This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8a0e06e8-a179-4fac-b725-de7baf6ab80c.roa
File:                     8a0e06e8-a179-4fac-b725-de7baf6ab80c.roa (raw, json)
Hash identifier:          KQJZXuszPxcMFd9j91cBgKCRx59DDgguXPGxPKwO4MM=
Subject key identifier:   62:98:1B:7E:A6:69:E1:59:F0:C9:5A:72:06:A4:9A:EC:34:B0:B1:BA
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       46BF54EBB6682C980E963D604DB0ECE6A8EA5053
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8a0e06e8-a179-4fac-b725-de7baf6ab80c.roa
Signing time:             Sat 15 Nov 2025 01:11:32 +0000
ROA not before:           Sat 15 Nov 2025 01:11:32 +0000
ROA not after:            Sat 20 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.86.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 04 Dec 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:bf:54:eb:b6:68:2c:98:0e:96:3d:60:4d:b0:ec:e6:a8:ea:50:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov 15 01:11:32 2025 GMT
            Not After : Dec 20 23:59:59 2025 GMT
        Subject: serialNumber=ec3f0f3bfe168c801a1caf4bd85b2032df91e1197ac0ccae85bea6f6c152c599, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:6a:d9:70:63:9a:fc:d9:43:34:33:aa:b8:49:
                    d1:ba:df:e3:fd:d2:ff:2f:d0:99:6e:0a:27:67:66:
                    9a:03:cc:7c:e6:29:37:92:3b:ab:fd:ff:63:a7:be:
                    c2:b5:01:61:fc:4e:01:dd:dd:dd:1c:f2:29:9b:d9:
                    79:b4:6a:5e:eb:34:56:01:af:20:f6:82:6c:b0:5f:
                    79:01:f1:0a:b2:9b:59:b4:38:9f:96:29:cf:de:c7:
                    3b:52:1f:d3:81:44:05:d9:1c:6a:95:b5:54:c7:5b:
                    4f:09:90:da:0a:37:ad:28:5f:5b:8c:08:09:23:24:
                    01:82:00:9a:d2:a0:c9:42:47:6e:04:e5:cb:c7:14:
                    d3:84:80:d6:42:66:89:50:f9:35:94:0c:16:7e:b6:
                    6c:1e:ff:1e:bf:e3:3a:11:6f:40:e0:f1:18:63:dd:
                    6f:9f:6d:bf:8a:de:3d:f2:4c:63:63:2d:40:35:fc:
                    bf:3d:30:b9:a6:4e:4a:5a:38:75:ad:a2:e3:d1:05:
                    8a:45:5e:15:5e:12:1b:7e:10:85:f7:54:e8:4c:b3:
                    63:e6:b4:6e:74:24:31:55:a4:36:0b:a3:80:98:d7:
                    be:84:c9:2d:e4:11:e6:e1:50:e1:47:97:22:f7:84:
                    e5:fc:c4:20:d0:9e:27:ee:d7:ee:e6:aa:6b:f6:02:
                    15:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:98:1B:7E:A6:69:E1:59:F0:C9:5A:72:06:A4:9A:EC:34:B0:B1:BA
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8a0e06e8-a179-4fac-b725-de7baf6ab80c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.86.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         5a:ca:a3:40:63:54:44:7a:af:75:84:0d:ad:4d:ec:57:23:61:
         cb:b4:a9:a8:d0:27:8d:0b:5c:7d:e0:45:c4:21:cd:01:25:88:
         18:4f:de:fe:14:80:e8:b3:02:cb:83:42:92:52:70:9b:b0:93:
         08:21:e6:11:54:c8:78:39:33:d9:8a:f2:f5:33:f5:d8:3e:48:
         6c:2f:91:3c:4d:e7:84:4d:8c:53:4d:df:1f:c7:3d:68:c9:47:
         61:0a:56:65:e8:2b:36:bc:23:76:cf:00:cd:42:7b:ba:d9:ea:
         fe:91:98:f1:5f:d9:1f:ee:c6:a4:92:6f:75:8f:83:cc:13:ca:
         45:7a:68:6a:d7:38:41:4a:f7:92:f8:79:a4:68:9c:a9:04:4b:
         f8:fd:88:62:44:55:c0:7d:46:5d:68:9d:db:1a:b2:a3:fd:d5:
         da:fd:47:15:12:be:a4:dc:63:b8:2c:30:f7:af:d5:64:3f:26:
         46:0a:23:b3:7b:6b:b9:50:51:94:68:6f:85:2b:e7:bd:3d:ee:
         82:cf:3e:db:4e:29:96:6a:76:2d:0d:76:64:ef:27:47:f0:4d:
         fa:fa:e4:47:ff:5e:d2:77:25:36:3d:95:08:9f:bd:4d:b7:da:
         91:b9:92:6f:8b:aa:8d:0a:e5:90:81:13:16:95:16:13:f3:ba:
         b8:c2:96:f3
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIURr9U67ZoLJgOlj1gTbDs5qjqUFMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTE1MDExMTMyWhcNMjUxMjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0BlYzNmMGYzYmZlMTY4YzgwMWExY2FmNGJkODViMjAzMmRm
OTFlMTE5N2FjMGNjYWU4NWJlYTZmNmMxNTJjNTk5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0atlwY5r82UM0M6q4SdG63+P90v8v0JluCidnZpoDzHzm
KTeSO6v9/2OnvsK1AWH8TgHd3d0c8imb2Xm0al7rNFYBryD2gmywX3kB8Qqym1m0
OJ+WKc/exztSH9OBRAXZHGqVtVTHW08JkNoKN60oX1uMCAkjJAGCAJrSoMlCR24E
5cvHFNOEgNZCZolQ+TWUDBZ+tmwe/x6/4zoRb0Dg8Rhj3W+fbb+K3j3yTGNjLUA1
/L89MLmmTkpaOHWtouPRBYpFXhVeEht+EIX3VOhMs2PmtG50JDFVpDYLo4CY176E
yS3kEebhUOFHlyL3hOX8xCDQnifu1+7mqmv2AhURAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUYpgbfqZp4VnwyVpyBqSa7DSwsbowHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzhhMGUwNmU4LWExNzktNGZhYy1iNzI1LWRlN2JhZjZhYjgwYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA2VjANBgkqhkiG9w0BAQsFAAOCAQEAWsqjQGNURHqvdYQNrU3sVyNhy7Sp
qNAnjQtcfeBFxCHNASWIGE/e/hSA6LMCy4NCklJwm7CTCCHmEVTIeDkz2Yry9TP1
2D5IbC+RPE3nhE2MU03fH8c9aMlHYQpWZegrNrwjds8AzUJ7utnq/pGY8V/ZH+7G
pJJvdY+DzBPKRXpoatc4QUr3kvh5pGicqQRL+P2IYkRVwH1GXWid2xqyo/3V2v1H
FRK+pNxjuCww96/VZD8mRgojs3truVBRlGhvhSvnvT3ugs8+204plmp2LQ12ZO8n
R/BN+vrkR/9e0nclNj2VCJ+9TbfakbmSb4uqjQrlkIETFpUWE/O6uMKW8w==
-----END CERTIFICATE-----