This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/773c564f-d1a3-43fd-a13c-ad534ef49714.roa
File:                     773c564f-d1a3-43fd-a13c-ad534ef49714.roa (raw, json)
Hash identifier:          q9zExypbXpmaV1ysQUF74T+CPVy7kphaJUQeX2wH7hI=
Subject key identifier:   AB:49:33:D7:09:20:B9:74:70:C4:DD:78:C0:6D:FE:0B:F7:2E:CB:65
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       73FF44AF003F0ED69026F286263A9DFCF4C823B3
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/773c564f-d1a3-43fd-a13c-ad534ef49714.roa
Signing time:             Sat 15 Nov 2025 04:30:16 +0000
ROA not before:           Sat 15 Nov 2025 04:30:16 +0000
ROA not after:            Sat 20 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        136.16.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 04 Dec 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:ff:44:af:00:3f:0e:d6:90:26:f2:86:26:3a:9d:fc:f4:c8:23:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov 15 04:30:16 2025 GMT
            Not After : Dec 20 23:59:59 2025 GMT
        Subject: serialNumber=5c85c577472d1f6368febd432b8d4716017854004bafff9228e921b7ac16bd68, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:db:4b:12:31:c3:0d:2f:a1:5f:ca:f8:28:4e:
                    ce:8f:95:95:3a:7f:e8:14:0e:1d:e1:d0:5c:ec:da:
                    47:ef:26:6a:34:b5:18:fc:19:f9:ea:06:91:cb:ca:
                    9c:96:00:59:ab:f2:6d:7d:94:c5:92:ad:cd:2e:cb:
                    fc:8b:5e:c4:5d:3c:e6:84:6f:d8:9c:32:2a:83:d7:
                    90:4a:1d:55:ef:9b:3d:48:ab:1a:fc:c6:8d:ae:6e:
                    bd:83:bb:b4:31:50:c0:99:4d:88:8a:83:5a:33:ac:
                    e8:ed:db:02:c5:ac:4a:b6:86:e3:1d:f1:b7:d9:88:
                    97:64:43:5e:7b:02:c5:64:ad:40:e7:c7:3c:16:9b:
                    56:01:0c:28:b0:43:1a:5d:a0:02:8c:5c:99:73:50:
                    50:db:a6:4d:50:c1:ad:f2:33:3a:95:6f:ae:4e:53:
                    38:c3:b9:64:9c:88:58:0e:03:99:8f:76:c5:6d:a4:
                    de:44:11:2d:37:aa:77:96:a6:b2:f9:e4:47:f2:45:
                    ba:f9:82:c8:10:11:47:26:d8:b3:cd:70:02:a0:c1:
                    b9:ae:38:59:51:fb:5b:e2:ed:12:a3:4f:59:e0:e6:
                    d6:20:67:58:15:5a:19:e9:d9:98:48:2f:31:b9:65:
                    81:a4:72:cd:7c:a5:f6:f1:76:96:4e:60:ce:d6:04:
                    f8:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:49:33:D7:09:20:B9:74:70:C4:DD:78:C0:6D:FE:0B:F7:2E:CB:65
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/773c564f-d1a3-43fd-a13c-ad534ef49714.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  136.16.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         78:46:4c:c9:fc:6d:b4:40:f7:06:dc:13:d9:21:4d:c6:99:18:
         c4:38:06:38:8c:41:ac:ab:94:eb:c4:ae:d8:a6:26:a7:26:d1:
         84:38:58:77:f3:ba:3f:28:2e:48:ae:e6:91:1d:df:96:78:88:
         c4:51:91:71:a8:94:ae:ef:95:34:24:0e:41:0f:e8:27:70:79:
         3e:6b:fd:28:9d:69:ae:cc:e9:55:cb:36:df:d6:f9:a8:63:f1:
         74:55:7d:68:80:4c:ac:a3:87:11:04:57:f6:55:95:2f:6a:6a:
         1c:f1:2d:d5:42:f0:ec:ba:c3:0c:43:c2:35:19:02:2f:e1:b9:
         53:6f:31:41:52:41:1d:68:d9:ec:c1:e4:0d:13:d3:25:e4:74:
         02:e0:a0:15:98:2a:3b:6e:ac:0d:8f:b6:fa:96:b6:fa:20:f4:
         35:a4:a0:8f:7e:f0:e9:61:9d:87:88:5e:9c:eb:3b:48:0c:71:
         74:5d:13:29:8d:b4:e4:53:0f:c8:c6:5b:b8:c6:9f:2f:17:db:
         35:90:07:6f:54:df:4d:22:c0:dd:49:da:bd:0b:9f:4d:33:29:
         9c:a0:e3:9e:42:7e:f5:f5:e7:1d:02:1f:09:a2:8a:14:c7:5d:
         d6:2b:f7:b6:31:47:6e:27:dd:db:b4:d7:f7:71:40:29:3a:51:
         fe:b5:76:1f
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUc/9ErwA/DtaQJvKGJjqd/PTII7MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTE1MDQzMDE2WhcNMjUxMjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A1Yzg1YzU3NzQ3MmQxZjYzNjhmZWJkNDMyYjhkNDcxNjAx
Nzg1NDAwNGJhZmZmOTIyOGU5MjFiN2FjMTZiZDY4MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC620sSMcMNL6FfyvgoTs6PlZU6f+gUDh3h0Fzs2kfvJmo0
tRj8GfnqBpHLypyWAFmr8m19lMWSrc0uy/yLXsRdPOaEb9icMiqD15BKHVXvmz1I
qxr8xo2ubr2Du7QxUMCZTYiKg1ozrOjt2wLFrEq2huMd8bfZiJdkQ157AsVkrUDn
xzwWm1YBDCiwQxpdoAKMXJlzUFDbpk1Qwa3yMzqVb65OUzjDuWSciFgOA5mPdsVt
pN5EES03qneWprL55EfyRbr5gsgQEUcm2LPNcAKgwbmuOFlR+1vi7RKjT1ng5tYg
Z1gVWhnp2ZhILzG5ZYGkcs18pfbxdpZOYM7WBPhDAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUq0kz1wkguXRwxN14wG3+C/cuy2UwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzc3M2M1NjRmLWQxYTMtNDNmZC1hMTNjLWFkNTM0ZWY0OTcxNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCIEDANBgkqhkiG9w0BAQsFAAOCAQEAeEZMyfxttED3BtwT2SFNxpkYxDgG
OIxBrKuU68Su2KYmpybRhDhYd/O6PyguSK7mkR3flniIxFGRcaiUru+VNCQOQQ/o
J3B5Pmv9KJ1prszpVcs239b5qGPxdFV9aIBMrKOHEQRX9lWVL2pqHPEt1ULw7LrD
DEPCNRkCL+G5U28xQVJBHWjZ7MHkDRPTJeR0AuCgFZgqO26sDY+2+pa2+iD0NaSg
j37w6WGdh4henOs7SAxxdF0TKY205FMPyMZbuMafLxfbNZAHb1TfTSLA3UnavQuf
TTMpnKDjnkJ+9fXnHQIfCaKKFMdd1iv3tjFHbifd27TX93FAKTpR/rV2Hw==
-----END CERTIFICATE-----