This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8a0e06e8-a179-4fac-b725-de7baf6ab80c.roa
File:                     8a0e06e8-a179-4fac-b725-de7baf6ab80c.roa (raw, json)
Hash identifier:          FXukALiO7jaluMDPJPRc5iJ6F7w5vdJ1LZjbmsSu7AM=
Subject key identifier:   8B:9A:66:63:00:45:1D:78:37:C3:F9:5C:17:C2:0F:24:9D:C4:38:2D
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       112F9E0495C9FF904B8B154966F3DD179B25FC79
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8a0e06e8-a179-4fac-b725-de7baf6ab80c.roa
Signing time:             Wed 10 Dec 2025 01:10:10 +0000
ROA not before:           Wed 10 Dec 2025 01:10:10 +0000
ROA not after:            Tue 10 Mar 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.86.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 16 Dec 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:2f:9e:04:95:c9:ff:90:4b:8b:15:49:66:f3:dd:17:9b:25:fc:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Dec 10 01:10:10 2025 GMT
            Not After : Mar 10 23:59:59 2026 GMT
        Subject: serialNumber=3be311aa7b1e78ba45cec06fbb8f1bdbd04185d3e4224aec05662872f31883be, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:ad:67:03:e3:2d:91:ba:ad:ba:32:9e:15:29:
                    24:4c:7c:e2:f8:b0:06:cd:bf:92:fc:bc:8c:c1:da:
                    94:03:0a:08:2c:f0:2a:91:84:dd:c6:c5:b0:95:57:
                    82:13:5a:00:57:cb:ba:dd:b8:f9:da:f2:d7:6d:18:
                    5c:ee:b2:c0:82:2e:60:b4:7b:91:ba:1e:bf:e2:97:
                    82:d5:df:2c:79:c9:63:06:54:59:ff:d6:66:ef:50:
                    93:95:ed:10:17:87:ec:a3:cd:5b:58:6f:18:5a:c6:
                    7f:a0:83:2d:f5:8a:46:53:c2:51:2f:39:24:a2:68:
                    7a:6f:f2:d1:a0:f0:98:57:a6:1f:46:ea:f2:8b:99:
                    40:b2:00:10:17:76:e8:b5:71:59:13:83:d4:2a:6f:
                    04:ba:aa:fc:ef:53:34:fb:e0:67:84:69:9e:6d:34:
                    66:ca:04:7a:fa:c1:65:a9:a1:f0:d7:ef:d0:4e:52:
                    b4:4a:13:f8:99:42:f3:2f:5d:59:04:57:ff:d9:13:
                    84:5d:8a:6c:90:a6:78:30:fa:0c:1c:21:96:0b:0d:
                    28:fe:ad:f0:6f:69:10:cf:26:b1:0e:36:06:59:7e:
                    e5:7f:e4:55:20:0e:9a:b1:d1:af:66:cd:e5:4c:07:
                    7e:5c:70:78:7f:d4:c9:cc:57:b8:cf:72:a9:33:07:
                    77:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:9A:66:63:00:45:1D:78:37:C3:F9:5C:17:C2:0F:24:9D:C4:38:2D
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8a0e06e8-a179-4fac-b725-de7baf6ab80c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.86.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         86:0f:26:f5:3c:6d:99:1b:53:b3:ab:48:90:36:64:e1:8a:62:
         91:22:81:3e:04:ba:51:49:0a:66:d0:03:b2:9e:dc:86:75:10:
         07:af:a8:8a:fc:51:97:f6:98:64:ce:65:02:96:dd:c0:6a:85:
         2f:7b:5c:12:1d:19:b1:95:42:34:1e:54:ca:a6:e6:34:03:c4:
         21:17:7c:74:dd:24:9b:ff:48:cb:4c:7e:83:26:34:75:91:5d:
         ad:e1:b7:c1:ec:a5:7b:8e:92:e5:ec:c2:91:94:26:72:81:2e:
         7f:59:9f:f7:e5:f8:bc:fa:35:5b:7f:8a:e2:41:ea:59:19:f3:
         7d:7b:29:6f:9b:44:da:00:bc:47:62:77:f7:f4:80:b7:fc:10:
         ee:6d:36:07:a6:b3:5d:15:f4:16:57:5b:fb:3a:41:20:2a:f4:
         66:18:d2:44:af:74:ab:58:8d:1c:f3:be:cd:2a:74:ff:d3:fe:
         8d:ee:11:2b:58:6d:bd:88:d1:02:de:dc:79:11:f9:e9:1a:5d:
         4d:e0:7d:79:ca:80:4f:8d:89:1d:b0:0d:59:35:e4:12:28:81:
         7d:31:0d:b4:c2:f4:ff:72:c0:e3:0f:5a:c9:86:56:19:c4:e5:
         f6:4c:7a:6f:d3:87:0d:f6:4c:1a:9d:5e:68:ba:a4:0c:c5:0e:
         48:f0:b3:07
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUES+eBJXJ/5BLixVJZvPdF5sl/HkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMjEwMDExMDEwWhcNMjYwMzEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AzYmUzMTFhYTdiMWU3OGJhNDVjZWMwNmZiYjhmMWJkYmQw
NDE4NWQzZTQyMjRhZWMwNTY2Mjg3MmYzMTg4M2JlMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDkrWcD4y2Ruq26Mp4VKSRMfOL4sAbNv5L8vIzB2pQDCggs
8CqRhN3GxbCVV4ITWgBXy7rduPna8tdtGFzussCCLmC0e5G6Hr/il4LV3yx5yWMG
VFn/1mbvUJOV7RAXh+yjzVtYbxhaxn+ggy31ikZTwlEvOSSiaHpv8tGg8JhXph9G
6vKLmUCyABAXdui1cVkTg9QqbwS6qvzvUzT74GeEaZ5tNGbKBHr6wWWpofDX79BO
UrRKE/iZQvMvXVkEV//ZE4RdimyQpngw+gwcIZYLDSj+rfBvaRDPJrEONgZZfuV/
5FUgDpqx0a9mzeVMB35ccHh/1MnMV7jPcqkzB3eBAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUi5pmYwBFHXg3w/lcF8IPJJ3EOC0wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzhhMGUwNmU4LWExNzktNGZhYy1iNzI1LWRlN2JhZjZhYjgwYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA2VjANBgkqhkiG9w0BAQsFAAOCAQEAhg8m9TxtmRtTs6tIkDZk4YpikSKB
PgS6UUkKZtADsp7chnUQB6+oivxRl/aYZM5lApbdwGqFL3tcEh0ZsZVCNB5Uyqbm
NAPEIRd8dN0km/9Iy0x+gyY0dZFdreG3weyle46S5ezCkZQmcoEuf1mf9+X4vPo1
W3+K4kHqWRnzfXspb5tE2gC8R2J39/SAt/wQ7m02B6azXRX0Fldb+zpBICr0ZhjS
RK90q1iNHPO+zSp0/9P+je4RK1htvYjRAt7ceRH56RpdTeB9ecqAT42JHbANWTXk
EiiBfTENtML0/3LA4w9ayYZWGcTl9kx6b9OHDfZMGp1eaLqkDMUOSPCzBw==
-----END CERTIFICATE-----