This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6a59fb8b-76dd-478b-8633-7422730479a3.roa
File:                     6a59fb8b-76dd-478b-8633-7422730479a3.roa (raw, json)
Hash identifier:          yKsix0E9NQkSEn/f0ypG0CLQC2by/wigdX5AdQDE6pc=
Subject key identifier:   B3:F3:E5:B1:45:07:6D:94:D8:F3:1B:8A:CC:D1:E5:33:43:8D:12:FC
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       4ABC23E551EB68F60F9D98F2EBB91846520A6988
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6a59fb8b-76dd-478b-8633-7422730479a3.roa
Signing time:             Thu 13 Nov 2025 01:21:38 +0000
ROA not before:           Thu 13 Nov 2025 01:21:38 +0000
ROA not after:            Thu 18 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.95.111.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 04 Dec 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:bc:23:e5:51:eb:68:f6:0f:9d:98:f2:eb:b9:18:46:52:0a:69:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov 13 01:21:38 2025 GMT
            Not After : Dec 18 23:59:59 2025 GMT
        Subject: serialNumber=49ddacbf4e4a90175948b2a8123425ed376c04ce2ccdf1bfadb2662edf05f685, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:5e:b7:44:bf:be:23:92:a6:bb:95:47:ca:bd:
                    03:88:5f:db:ef:43:f8:4e:f3:90:0f:b7:d3:5f:d2:
                    bd:58:bf:65:24:46:93:69:9e:c5:cb:e5:04:73:3e:
                    0e:65:6f:14:94:03:90:f4:d3:13:70:84:ec:d1:39:
                    4a:02:0f:3f:7e:41:01:aa:2d:6c:19:50:8e:d1:54:
                    1c:9d:58:04:fe:8b:de:f2:2c:47:68:33:4a:89:f1:
                    cd:e5:fa:cc:25:90:96:62:dd:b2:2b:30:52:35:a9:
                    5f:64:84:f8:3f:16:fd:f0:4f:f2:38:6d:ca:7f:34:
                    ef:81:06:1a:49:cb:40:af:8e:6b:c9:75:86:58:b7:
                    21:86:f0:bc:0d:57:4a:50:22:9c:fb:c5:6c:e5:5b:
                    9f:33:bc:5a:a8:a9:9c:bb:7c:4a:f5:8b:a9:9b:a0:
                    46:fe:fa:0d:9d:65:ca:dc:b8:1d:8d:89:c0:3f:46:
                    96:78:79:9e:74:09:2b:78:34:b3:b1:87:9e:fa:57:
                    a5:6d:c8:18:e8:90:3d:18:8a:40:a5:cb:45:51:37:
                    b1:84:9a:4c:ce:2f:ec:11:ef:d6:c1:e7:da:7e:12:
                    31:92:76:b9:8c:20:a2:51:45:ec:ab:11:70:3e:c9:
                    e5:0b:3e:06:77:7b:a8:40:80:ca:49:07:83:11:e8:
                    67:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:F3:E5:B1:45:07:6D:94:D8:F3:1B:8A:CC:D1:E5:33:43:8D:12:FC
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6a59fb8b-76dd-478b-8633-7422730479a3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.95.111.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ae:9d:45:af:e3:91:f9:41:64:c5:22:42:c7:ee:47:05:89:90:
         bc:44:62:93:fe:7e:a3:9b:57:1c:ef:90:07:bb:4f:c8:07:fd:
         b0:e3:27:9d:0e:53:51:ac:f1:b9:25:ff:b5:7d:26:cd:13:72:
         b0:c2:01:55:59:ec:ba:62:14:47:25:f5:0c:fc:1a:38:a5:4b:
         b2:cf:6c:3d:19:3c:21:2e:c1:d3:b8:4d:e3:c7:3f:fb:04:71:
         73:a6:4f:89:52:68:ad:b8:b6:e4:1c:1f:d4:93:25:2c:ec:3d:
         a3:7a:d9:9a:c4:87:b2:24:ee:38:13:fa:33:91:d0:fe:93:f8:
         0f:64:e5:f5:1b:36:bf:ea:a4:d7:99:7f:82:47:fc:ca:86:1e:
         22:eb:8f:bf:49:8e:7c:1c:ac:02:11:4a:cd:1f:f2:8e:4e:b6:
         de:a0:2f:b1:e4:a1:f0:5a:ce:9e:b1:c6:47:50:9a:91:07:9b:
         fc:30:af:27:15:cb:ca:fc:10:a6:40:66:3a:7b:9c:be:08:a5:
         72:cc:20:95:d5:50:dc:c6:c5:f4:83:5f:d9:c2:59:32:f7:88:
         f9:ff:fe:d4:a8:5f:f4:50:e3:18:2c:28:51:f3:a9:37:b7:a6:
         fe:a9:61:3f:65:87:ca:a0:4d:c5:dd:68:df:99:69:f4:1b:78:
         41:bc:b3:27
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSrwj5VHraPYPnZjy67kYRlIKaYgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTEzMDEyMTM4WhcNMjUxMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A0OWRkYWNiZjRlNGE5MDE3NTk0OGIyYTgxMjM0MjVlZDM3
NmMwNGNlMmNjZGYxYmZhZGIyNjYyZWRmMDVmNjg1MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCqXrdEv74jkqa7lUfKvQOIX9vvQ/hO85APt9Nf0r1Yv2Uk
RpNpnsXL5QRzPg5lbxSUA5D00xNwhOzROUoCDz9+QQGqLWwZUI7RVBydWAT+i97y
LEdoM0qJ8c3l+swlkJZi3bIrMFI1qV9khPg/Fv3wT/I4bcp/NO+BBhpJy0CvjmvJ
dYZYtyGG8LwNV0pQIpz7xWzlW58zvFqoqZy7fEr1i6mboEb++g2dZcrcuB2NicA/
RpZ4eZ50CSt4NLOxh576V6VtyBjokD0YikCly0VRN7GEmkzOL+wR79bB59p+EjGS
drmMIKJRReyrEXA+yeULPgZ3e6hAgMpJB4MR6Gc3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUs/PlsUUHbZTY8xuKzNHlM0ONEvwwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzZhNTlmYjhiLTc2ZGQtNDc4Yi04NjMzLTc0MjI3MzA0NzlhMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA0X28wDQYJKoZIhvcNAQELBQADggEBAK6dRa/jkflBZMUiQsfuRwWJkLxE
YpP+fqObVxzvkAe7T8gH/bDjJ50OU1Gs8bkl/7V9Js0TcrDCAVVZ7LpiFEcl9Qz8
GjilS7LPbD0ZPCEuwdO4TePHP/sEcXOmT4lSaK24tuQcH9STJSzsPaN62ZrEh7Ik
7jgT+jOR0P6T+A9k5fUbNr/qpNeZf4JH/MqGHiLrj79JjnwcrAIRSs0f8o5Ott6g
L7HkofBazp6xxkdQmpEHm/wwrycVy8r8EKZAZjp7nL4IpXLMIJXVUNzGxfSDX9nC
WTL3iPn//tSoX/RQ4xgsKFHzqTe3pv6pYT9lh8qgTcXdaN+ZafQbeEG8syc=
-----END CERTIFICATE-----