This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/926673fa-2a99-4a67-830e-3f0967580dd6.roa
File:                     926673fa-2a99-4a67-830e-3f0967580dd6.roa (raw, json)
Hash identifier:          9Bi+8SpN9rgsu2dLH1Qv4x92yGjyokGekd/SRrOK964=
Subject key identifier:   1D:15:08:0F:33:E1:6A:B8:38:08:C1:71:33:BF:51:95:A1:A4:C3:46
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       02BD20520E6CF656D18862EB95254D40D40BBC04
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/926673fa-2a99-4a67-830e-3f0967580dd6.roa
Signing time:             Wed 10 Dec 2025 03:10:40 +0000
ROA not before:           Wed 10 Dec 2025 03:10:40 +0000
ROA not after:            Tue 10 Mar 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        136.13.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 20 Dec 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:bd:20:52:0e:6c:f6:56:d1:88:62:eb:95:25:4d:40:d4:0b:bc:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Dec 10 03:10:40 2025 GMT
            Not After : Mar 10 23:59:59 2026 GMT
        Subject: serialNumber=39cd32e8a66fbb22f8241cb90d6140d110f55b120c7b1d042d5eb69dde873849, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:b7:10:1e:1c:00:65:48:0e:e9:36:b4:f5:93:
                    ec:2f:30:82:63:fe:b5:88:cc:b0:f0:25:a1:e1:95:
                    05:c3:1c:9a:4e:26:ea:7c:01:09:c8:45:54:e4:02:
                    af:4f:44:a1:ff:1d:95:fa:5f:0e:fb:d0:7c:41:67:
                    06:90:d3:0a:0f:5e:76:c5:3a:e7:ab:6d:97:12:a3:
                    56:67:03:60:13:69:3c:f9:40:35:fb:c2:b5:9b:f3:
                    16:b6:2b:ed:9d:91:cf:13:4a:c7:88:14:9a:d9:87:
                    2d:de:1a:84:0f:8b:8e:a5:e1:88:98:e6:3a:d1:42:
                    59:94:7b:73:98:1f:b9:a4:9b:df:cf:66:53:fc:38:
                    cf:dd:bd:00:b8:20:e7:0b:ae:31:9b:4e:d5:61:e1:
                    59:3a:d3:ef:8d:22:39:9b:44:1c:53:8f:f6:6b:a9:
                    43:96:f3:8d:d5:d2:74:64:c0:97:06:97:fd:75:ab:
                    52:8b:96:db:ec:b7:29:04:08:74:b3:2e:a5:97:fd:
                    bd:77:cd:f0:ee:10:de:02:bd:89:6e:dd:4d:90:b9:
                    45:83:67:5e:fb:54:fd:e2:a2:86:ff:5b:e1:8e:ea:
                    d0:e5:ea:70:9d:4e:01:00:e6:95:87:28:cc:e7:02:
                    b6:b6:f6:3b:8b:54:2c:6b:88:ba:2d:2d:6f:ab:73:
                    c3:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:15:08:0F:33:E1:6A:B8:38:08:C1:71:33:BF:51:95:A1:A4:C3:46
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/926673fa-2a99-4a67-830e-3f0967580dd6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  136.13.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         12:e5:4e:9c:e1:c1:5d:b1:7b:b7:b9:96:00:30:76:d4:1a:98:
         38:66:df:41:46:8d:4d:0b:dd:4f:6a:58:cf:d5:22:7a:c1:d5:
         d5:3e:f1:33:47:1e:b7:3f:c6:74:12:c1:9e:dc:fb:b9:f8:2d:
         20:ef:78:80:84:10:cb:bc:a3:ef:92:10:a7:63:17:df:b5:4a:
         8f:70:94:11:be:19:58:df:55:23:26:fe:b7:00:ac:08:e4:fa:
         99:d4:a0:75:85:d5:bb:97:2b:ec:d7:be:56:51:1c:5b:64:c6:
         55:50:97:55:2f:82:dd:48:8d:1e:84:1f:f7:31:d6:bb:62:e3:
         85:ef:ef:94:33:65:51:71:47:b1:3f:40:67:dd:56:93:8f:b6:
         5c:c3:dd:66:1b:05:f2:5f:56:6a:7d:cd:08:9e:06:14:6f:64:
         c6:5e:04:1c:37:d1:5e:9e:5d:45:99:ae:d9:f7:c2:99:01:ba:
         d0:7e:60:d6:9a:a3:fe:0a:39:fb:10:ac:54:4e:3d:cc:77:e3:
         a2:9a:03:10:1f:40:ba:11:6b:0f:f4:c0:57:cb:20:b5:db:e9:
         50:5f:85:17:33:ad:5d:49:48:5f:12:75:49:7a:df:39:16:51:
         78:c2:6f:92:50:6a:5b:ca:e1:2f:94:40:32:c5:3f:98:0a:ac:
         cc:7a:57:93
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUAr0gUg5s9lbRiGLrlSVNQNQLvAQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMjEwMDMxMDQwWhcNMjYwMzEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AzOWNkMzJlOGE2NmZiYjIyZjgyNDFjYjkwZDYxNDBkMTEw
ZjU1YjEyMGM3YjFkMDQyZDVlYjY5ZGRlODczODQ5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCntxAeHABlSA7pNrT1k+wvMIJj/rWIzLDwJaHhlQXDHJpO
Jup8AQnIRVTkAq9PRKH/HZX6Xw770HxBZwaQ0woPXnbFOuerbZcSo1ZnA2ATaTz5
QDX7wrWb8xa2K+2dkc8TSseIFJrZhy3eGoQPi46l4YiY5jrRQlmUe3OYH7mkm9/P
ZlP8OM/dvQC4IOcLrjGbTtVh4Vk60++NIjmbRBxTj/ZrqUOW843V0nRkwJcGl/11
q1KLltvstykECHSzLqWX/b13zfDuEN4CvYlu3U2QuUWDZ177VP3ioob/W+GO6tDl
6nCdTgEA5pWHKMznAra29juLVCxriLotLW+rc8NhAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUHRUIDzPharg4CMFxM79RlaGkw0YwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzkyNjY3M2ZhLTJhOTktNGE2Ny04MzBlLTNmMDk2NzU4MGRkNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCIDTANBgkqhkiG9w0BAQsFAAOCAQEAEuVOnOHBXbF7t7mWADB21BqYOGbf
QUaNTQvdT2pYz9UiesHV1T7xM0cetz/GdBLBntz7ufgtIO94gIQQy7yj75IQp2MX
37VKj3CUEb4ZWN9VIyb+twCsCOT6mdSgdYXVu5cr7Ne+VlEcW2TGVVCXVS+C3UiN
HoQf9zHWu2Ljhe/vlDNlUXFHsT9AZ91Wk4+2XMPdZhsF8l9Wan3NCJ4GFG9kxl4E
HDfRXp5dRZmu2ffCmQG60H5g1pqj/go5+xCsVE49zHfjopoDEB9AuhFrD/TAV8sg
tdvpUF+FFzOtXUlIXxJ1SXrfORZReMJvklBqW8rhL5RAMsU/mAqszHpXkw==
-----END CERTIFICATE-----