This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7f26fc43-ea5d-480d-a4fb-87129642c3d1.roa
File:                     7f26fc43-ea5d-480d-a4fb-87129642c3d1.roa (raw, json)
Hash identifier:          QUnUitEohdrIqnObwXq2GcHshGrb8tWrQ2xfqRVcGd8=
Subject key identifier:   65:FE:31:D0:2A:0F:FB:D8:24:5B:E8:2E:54:93:1F:4C:EE:1D:52:63
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       6027F858F82EDC201840CE165D97A75888F7EE8E
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7f26fc43-ea5d-480d-a4fb-87129642c3d1.roa
Signing time:             Mon 10 Nov 2025 01:50:59 +0000
ROA not before:           Mon 10 Nov 2025 01:50:59 +0000
ROA not after:            Mon 15 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.182.26.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 04 Dec 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:27:f8:58:f8:2e:dc:20:18:40:ce:16:5d:97:a7:58:88:f7:ee:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov 10 01:50:59 2025 GMT
            Not After : Dec 15 23:59:59 2025 GMT
        Subject: serialNumber=662d26679444b9473db18973947c5cafddf61b205ebd47618430287b0d0a9f79, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:42:4b:f7:6e:6d:19:80:ba:30:36:b7:88:56:
                    10:76:35:cf:ff:ff:35:91:3d:47:54:b2:42:78:c7:
                    6a:65:8e:75:01:21:f4:68:00:b6:a1:f9:2b:17:09:
                    11:60:d8:37:58:bd:b3:7e:14:9a:82:67:87:4e:4d:
                    b6:89:1f:4b:6f:4b:d1:07:a6:d5:e5:40:4d:d1:09:
                    2f:a5:38:4c:ce:6f:fa:77:8d:49:0c:73:4d:04:8c:
                    3a:4f:84:cd:4e:0e:85:35:e1:75:af:4f:bb:22:a4:
                    a1:7e:79:de:9e:bb:b1:c8:54:0e:e3:8c:5b:dc:d6:
                    97:a5:9b:83:cc:93:79:c0:d7:c0:93:c8:a9:4e:52:
                    ac:5b:a8:17:e7:15:fb:de:9b:e9:83:a6:0a:4a:a5:
                    eb:b9:ba:77:29:16:51:f9:ed:2e:1a:bf:67:60:9c:
                    39:ba:fe:16:3e:7b:5b:bd:e9:b5:16:4f:c1:9a:1c:
                    90:da:c3:60:e8:77:87:0d:d1:b7:a0:a9:dc:ca:ad:
                    09:ce:cf:be:36:0c:7a:67:44:94:41:97:29:6f:5b:
                    61:00:73:6b:a9:48:7d:57:2c:87:8c:ff:4e:ab:75:
                    39:57:2c:80:83:76:f1:43:86:74:f6:f0:74:42:dd:
                    44:c8:e5:f6:7c:c7:c4:df:0f:26:da:9b:86:cc:e6:
                    1f:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:FE:31:D0:2A:0F:FB:D8:24:5B:E8:2E:54:93:1F:4C:EE:1D:52:63
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7f26fc43-ea5d-480d-a4fb-87129642c3d1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.182.26.0/23

    Signature Algorithm: sha256WithRSAEncryption
         b4:1b:49:4a:2d:57:cc:1e:cf:f0:39:b0:44:6e:42:b8:7d:e5:
         8c:fd:4d:fc:1d:ae:d8:83:fa:44:8b:c4:ec:38:68:63:62:b9:
         b0:4d:9d:c7:d0:4b:29:74:db:52:9d:7e:d3:ab:b6:63:3f:07:
         d1:6a:2d:91:63:94:77:17:b8:4b:59:9d:25:3a:cd:dd:58:6e:
         72:d8:42:19:1e:71:11:76:58:e0:d8:11:d2:14:2a:fa:29:72:
         bd:ce:a7:b4:b1:72:63:02:16:ef:42:dd:8d:a2:9d:31:fe:02:
         13:b9:d2:1d:95:27:58:d5:36:73:a7:50:3b:52:09:06:21:fd:
         89:13:92:4a:81:79:f9:ad:24:aa:c9:64:e8:75:fe:5e:33:e5:
         af:b4:5c:56:ae:1b:a0:93:83:89:4e:37:5e:c8:24:74:1f:38:
         3b:68:f6:c3:89:a1:3a:f4:3d:a6:61:96:94:46:ab:37:bc:d0:
         23:1d:84:88:df:28:41:bd:17:93:99:9b:56:26:d0:bf:bb:93:
         1f:63:eb:63:aa:d5:67:95:a6:99:6e:2e:50:fa:75:31:58:40:
         cc:6a:fa:ef:65:38:3e:ef:e4:25:e8:6e:39:13:d7:b7:87:d5:
         e1:c2:0e:c8:b3:98:49:a0:28:d9:60:9e:89:bc:58:c2:a4:ab:
         a9:f8:de:b6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYCf4WPgu3CAYQM4WXZenWIj37o4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTEwMDE1MDU5WhcNMjUxMjE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A2NjJkMjY2Nzk0NDRiOTQ3M2RiMTg5NzM5NDdjNWNhZmRk
ZjYxYjIwNWViZDQ3NjE4NDMwMjg3YjBkMGE5Zjc5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+Qkv3bm0ZgLowNreIVhB2Nc///zWRPUdUskJ4x2pljnUB
IfRoALah+SsXCRFg2DdYvbN+FJqCZ4dOTbaJH0tvS9EHptXlQE3RCS+lOEzOb/p3
jUkMc00EjDpPhM1ODoU14XWvT7sipKF+ed6eu7HIVA7jjFvc1pelm4PMk3nA18CT
yKlOUqxbqBfnFfvem+mDpgpKpeu5uncpFlH57S4av2dgnDm6/hY+e1u96bUWT8Ga
HJDaw2Dod4cN0begqdzKrQnOz742DHpnRJRBlylvW2EAc2upSH1XLIeM/06rdTlX
LICDdvFDhnT28HRC3UTI5fZ8x8TfDybam4bM5h+TAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUZf4x0CoP+9gkW+guVJMfTO4dUmMwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzdmMjZmYzQzLWVhNWQtNDgwZC1hNGZiLTg3MTI5NjQyYzNkMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAE2thowDQYJKoZIhvcNAQELBQADggEBALQbSUotV8wez/A5sERuQrh95Yz9
TfwdrtiD+kSLxOw4aGNiubBNncfQSyl021KdftOrtmM/B9FqLZFjlHcXuEtZnSU6
zd1YbnLYQhkecRF2WODYEdIUKvopcr3Op7SxcmMCFu9C3Y2inTH+AhO50h2VJ1jV
NnOnUDtSCQYh/YkTkkqBefmtJKrJZOh1/l4z5a+0XFauG6CTg4lON17IJHQfODto
9sOJoTr0PaZhlpRGqze80CMdhIjfKEG9F5OZm1Ym0L+7kx9j62Oq1WeVppluLlD6
dTFYQMxq+u9lOD7v5CXobjkT17eH1eHCDsizmEmgKNlgnom8WMKkq6n43rY=
-----END CERTIFICATE-----