This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/74eb9ece-ea26-4086-88dd-0d2d4183881c.roa
File:                     74eb9ece-ea26-4086-88dd-0d2d4183881c.roa (raw, json)
Hash identifier:          /z7XOEFVXTIXdnXVJag/L/tBm/4Fgj+Cl8LrrXjbEL8=
Subject key identifier:   B2:08:67:97:C9:DC:51:4D:FF:F0:F5:E5:E2:D6:1D:03:3E:40:84:FB
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       067136A3AC99C053704F02C40E285677E38148EB
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/74eb9ece-ea26-4086-88dd-0d2d4183881c.roa
Signing time:             Sat 15 Nov 2025 02:50:54 +0000
ROA not before:           Sat 15 Nov 2025 02:50:54 +0000
ROA not after:            Sat 20 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.94.204.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 04 Dec 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:71:36:a3:ac:99:c0:53:70:4f:02:c4:0e:28:56:77:e3:81:48:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov 15 02:50:54 2025 GMT
            Not After : Dec 20 23:59:59 2025 GMT
        Subject: serialNumber=25f26b350a3aea90de1450706af91ee904b9ce584963ef7dcc292ba4a67c9ed4, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:3e:00:79:03:2a:74:a5:81:32:26:26:46:96:
                    0c:19:bf:19:c9:ac:7e:48:a2:ea:d3:41:2c:71:2a:
                    c4:f7:33:3b:f7:8f:86:3c:e6:03:90:5e:c3:13:05:
                    4c:c7:dc:b8:91:8c:a4:06:d0:47:8c:bb:03:14:23:
                    ff:36:13:14:09:1f:4c:e0:8d:f0:9c:d5:ae:54:e2:
                    0c:28:44:37:58:0e:8d:9c:e5:42:50:9b:97:05:6e:
                    fc:6c:da:6f:7e:83:0a:64:e3:01:85:fa:1c:d5:8a:
                    46:95:87:04:26:ae:3d:6b:e1:6c:54:ba:e4:30:fb:
                    1f:32:c1:e4:71:ea:74:57:9b:cc:ea:97:a1:bc:c4:
                    93:b4:10:41:52:9e:19:ab:a5:c3:5f:75:b0:cf:4b:
                    a2:06:b3:10:83:b1:59:89:be:6d:8e:86:06:8e:08:
                    c3:95:6f:99:1a:00:9a:07:27:91:e0:8b:55:0b:ef:
                    85:c6:a0:92:eb:96:cd:03:5f:3b:35:fb:59:b0:95:
                    9a:80:13:6a:77:b9:2e:52:8a:40:64:bd:2f:f3:c6:
                    98:50:93:4a:45:f8:39:c8:9b:24:fc:6f:9d:b6:8e:
                    78:c1:b6:16:31:44:8d:5b:4b:95:5c:b9:e4:c0:78:
                    7e:69:84:31:2c:72:0e:aa:1c:ea:88:de:43:b5:14:
                    cb:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:08:67:97:C9:DC:51:4D:FF:F0:F5:E5:E2:D6:1D:03:3E:40:84:FB
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/74eb9ece-ea26-4086-88dd-0d2d4183881c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.94.204.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0d:43:f6:3b:c0:b9:42:b8:e1:6d:c8:95:ea:63:4e:76:b8:49:
         c7:5a:18:0f:c9:70:c1:ac:a2:e2:22:f4:1f:88:6c:06:43:7e:
         b5:05:bb:bf:49:73:21:57:d2:56:c7:14:ff:24:41:d7:70:07:
         ae:a9:bf:35:21:d5:46:2b:8d:34:ec:ad:66:64:f1:eb:bf:7d:
         7f:67:29:a3:26:2e:4b:ef:a7:ef:11:d8:bb:61:98:f3:5b:59:
         4e:6d:b5:61:f6:1a:a6:c5:97:b0:f3:45:fc:bb:61:94:4c:ac:
         3b:a5:25:3d:8e:3e:a1:dd:aa:05:7c:81:78:25:b3:f4:87:22:
         29:57:63:31:ca:e4:d3:56:c3:6f:c9:a8:b5:ce:10:25:a6:79:
         0f:8c:17:a5:39:fc:e0:ef:28:2f:ee:7b:32:85:17:4f:50:b6:
         ee:2b:bf:7e:32:8c:16:71:9c:84:00:da:b4:c0:08:ac:f6:b5:
         da:b3:37:33:4b:87:ce:19:c4:fe:58:89:20:f8:ec:be:7b:e0:
         a6:7f:7e:8b:25:53:df:09:9a:93:f2:e7:f9:ea:59:b3:e7:b3:
         b5:0f:0e:15:8c:3d:7c:35:05:7d:e3:f0:8e:1d:e4:01:82:9a:
         41:75:74:d4:4a:af:70:ea:ac:00:93:04:fc:1d:2a:95:f0:9c:
         fd:dd:ee:22
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBnE2o6yZwFNwTwLEDihWd+OBSOswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTE1MDI1MDU0WhcNMjUxMjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0AyNWYyNmIzNTBhM2FlYTkwZGUxNDUwNzA2YWY5MWVlOTA0
YjljZTU4NDk2M2VmN2RjYzI5MmJhNGE2N2M5ZWQ0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCsPgB5Ayp0pYEyJiZGlgwZvxnJrH5IourTQSxxKsT3Mzv3
j4Y85gOQXsMTBUzH3LiRjKQG0EeMuwMUI/82ExQJH0zgjfCc1a5U4gwoRDdYDo2c
5UJQm5cFbvxs2m9+gwpk4wGF+hzVikaVhwQmrj1r4WxUuuQw+x8yweRx6nRXm8zq
l6G8xJO0EEFSnhmrpcNfdbDPS6IGsxCDsVmJvm2OhgaOCMOVb5kaAJoHJ5Hgi1UL
74XGoJLrls0DXzs1+1mwlZqAE2p3uS5SikBkvS/zxphQk0pF+DnImyT8b522jnjB
thYxRI1bS5VcueTAeH5phDEscg6qHOqI3kO1FMvZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUsghnl8ncUU3/8PXl4tYdAz5AhPswHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzc0ZWI5ZWNlLWVhMjYtNDA4Ni04OGRkLTBkMmQ0MTgzODgxYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAE0XswwDQYJKoZIhvcNAQELBQADggEBAA1D9jvAuUK44W3IlepjTna4Scda
GA/JcMGsouIi9B+IbAZDfrUFu79JcyFX0lbHFP8kQddwB66pvzUh1UYrjTTsrWZk
8eu/fX9nKaMmLkvvp+8R2LthmPNbWU5ttWH2GqbFl7DzRfy7YZRMrDulJT2OPqHd
qgV8gXgls/SHIilXYzHK5NNWw2/JqLXOECWmeQ+MF6U5/ODvKC/uezKFF09Qtu4r
v34yjBZxnIQA2rTACKz2tdqzNzNLh84ZxP5YiSD47L574KZ/foslU98JmpPy5/nq
WbPns7UPDhWMPXw1BX3j8I4d5AGCmkF1dNRKr3DqrACTBPwdKpXwnP3d7iI=
-----END CERTIFICATE-----