This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/902c55a0-4edb-4aad-945a-5ecd2f621c5d.roa
File:                     902c55a0-4edb-4aad-945a-5ecd2f621c5d.roa (raw, json)
Hash identifier:          gyVCnu+v5ZXS90v6QRZolUWL4WXnSd3YYNlaH0SXPWE=
Subject key identifier:   31:42:E8:BF:20:11:B1:F1:A9:D3:F8:52:68:BC:4E:A7:2D:E2:DD:B5
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       03DAF1806DDF055EB7D22136FC79EB50E3E49A47
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/902c55a0-4edb-4aad-945a-5ecd2f621c5d.roa
Signing time:             Tue 11 Nov 2025 03:51:39 +0000
ROA not before:           Tue 11 Nov 2025 03:51:39 +0000
ROA not after:            Tue 16 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.240.30.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 04 Dec 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:da:f1:80:6d:df:05:5e:b7:d2:21:36:fc:79:eb:50:e3:e4:9a:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov 11 03:51:39 2025 GMT
            Not After : Dec 16 23:59:59 2025 GMT
        Subject: serialNumber=c111c63325e108ab7a55eb24c600edefcadf1896526fa523cf252b00005f7056, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:69:1b:82:c0:05:eb:cb:e2:7b:25:70:e3:a5:
                    5d:bc:66:8c:1a:03:63:ed:f6:99:9e:7c:7f:57:19:
                    79:28:22:58:2d:b8:3f:15:d4:72:be:04:d0:87:a6:
                    cd:e9:32:99:76:ee:50:e9:08:89:c1:27:d3:1a:55:
                    36:e1:4a:77:c1:05:ea:c9:ee:3b:a9:d9:88:02:b0:
                    80:f1:68:bc:23:7d:26:71:f6:65:99:32:76:99:88:
                    8b:86:c9:f7:62:b6:f7:3c:6b:b3:8c:7f:14:49:1d:
                    a5:89:a8:8d:d6:24:e7:f3:37:7d:ff:72:da:a6:12:
                    a9:0a:c5:f2:a6:84:d7:b9:1f:e8:be:0d:95:32:11:
                    ae:8f:55:35:a3:d0:10:8b:fb:a0:92:b8:ea:be:f7:
                    be:be:a2:8c:0f:81:54:c0:3d:96:54:9c:23:16:98:
                    38:1e:1c:5d:76:82:73:37:4c:2e:9d:c3:35:3a:95:
                    3f:c9:cc:41:b2:f7:3e:61:71:f4:eb:c9:a9:e3:10:
                    ec:02:12:06:59:f0:4a:4a:81:c5:fc:91:b8:81:5a:
                    31:01:6a:93:44:ec:61:7a:8e:d8:d9:e5:04:dc:13:
                    64:fc:3b:df:6f:c2:01:17:9e:68:bc:5c:d4:65:df:
                    32:6f:f8:40:8a:45:c9:40:c6:37:41:66:45:39:5d:
                    71:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:42:E8:BF:20:11:B1:F1:A9:D3:F8:52:68:BC:4E:A7:2D:E2:DD:B5
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/902c55a0-4edb-4aad-945a-5ecd2f621c5d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.240.30.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a8:0d:68:86:e5:60:ef:24:22:34:1c:45:6d:75:b3:8a:6c:46:
         de:cf:df:e8:b8:59:a6:ce:44:f7:dd:e6:2c:2e:5d:96:70:8c:
         75:7b:d8:4e:6c:80:5b:d6:80:cb:ca:00:47:56:d4:da:28:a7:
         8e:f2:c6:c4:f4:4c:dc:33:b3:22:15:3b:22:65:1b:1c:f5:c5:
         d9:ce:78:19:ff:39:81:67:11:2f:9d:ea:7d:77:3b:f4:5c:49:
         30:80:8d:06:1c:6c:aa:b5:2e:97:29:46:6e:f0:8f:c5:d4:65:
         56:a0:ae:46:b9:72:76:d6:16:4b:42:13:d6:29:01:b6:87:b8:
         c5:a3:7b:a8:0c:f1:7d:29:d0:cd:5f:d1:fc:46:54:cf:87:36:
         d5:a4:b1:8f:6d:46:e1:cc:cb:5a:5e:d7:38:ca:e7:4f:6f:e3:
         57:49:16:69:6b:5c:4a:fd:c5:85:38:45:68:9d:de:84:e7:b8:
         2f:0e:3b:eb:25:31:ca:a6:f0:c6:16:86:5e:b7:37:17:09:4d:
         99:74:71:54:eb:5c:60:1a:20:2b:eb:81:2d:f6:81:08:69:f9:
         71:c4:cb:1f:96:2b:1e:a9:19:ec:6e:70:a7:eb:04:fd:f8:88:
         2a:39:d1:7e:f7:b6:a3:d1:64:b7:1e:b7:36:1b:c7:70:89:c1:
         e8:61:6d:02
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUA9rxgG3fBV630iE2/HnrUOPkmkcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTExMDM1MTM5WhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BjMTExYzYzMzI1ZTEwOGFiN2E1NWViMjRjNjAwZWRlZmNh
ZGYxODk2NTI2ZmE1MjNjZjI1MmIwMDAwNWY3MDU2MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/aRuCwAXry+J7JXDjpV28ZowaA2Pt9pmefH9XGXkoIlgt
uD8V1HK+BNCHps3pMpl27lDpCInBJ9MaVTbhSnfBBerJ7jup2YgCsIDxaLwjfSZx
9mWZMnaZiIuGyfditvc8a7OMfxRJHaWJqI3WJOfzN33/ctqmEqkKxfKmhNe5H+i+
DZUyEa6PVTWj0BCL+6CSuOq+976+oowPgVTAPZZUnCMWmDgeHF12gnM3TC6dwzU6
lT/JzEGy9z5hcfTryanjEOwCEgZZ8EpKgcX8kbiBWjEBapNE7GF6jtjZ5QTcE2T8
O99vwgEXnmi8XNRl3zJv+ECKRclAxjdBZkU5XXHZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUMULovyARsfGp0/hSaLxOpy3i3bUwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzkwMmM1NWEwLTRlZGItNGFhZC05NDVhLTVlY2QyZjYyMWM1ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAE28B4wDQYJKoZIhvcNAQELBQADggEBAKgNaIblYO8kIjQcRW11s4psRt7P
3+i4WabORPfd5iwuXZZwjHV72E5sgFvWgMvKAEdW1Noop47yxsT0TNwzsyIVOyJl
Gxz1xdnOeBn/OYFnES+d6n13O/RcSTCAjQYcbKq1LpcpRm7wj8XUZVagrka5cnbW
FktCE9YpAbaHuMWje6gM8X0p0M1f0fxGVM+HNtWksY9tRuHMy1pe1zjK509v41dJ
FmlrXEr9xYU4RWid3oTnuC8OO+slMcqm8MYWhl63NxcJTZl0cVTrXGAaICvrgS32
gQhp+XHEyx+WKx6pGexucKfrBP34iCo50X73tqPRZLcetzYbx3CJwehhbQI=
-----END CERTIFICATE-----