This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8beaf9a0-1786-4e02-a829-a84311e20245.roa
File:                     8beaf9a0-1786-4e02-a829-a84311e20245.roa (raw, json)
Hash identifier:          nK7JUz+YbQ6ikxuOYRuYc8F/a5C/tDLcA0pDPZ0TRxg=
Subject key identifier:   34:47:63:64:37:7C:59:38:DE:86:AF:D3:2F:15:14:F9:18:FA:1E:7D
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       18C24926C9EB1C5786B47A4D485BB03DE42527AF
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8beaf9a0-1786-4e02-a829-a84311e20245.roa
Signing time:             Sat 29 Nov 2025 01:40:41 +0000
ROA not before:           Sat 29 Nov 2025 01:40:41 +0000
ROA not after:            Fri 27 Feb 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.217.208.0/20 maxlen: 20
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 04 Dec 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:c2:49:26:c9:eb:1c:57:86:b4:7a:4d:48:5b:b0:3d:e4:25:27:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov 29 01:40:41 2025 GMT
            Not After : Feb 27 23:59:59 2026 GMT
        Subject: serialNumber=af3945b833edc70c7c4f19f41379313b622b46c2677b8bb1a76644e037c0dc32, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:6b:65:cf:55:78:dd:31:97:cd:d8:4a:52:83:
                    82:6d:f8:cf:79:a1:6c:55:2b:a7:f3:6a:54:cc:fe:
                    cb:7f:46:a9:a8:e9:ba:7a:05:00:2b:b6:dd:cc:e8:
                    14:a6:d0:47:7c:67:74:4e:c3:70:8f:ca:f4:84:69:
                    65:21:70:ec:d9:b8:f8:08:98:3c:e8:ac:38:d3:da:
                    03:c5:5c:2e:1e:7a:ef:68:9f:22:1f:c3:80:ab:46:
                    52:e9:0b:6a:89:0e:30:96:9e:c4:0f:f7:5c:08:6d:
                    b2:15:5e:45:55:df:61:56:b6:ab:e0:52:68:11:8c:
                    72:f8:aa:0f:1d:36:f1:ad:36:57:78:34:e6:9d:4d:
                    ec:74:7e:e5:e0:c3:d1:75:b4:cf:9b:3a:49:b9:e6:
                    4d:3a:8d:a1:f1:97:59:1c:95:ff:b9:b0:57:09:92:
                    b6:c7:b9:51:9b:e5:6f:b2:97:e5:76:67:5c:45:d1:
                    20:98:27:62:4b:48:a8:37:3e:f6:c9:24:24:a5:0e:
                    4f:00:94:0e:a5:22:fe:3b:11:70:5d:cb:b5:35:70:
                    df:29:3b:8a:a3:3b:06:35:68:aa:1d:05:9f:20:99:
                    f2:5d:b1:54:83:3d:e1:8d:e7:da:80:e6:63:59:11:
                    6a:5f:d4:52:a8:7e:2a:c5:08:42:31:38:1f:06:67:
                    ac:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:47:63:64:37:7C:59:38:DE:86:AF:D3:2F:15:14:F9:18:FA:1E:7D
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8beaf9a0-1786-4e02-a829-a84311e20245.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.217.208.0/20

    Signature Algorithm: sha256WithRSAEncryption
         1f:d8:1a:5f:87:50:ab:70:a5:31:25:41:98:d4:55:41:20:01:
         95:0a:1e:6c:8f:7b:6f:98:d1:83:77:5f:57:37:06:b8:08:ca:
         5e:96:8e:2a:0f:c0:c8:42:f9:cd:c9:6f:c4:42:be:53:45:87:
         14:41:11:37:a5:77:ee:17:0d:d6:ad:c6:52:07:c5:18:9f:bd:
         d8:68:06:9a:4c:dc:a0:26:62:bb:f3:2f:0c:50:bd:b0:8a:60:
         fb:02:03:11:99:aa:f2:12:13:93:0a:d0:60:8a:4d:04:0a:ee:
         c0:5e:8d:4d:cf:21:43:1d:70:2a:a7:a3:57:6a:60:c4:51:c8:
         2b:e0:01:26:e7:77:fc:24:98:ed:05:21:e6:ff:e1:70:7e:6b:
         90:a1:81:72:86:92:be:bf:e7:75:e7:f0:bc:e5:5c:89:12:6b:
         c5:37:17:f8:c8:de:7f:4f:59:2a:fb:e1:95:2c:d8:60:9e:70:
         08:91:7c:cb:a1:d7:ce:cf:d3:c3:16:3a:9a:90:80:34:26:c1:
         f4:e0:4f:47:3a:e4:05:c9:82:d3:60:c0:88:56:ff:a7:5b:7e:
         a8:d9:ef:c4:00:85:99:b6:8a:0c:71:ba:5a:c7:40:ab:47:89:
         4b:2e:59:db:5d:83:42:74:bc:15:e7:39:1e:90:08:7f:96:0e:
         c6:46:bf:de
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUGMJJJsnrHFeGtHpNSFuwPeQlJ68wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTI5MDE0MDQxWhcNMjYwMjI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BhZjM5NDViODMzZWRjNzBjN2M0ZjE5ZjQxMzc5MzEzYjYy
MmI0NmMyNjc3YjhiYjFhNzY2NDRlMDM3YzBkYzMyMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/a2XPVXjdMZfN2EpSg4Jt+M95oWxVK6fzalTM/st/Rqmo
6bp6BQArtt3M6BSm0Ed8Z3ROw3CPyvSEaWUhcOzZuPgImDzorDjT2gPFXC4eeu9o
nyIfw4CrRlLpC2qJDjCWnsQP91wIbbIVXkVV32FWtqvgUmgRjHL4qg8dNvGtNld4
NOadTex0fuXgw9F1tM+bOkm55k06jaHxl1kclf+5sFcJkrbHuVGb5W+yl+V2Z1xF
0SCYJ2JLSKg3PvbJJCSlDk8AlA6lIv47EXBdy7U1cN8pO4qjOwY1aKodBZ8gmfJd
sVSDPeGN59qA5mNZEWpf1FKofirFCEIxOB8GZ6whAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUNEdjZDd8WTjehq/TLxUU+Rj6Hn0wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzhiZWFmOWEwLTE3ODYtNGUwMi1hODI5LWE4NDMxMWUyMDI0NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQ22dAwDQYJKoZIhvcNAQELBQADggEBAB/YGl+HUKtwpTElQZjUVUEgAZUK
HmyPe2+Y0YN3X1c3BrgIyl6WjioPwMhC+c3Jb8RCvlNFhxRBETeld+4XDdatxlIH
xRifvdhoBppM3KAmYrvzLwxQvbCKYPsCAxGZqvISE5MK0GCKTQQK7sBejU3PIUMd
cCqno1dqYMRRyCvgASbnd/wkmO0FIeb/4XB+a5ChgXKGkr6/53Xn8LzlXIkSa8U3
F/jI3n9PWSr74ZUs2GCecAiRfMuh187P08MWOpqQgDQmwfTgT0c65AXJgtNgwIhW
/6dbfqjZ78QAhZm2igxxulrHQKtHiUsuWdtdg0J0vBXnOR6QCH+WDsZGv94=
-----END CERTIFICATE-----