This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/471b7fbb-a1e3-44ab-8628-e10896f053eb.roa
File:                     471b7fbb-a1e3-44ab-8628-e10896f053eb.roa (raw, json)
Hash identifier:          D3m4HFQVY0KqahO23GNKrphIOZROBX7szNRE1bsMGN4=
Subject key identifier:   57:7B:54:87:D9:D3:25:62:9B:1F:9E:3C:A0:91:BE:C5:D3:EE:ED:54
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       7595AC6829D358D66F2607C54C61B39EDEFEABB8
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/471b7fbb-a1e3-44ab-8628-e10896f053eb.roa
Signing time:             Sat 29 Nov 2025 01:40:07 +0000
ROA not before:           Sat 29 Nov 2025 01:40:07 +0000
ROA not after:            Fri 27 Feb 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        34.248.192.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 04 Dec 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:95:ac:68:29:d3:58:d6:6f:26:07:c5:4c:61:b3:9e:de:fe:ab:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov 29 01:40:07 2025 GMT
            Not After : Feb 27 23:59:59 2026 GMT
        Subject: serialNumber=148126b7b3c3da8fcfc492e34ae2cd53888253b117855a1b5f28ef4af50c1fec, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:74:68:61:0d:96:4b:0c:f3:59:16:0d:f5:01:
                    5a:8b:0b:f7:a5:2d:81:a1:c8:7a:90:9c:fc:5f:d3:
                    95:10:4b:96:f7:b0:2a:dd:a4:fb:56:f0:02:b6:6e:
                    65:99:c6:75:ee:c2:0a:9e:2a:6c:a3:c6:8d:9f:28:
                    40:10:e7:7a:24:15:ff:34:04:72:a4:64:b2:85:ea:
                    1c:1c:31:55:01:c6:3e:bd:81:bd:da:e2:d9:1f:cd:
                    94:16:b9:e3:f2:45:47:dd:e6:cb:0b:13:d9:84:2c:
                    7c:40:21:8d:bb:ff:c3:e2:d4:1f:5a:62:9e:7c:cd:
                    23:d8:e7:1d:a8:f8:5a:c7:04:53:97:a5:e2:ba:fb:
                    be:d6:44:0e:25:73:af:2d:f5:18:0f:30:ba:e1:4e:
                    fe:2a:1a:8e:f7:c7:e5:e6:01:03:0d:e2:dd:15:80:
                    ca:9e:25:a6:ad:aa:ac:e9:a5:78:b6:27:18:c6:3f:
                    a2:e2:96:3e:91:22:9e:39:18:e1:63:96:dd:0d:06:
                    d4:0b:ef:ae:61:17:8e:25:9b:7c:85:43:77:aa:be:
                    96:e1:28:66:17:db:4d:e3:49:d6:76:ca:e4:9a:76:
                    47:db:45:84:44:79:f4:0c:ba:f4:c1:ab:e6:9e:5f:
                    5b:71:38:c5:52:33:c9:64:27:f4:45:a7:88:98:24:
                    fb:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:7B:54:87:D9:D3:25:62:9B:1F:9E:3C:A0:91:BE:C5:D3:EE:ED:54
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/471b7fbb-a1e3-44ab-8628-e10896f053eb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  34.248.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         21:01:ed:f3:e0:05:fe:45:d5:54:38:ee:ee:8a:9c:58:f0:2d:
         be:61:17:da:1c:91:31:01:bc:e6:66:81:eb:b2:aa:48:a7:59:
         a4:5d:20:f2:37:bf:67:e3:53:c1:3c:04:65:66:1f:9e:d2:3e:
         93:c6:de:88:e8:c7:4d:ed:b7:55:22:e2:d1:b5:8a:c3:5b:8d:
         5a:af:74:b0:d0:d8:10:c4:a4:31:d4:ac:15:79:9b:4a:83:c3:
         b2:02:4b:d3:b9:f5:31:8f:b8:e2:5d:41:18:a3:b8:4f:7d:cd:
         78:4a:d2:0c:aa:5a:c3:f3:24:a9:80:7d:53:e4:0c:9d:2f:1c:
         ea:7f:49:29:3d:13:40:1f:41:29:ed:8c:4c:6d:9c:67:0e:a8:
         1c:75:a1:9a:a6:6f:39:7a:aa:07:e8:e1:b4:6e:4d:e0:33:3c:
         70:bc:c6:0c:8d:41:f2:eb:c1:b7:63:8d:69:6c:41:7b:1b:fe:
         d7:94:e9:ba:14:78:9b:6c:a6:f0:66:2c:29:f0:61:16:fa:7a:
         dd:01:63:a0:8b:e7:8a:5f:02:23:b5:6d:ba:70:75:f0:b7:7d:
         b2:d2:08:bc:0f:f3:3d:3c:75:1c:b5:8b:d9:bb:ed:07:b2:31:
         46:b5:cd:a7:6f:5c:84:76:61:13:5b:49:a6:22:4d:7c:31:56:
         a9:84:f9:98
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdZWsaCnTWNZvJgfFTGGznt7+q7gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTI5MDE0MDA3WhcNMjYwMjI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AxNDgxMjZiN2IzYzNkYThmY2ZjNDkyZTM0YWUyY2Q1Mzg4
ODI1M2IxMTc4NTVhMWI1ZjI4ZWY0YWY1MGMxZmVjMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDodGhhDZZLDPNZFg31AVqLC/elLYGhyHqQnPxf05UQS5b3
sCrdpPtW8AK2bmWZxnXuwgqeKmyjxo2fKEAQ53okFf80BHKkZLKF6hwcMVUBxj69
gb3a4tkfzZQWuePyRUfd5ssLE9mELHxAIY27/8Pi1B9aYp58zSPY5x2o+FrHBFOX
peK6+77WRA4lc68t9RgPMLrhTv4qGo73x+XmAQMN4t0VgMqeJaatqqzppXi2JxjG
P6Lilj6RIp45GOFjlt0NBtQL765hF44lm3yFQ3eqvpbhKGYX203jSdZ2yuSadkfb
RYREefQMuvTBq+aeX1txOMVSM8lkJ/RFp4iYJPuRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUV3tUh9nTJWKbH548oJG+xdPu7VQwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzQ3MWI3ZmJiLWExZTMtNDRhYi04NjI4LWUxMDg5NmYwNTNlYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAYi+MAwDQYJKoZIhvcNAQELBQADggEBACEB7fPgBf5F1VQ47u6KnFjwLb5h
F9ockTEBvOZmgeuyqkinWaRdIPI3v2fjU8E8BGVmH57SPpPG3ojox03tt1Ui4tG1
isNbjVqvdLDQ2BDEpDHUrBV5m0qDw7ICS9O59TGPuOJdQRijuE99zXhK0gyqWsPz
JKmAfVPkDJ0vHOp/SSk9E0AfQSntjExtnGcOqBx1oZqmbzl6qgfo4bRuTeAzPHC8
xgyNQfLrwbdjjWlsQXsb/teU6boUeJtspvBmLCnwYRb6et0BY6CL54pfAiO1bbpw
dfC3fbLSCLwP8z08dRy1i9m77QeyMUa1zadvXIR2YRNbSaYiTXwxVqmE+Zg=
-----END CERTIFICATE-----