA not before:           Sat 29 Nov 2025 01:21:05 +0000
ROA not after:            Fri 27 Feb 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        34.253.128.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 04 Dec 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:c4:5c:8a:01:8b:8c:c2:06:6b:4c:a3:b5:03:8a:93:d8:d6:5e:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov 29 01:21:05 2025 GMT
            Not After : Feb 27 23:59:59 2026 GMT
        Subject: serialNumber=c4ca55f9b637acfaf14a82d88b73f1d9c874b7f6c70764cf889115452a88ad43, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:b0:38:09:dd:9e:6e:0e:af:7c:fe:5e:32:31:
                    88:f3:5b:34:a2:e8:bf:9e:66:1f:b6:ff:75:f5:65:
                    da:16:f9:b6:a7:13:04:04:f6:3e:b7:3b:50:e6:0b:
                    f2:85:30:37:06:45:0a:fc:96:2f:3d:6e:5f:c2:79:
                    db:a8:6f:a6:b6:b3:c2:87:5e:88:51:df:54:25:ce:
                    8c:ad:2a:e8:2f:29:80:c4:56:77:02:56:b8:af:69:
                    ba:db:a3:01:80:b8:74:a3:35:37:c1:b6:07:01:4f:
                    34:7e:f6:a7:95:f2:d3:0d:65:99:47:f6:59:27:6f:
                    82:aa:4b:72:e1:94:8d:4f:15:89:fe:9f:da:57:7e:
                    da:1e:18:05:77:0f:f7:c5:ba:0d:d0:37:93:df:2f:
                    da:b2:f9:e0:a0:db:03:5e:be:7f:3c:83:a7:7d:8a:
                    03:da:5f:6e:c5:79:91:78:2e:8f:00:d5:3f:af:34:
                    fc:21:6c:ea:e2:d7:14:a9:85:a1:6c:1f:d1:ef:e0:
                    7b:4b:ab:78:00:03:48:7b:7e:3a:2c:90:43:8f:8b:
                    9d:1b:1f:bd:d4:44:49:77:0e:85:d1:c7:23:c5:53:
                    9c:6f:11:69:9c:e7:12:59:d8:45:12:9a:6b:59:78:
                    35:57:17:ab:08:0e:cf:74:17:13:d1:d1:d3:3d:bf:
                    69:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:01:5E:B7:43:26:3C:90:C4:31:A6:40:69:5D:F3:F2:EB:C6:47:32
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3d8d5bde-3454-48a3-aa94-1772cda89cd1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  34.253.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         29:d7:11:05:63:44:d8:d6:60:c8:39:60:b9:8d:f8:9e:61:7c:
         39:75:39:8a:9c:2e:0b:6d:d9:40:a5:37:c0:2a:7f:78:be:90:
         04:60:f0:cd:fc:47:6b:f0:f3:57:b7:78:2f:d2:c0:dd:37:c2:
         b2:3c:1f:29:02:05:48:56:60:eb:ef:38:6b:a8:70:c7:1e:6f:
         d7:ee:34:b7:ad:5a:b9:3a:df:ea:77:1d:46:e3:5c:4a:7c:ed:
         9f:9c:b7:44:72:d0:56:5a:67:0b:44:e7:04:7f:96:7a:2c:8a:
         05:0e:a0:fb:89:2d:88:a8:3f:1d:84:dc:48:8a:52:fa:33:fb:
         75:8b:25:ed:1a:fd:22:f5:40:78:a3:0e:30:78:21:62:01:93:
         07:62:52:e2:8e:d3:95:e8:5b:55:93:48:56:1a:5c:e0:15:67:
         c1:db:c3:72:0d:83:92:08:bc:86:d2:f5:eb:ed:85:ec:d3:07:
         76:fe:54:e7:77:3a:74:2f:92:7a:51:3a:6d:e1:d2:21:48:1a:
         d4:6a:32:5a:20:cb:0a:6a:81:57:4d:49:42:00:ed:18:14:1b:
         dd:c4:dd:7a:de:2d:4f:64:c7:ce:c1:cd:14:c2:6e:04:c0:92:
         db:87:70:a7:4e:67:bb:7d:1c:40:02:fa:8b:a3:14:7d:cc:29:
         76:2f:e2:2c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdMRcigGLjMIGa0yjtQOKk9jWXmMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTI5MDEyMTA1WhcNMjYwMjI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BjNGNhNTVmOWI2MzdhY2ZhZjE0YTgyZDg4YjczZjFkOWM4
NzRiN2Y2YzcwNzY0Y2Y4ODkxMTU0NTJhODhhZDQzMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCVsDgJ3Z5uDq98/l4yMYjzWzSi6L+eZh+2/3X1ZdoW+ban
EwQE9j63O1DmC/KFMDcGRQr8li89bl/Ceduob6a2s8KHXohR31QlzoytKugvKYDE
VncCVrivabrbowGAuHSjNTfBtgcBTzR+9qeV8tMNZZlH9lknb4KqS3LhlI1PFYn+
n9pXftoeGAV3D/fFug3QN5PfL9qy+eCg2wNevn88g6d9igPaX27FeZF4Lo8A1T+v
NPwhbOri1xSphaFsH9Hv4HtLq3gAA0h7fjoskEOPi50bH73UREl3DoXRxyPFU5xv
EWmc5xJZ2EUSmmtZeDVXF6sIDs90FxPR0dM9v2ljAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUiwFet0MmPJDEMaZAaV3z8uvGRzIwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzNkOGQ1YmRlLTM0NTQtNDhhMy1hYTk0LTE3NzJjZGE4OWNkMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAYi/YAwDQYJKoZIhvcNAQELBQADggEBACnXEQVjRNjWYMg5YLmN+J5hfDl1
OYqcLgtt2UClN8Aqf3i+kARg8M38R2vw81e3eC/SwN03wrI8HykCBUhWYOvvOGuo
cMceb9fuNLetWrk63+p3HUbjXEp87Z+ct0Ry0FZaZwtE5wR/lnosigUOoPuJLYio
Px2E3EiKUvoz+3WLJe0a/SL1QHijDjB4IWIBkwdiUuKO05XoW1WTSFYaXOAVZ8Hb
w3INg5IIvIbS9evthezTB3b+VOd3OnQvknpROm3h0iFIGtRqMlogywpqgVdNSUIA
7RgUG93E3XreLU9kx87BzRTCbgTAktuHcKdOZ7t9HEAC+oujFH3MKXYv4iw=
-----END CERTIFICATE-----