This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5c0eeea0-796e-4e32-b4a7-df8b51d0ce34.roa
File:                     5c0eeea0-796e-4e32-b4a7-df8b51d0ce34.roa (raw, json)
Hash identifier:          SJmErwXcAGL5O5Dhj8phZSfzLRoYjWOfavOAkUsP0Yg=
Subject key identifier:   D7:98:02:46:5D:F7:CB:16:F9:0B:49:EA:23:BF:09:1D:C4:A2:C0:F3
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       7FC7D773589E9212C2E0054D2A18835813000D63
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5c0eeea0-796e-4e32-b4a7-df8b51d0ce34.roa
Signing time:             Sat 15 Nov 2025 04:21:49 +0000
ROA not before:           Sat 15 Nov 2025 04:21:49 +0000
ROA not after:            Sat 20 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.124.0.0/15 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 04 Dec 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:c7:d7:73:58:9e:92:12:c2:e0:05:4d:2a:18:83:58:13:00:0d:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov 15 04:21:49 2025 GMT
            Not After : Dec 20 23:59:59 2025 GMT
        Subject: serialNumber=2dfd71327462388bdb02a344e9671bb0d3bc130fa9cc569ad2d8f42b131b21ff, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:8e:20:9f:c0:84:59:24:17:f7:78:c6:d5:63:
                    b1:16:c5:97:c6:2e:2f:fb:e3:cb:5e:4f:8f:b0:1b:
                    6d:59:cb:36:d3:3c:ad:c1:33:88:1e:63:03:7a:50:
                    06:f0:33:86:95:39:37:b0:8e:a6:79:28:67:5b:84:
                    80:65:ed:d0:dd:4d:26:74:ec:0e:95:9a:c6:b8:3c:
                    a4:db:00:86:6b:ce:12:c4:28:0f:34:05:ba:93:29:
                    ad:73:17:91:ca:c6:05:6d:5b:a4:a7:7f:09:a3:37:
                    bb:47:a8:4b:3d:d9:68:f3:3d:8b:b0:66:1b:bd:aa:
                    e8:72:fc:ca:f1:ac:23:02:96:8e:67:72:66:6e:84:
                    f0:18:ed:10:ea:64:41:ec:90:9f:8e:1d:62:4b:0a:
                    19:e5:67:ff:4e:1f:88:32:27:b9:0e:40:9e:7b:41:
                    57:b4:c1:5b:57:40:15:f0:8f:50:ea:93:79:cb:54:
                    c1:70:44:f9:3a:96:2e:f3:ce:f2:a2:0b:4c:f9:13:
                    1e:53:25:84:b1:b8:56:11:62:82:95:54:80:31:92:
                    c2:c4:79:fb:4b:c9:14:58:f3:f1:db:2b:2a:ac:5c:
                    c2:7f:8b:cf:dd:4a:e8:fe:e2:85:65:fa:ba:76:ad:
                    f1:cf:bb:9b:84:c4:dc:2e:92:dd:f6:e3:af:25:e7:
                    c8:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:98:02:46:5D:F7:CB:16:F9:0B:49:EA:23:BF:09:1D:C4:A2:C0:F3
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5c0eeea0-796e-4e32-b4a7-df8b51d0ce34.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.124.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         6a:ef:c3:b2:cb:4c:c5:12:12:13:8e:ab:27:03:14:77:d7:53:
         cf:c7:fb:08:9a:9b:87:58:7e:68:4f:36:06:72:fc:6c:f3:5c:
         9d:10:c5:9b:60:60:20:e7:27:61:0e:0f:f9:d1:89:26:0a:d4:
         70:47:51:b4:1a:6e:e1:63:97:1a:d7:59:35:63:cb:8e:65:61:
         7f:0a:7c:ca:5f:0a:b5:88:9f:c6:7d:d7:2c:0e:f4:ee:8b:4e:
         da:a0:62:e8:af:19:24:9c:47:ff:7c:6f:94:17:cf:23:bd:99:
         f3:4e:c6:04:1b:2a:79:72:69:07:b3:04:3b:b9:60:e6:84:fd:
         42:2d:c8:f7:19:bb:c0:64:cc:99:a4:33:25:1a:ec:5c:20:f9:
         da:19:07:fd:b6:48:f8:11:75:c5:29:13:8d:7a:6a:5d:99:5c:
         6b:99:4e:68:12:ba:ed:73:e4:06:da:e7:5b:cb:79:ea:77:f1:
         e0:fe:0d:98:fb:21:19:9d:ce:70:af:88:e4:19:43:37:07:8a:
         16:88:96:85:71:49:fa:7d:45:b4:70:7f:81:35:05:6a:a8:78:
         52:2a:29:30:02:af:95:b6:bc:d9:45:5e:01:a5:e9:83:dd:be:
         3d:c6:b9:dd:4e:ac:52:6e:f2:15:61:fc:9b:8f:b3:5d:ad:81:
         ea:d9:5a:0f
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUf8fXc1iekhLC4AVNKhiDWBMADWMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTE1MDQyMTQ5WhcNMjUxMjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0AyZGZkNzEzMjc0NjIzODhiZGIwMmEzNDRlOTY3MWJiMGQz
YmMxMzBmYTljYzU2OWFkMmQ4ZjQyYjEzMWIyMWZmMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvjiCfwIRZJBf3eMbVY7EWxZfGLi/748teT4+wG21ZyzbT
PK3BM4geYwN6UAbwM4aVOTewjqZ5KGdbhIBl7dDdTSZ07A6Vmsa4PKTbAIZrzhLE
KA80BbqTKa1zF5HKxgVtW6SnfwmjN7tHqEs92WjzPYuwZhu9quhy/MrxrCMClo5n
cmZuhPAY7RDqZEHskJ+OHWJLChnlZ/9OH4gyJ7kOQJ57QVe0wVtXQBXwj1Dqk3nL
VMFwRPk6li7zzvKiC0z5Ex5TJYSxuFYRYoKVVIAxksLEeftLyRRY8/HbKyqsXMJ/
i8/dSuj+4oVl+rp2rfHPu5uExNwukt32468l58hxAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU15gCRl33yxb5C0nqI78JHcSiwPMwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzVjMGVlZWEwLTc5NmUtNGUzMi1iNGE3LWRmOGI1MWQwY2UzNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwESfDANBgkqhkiG9w0BAQsFAAOCAQEAau/DsstMxRISE46rJwMUd9dTz8f7
CJqbh1h+aE82BnL8bPNcnRDFm2BgIOcnYQ4P+dGJJgrUcEdRtBpu4WOXGtdZNWPL
jmVhfwp8yl8KtYifxn3XLA707otO2qBi6K8ZJJxH/3xvlBfPI72Z807GBBsqeXJp
B7MEO7lg5oT9Qi3I9xm7wGTMmaQzJRrsXCD52hkH/bZI+BF1xSkTjXpqXZlca5lO
aBK67XPkBtrnW8t56nfx4P4NmPshGZ3OcK+I5BlDNweKFoiWhXFJ+n1FtHB/gTUF
aqh4UiopMAKvlba82UVeAaXpg92+Pca53U6sUm7yFWH8m4+zXa2B6tlaDw==
-----END CERTIFICATE-----