This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7a4cd46e-b055-47b6-a4f5-54b4d9014b9e.roa
File:                     7a4cd46e-b055-47b6-a4f5-54b4d9014b9e.roa (raw, json)
Hash identifier:          4PtxDTQOsdZ+X+vcy10cwcZZAkFzA5rR12Wjg805APk=
Subject key identifier:   FC:A7:54:BA:9D:97:12:85:88:10:57:B0:76:18:C4:B7:10:0F:8B:A3
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       790D503A0B66C19AF3E132B86E136DE8B5364BBE
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7a4cd46e-b055-47b6-a4f5-54b4d9014b9e.roa
Signing time:             Sat 29 Nov 2025 01:32:01 +0000
ROA not before:           Sat 29 Nov 2025 01:32:01 +0000
ROA not after:            Fri 27 Feb 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        3.236.60.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 04 Dec 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:0d:50:3a:0b:66:c1:9a:f3:e1:32:b8:6e:13:6d:e8:b5:36:4b:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov 29 01:32:01 2025 GMT
            Not After : Feb 27 23:59:59 2026 GMT
        Subject: serialNumber=f1c83abc8b75c9f20f81fcf24da724d6297a563d9273df742a86ca8d74818d28, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:39:02:8c:8a:5b:21:4c:26:7a:b7:b9:5e:0f:
                    58:de:f6:77:ec:20:0e:be:12:86:ad:5c:b0:26:2d:
                    20:48:6f:2c:e2:38:d4:6a:8f:f7:85:93:71:73:c5:
                    85:c4:ab:37:c9:28:c0:6b:06:ea:6c:a8:00:e9:d2:
                    96:6c:ef:cf:83:35:2e:33:55:13:5c:c1:6c:d8:43:
                    78:53:4c:d1:e8:41:09:fd:d3:28:7a:4b:af:31:4e:
                    01:ed:59:62:84:90:1e:2f:b2:c9:7d:ab:86:55:07:
                    12:ae:e5:6e:02:5b:2e:67:74:6c:42:00:6d:04:4d:
                    62:ab:29:f8:0e:5a:2b:01:89:26:72:88:fc:fa:67:
                    40:06:78:f1:15:79:f1:eb:c7:35:4e:a8:10:12:fd:
                    80:81:6b:b2:8e:7b:a9:b1:be:d5:2d:7f:64:a8:9b:
                    fa:a7:1a:77:d5:9b:fc:64:4a:1f:f5:85:26:3a:72:
                    a5:ad:ad:a9:70:03:32:ea:e5:96:2f:2d:4f:08:43:
                    15:a4:d0:c4:8a:4c:fe:1b:d0:5a:30:65:0a:f4:ef:
                    b4:5a:6b:94:b6:42:51:49:7e:45:4e:5f:3d:48:ad:
                    fe:a9:23:87:ca:1a:8b:27:cb:89:42:cd:db:dd:f6:
                    55:b1:4f:72:37:fe:af:4e:9b:99:61:3c:56:e1:3f:
                    6e:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:A7:54:BA:9D:97:12:85:88:10:57:B0:76:18:C4:B7:10:0F:8B:A3
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7a4cd46e-b055-47b6-a4f5-54b4d9014b9e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.236.60.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5a:c1:42:17:47:57:85:c1:bd:a5:61:60:cc:9e:76:25:7a:b1:
         91:8c:18:21:df:cd:a6:95:9d:82:49:39:54:19:d1:78:50:61:
         64:d5:12:69:69:99:88:3d:09:81:7f:a2:5d:72:e1:9b:21:59:
         d3:4c:c3:22:ed:a4:7e:5d:29:5c:d8:a0:e0:f7:0b:35:4b:61:
         67:b3:2d:88:6a:c6:1b:e9:a0:5e:3e:be:d1:de:d6:7e:bc:a3:
         71:61:b9:12:6c:34:04:68:b6:d5:81:e4:2f:0f:4c:e0:0d:1c:
         f9:bd:65:b5:79:b3:58:71:2e:bb:e4:9f:83:1b:f7:7d:ee:8a:
         a9:e5:98:1e:49:c0:c4:bc:e3:25:e3:70:de:24:e0:9c:70:ae:
         2d:d2:36:88:10:d0:af:2b:7f:b3:b7:e1:26:ce:df:bd:45:c5:
         c9:ff:77:65:d7:a2:53:5c:dc:55:ea:61:78:21:e6:8d:a8:e1:
         08:2c:f7:a2:18:3f:2e:4d:3a:19:7c:a2:ed:fe:42:ad:17:0b:
         7c:da:a9:55:38:4d:51:ce:0d:ca:f0:6c:df:fe:ae:ab:b8:66:
         48:8f:73:1f:6d:2c:9c:32:79:da:56:c8:03:60:27:b8:d6:5d:
         9b:1d:08:49:d9:65:69:13:30:1e:63:c6:76:0f:8c:c5:02:a0:
         ff:65:0b:63
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUeQ1QOgtmwZrz4TK4bhNt6LU2S74wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTI5MDEzMjAxWhcNMjYwMjI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BmMWM4M2FiYzhiNzVjOWYyMGY4MWZjZjI0ZGE3MjRkNjI5
N2E1NjNkOTI3M2RmNzQyYTg2Y2E4ZDc0ODE4ZDI4MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCVOQKMilshTCZ6t7leD1je9nfsIA6+EoatXLAmLSBIbyzi
ONRqj/eFk3FzxYXEqzfJKMBrBupsqADp0pZs78+DNS4zVRNcwWzYQ3hTTNHoQQn9
0yh6S68xTgHtWWKEkB4vssl9q4ZVBxKu5W4CWy5ndGxCAG0ETWKrKfgOWisBiSZy
iPz6Z0AGePEVefHrxzVOqBAS/YCBa7KOe6mxvtUtf2Som/qnGnfVm/xkSh/1hSY6
cqWtralwAzLq5ZYvLU8IQxWk0MSKTP4b0FowZQr077Raa5S2QlFJfkVOXz1Irf6p
I4fKGosny4lCzdvd9lWxT3I3/q9Om5lhPFbhP27PAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU/KdUup2XEoWIEFewdhjEtxAPi6MwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzdhNGNkNDZlLWIwNTUtNDdiNi1hNGY1LTU0YjRkOTAxNGI5ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAID7DwwDQYJKoZIhvcNAQELBQADggEBAFrBQhdHV4XBvaVhYMyediV6sZGM
GCHfzaaVnYJJOVQZ0XhQYWTVEmlpmYg9CYF/ol1y4ZshWdNMwyLtpH5dKVzYoOD3
CzVLYWezLYhqxhvpoF4+vtHe1n68o3FhuRJsNARottWB5C8PTOANHPm9ZbV5s1hx
Lrvkn4Mb933uiqnlmB5JwMS84yXjcN4k4Jxwri3SNogQ0K8rf7O34SbO371Fxcn/
d2XXolNc3FXqYXgh5o2o4Qgs96IYPy5NOhl8ou3+Qq0XC3zaqVU4TVHODcrwbN/+
rqu4ZkiPcx9tLJwyedpWyANgJ7jWXZsdCEnZZWkTMB5jxnYPjMUCoP9lC2M=
-----END CERTIFICATE-----