This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bdffb411-66a4-449f-a139-b67509e160f8.roa
File:                     bdffb411-66a4-449f-a139-b67509e160f8.roa (raw, json)
Hash identifier:          tU+vS9xlK2ppKjg9zkYgotsEZq85Fn0ItbRDGgnrpGA=
Subject key identifier:   F1:93:DE:8B:5E:6F:6C:18:D2:7C:B1:6D:9E:81:EA:47:98:4D:71:A6
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       1D7E22DA8F9F67B6B02AC07CE7FF44D61F1CFFCF
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bdffb411-66a4-449f-a139-b67509e160f8.roa
Signing time:             Tue 11 Nov 2025 03:11:06 +0000
ROA not before:           Tue 11 Nov 2025 03:11:06 +0000
ROA not after:            Tue 16 Dec 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        54.235.237.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 24 Nov 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:7e:22:da:8f:9f:67:b6:b0:2a:c0:7c:e7:ff:44:d6:1f:1c:ff:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov 11 03:11:06 2025 GMT
            Not After : Dec 16 23:59:59 2025 GMT
        Subject: serialNumber=48ca0526b03e735c31e89a76c59d6f2446b052a6423eb39b136cc43139834174, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:3d:fa:db:f3:b6:90:6c:f1:89:8d:d8:43:5e:
                    a6:29:bf:1a:e2:33:2c:74:ef:0f:7b:eb:9b:0f:1e:
                    a4:49:e8:eb:ca:4c:5b:3d:81:94:f8:df:d0:ba:81:
                    43:fe:54:d2:c1:1d:7e:62:0d:68:29:7a:cc:3f:b2:
                    d5:57:b6:bb:46:58:02:fa:27:5d:b0:7a:7a:9c:b1:
                    9e:b5:b2:03:26:78:3b:e5:71:54:8f:4e:32:eb:3a:
                    7e:2e:48:35:0f:45:83:a2:f6:0d:b6:69:67:b2:98:
                    99:4e:68:81:55:84:71:d3:34:f2:e5:fe:0a:1e:6a:
                    51:32:78:0d:87:30:2a:64:91:d8:b5:2b:f8:e6:ff:
                    81:58:c4:eb:3c:1e:57:3d:fd:d6:98:23:e5:17:d6:
                    f6:25:83:f8:08:c6:ea:3a:d0:bd:41:c6:1c:c9:00:
                    ff:6b:78:b4:c0:13:32:15:8c:c4:b5:1b:2f:bd:6e:
                    d1:2a:61:ae:ed:f9:86:a1:a3:ad:c6:6c:46:81:77:
                    57:86:55:dc:c5:d4:05:63:00:76:07:9e:4c:f3:dd:
                    7b:83:3c:05:f8:6a:5d:21:56:21:a4:45:90:d4:6f:
                    3a:d9:5a:fc:56:4d:f3:c5:dd:87:3c:44:1a:41:50:
                    f6:44:85:94:34:a0:d3:df:1c:8a:12:18:ee:87:92:
                    36:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:93:DE:8B:5E:6F:6C:18:D2:7C:B1:6D:9E:81:EA:47:98:4D:71:A6
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bdffb411-66a4-449f-a139-b67509e160f8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.235.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:84:1b:db:5e:5f:9a:e6:63:03:f2:6e:88:78:82:20:ff:88:
         a2:41:b9:93:9f:2b:9e:23:1f:8a:18:ce:b0:c0:5d:2e:f0:cc:
         5b:69:35:5c:9a:58:21:17:f7:51:e0:77:8d:51:89:8d:a7:95:
         8e:00:ea:2c:a7:4b:bd:e3:3a:8b:bd:a8:91:25:dd:49:45:69:
         f4:9f:d5:3e:70:24:0b:2e:00:16:87:1a:81:6c:3a:22:02:2a:
         ff:d4:e3:0c:41:0f:13:4d:21:76:36:d8:21:76:59:3b:a6:1b:
         7e:95:4b:4c:73:45:9d:46:5d:ba:38:dc:af:9b:0a:3b:ca:be:
         f9:7e:01:94:b7:09:a5:c1:b5:ea:3c:59:38:92:89:ab:fc:06:
         f1:7d:1e:52:25:9f:d6:3b:b6:20:6f:e6:e8:67:ea:14:20:f0:
         d5:31:65:10:05:76:d0:7a:91:1c:48:d2:5a:0b:fd:95:be:b2:
         57:11:3d:71:2c:f3:10:79:06:79:68:5e:08:d5:d5:cb:35:d9:
         6d:03:38:01:c6:e7:39:fa:69:89:34:09:79:1b:25:49:12:02:
         f7:d9:d2:85:7f:73:0a:e5:b5:59:e4:c2:38:3a:cb:f6:64:ee:
         23:80:2b:f7:82:56:86:4c:71:04:c2:ca:d4:70:82:5b:aa:f8:
         e0:aa:aa:a6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUHX4i2o+fZ7awKsB85/9E1h8c/88wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTExMDMxMTA2WhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A0OGNhMDUyNmIwM2U3MzVjMzFlODlhNzZjNTlkNmYyNDQ2
YjA1MmE2NDIzZWIzOWIxMzZjYzQzMTM5ODM0MTc0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDaPfrb87aQbPGJjdhDXqYpvxriMyx07w9765sPHqRJ6OvK
TFs9gZT439C6gUP+VNLBHX5iDWgpesw/stVXtrtGWAL6J12wenqcsZ61sgMmeDvl
cVSPTjLrOn4uSDUPRYOi9g22aWeymJlOaIFVhHHTNPLl/goealEyeA2HMCpkkdi1
K/jm/4FYxOs8Hlc9/daYI+UX1vYlg/gIxuo60L1BxhzJAP9reLTAEzIVjMS1Gy+9
btEqYa7t+Yaho63GbEaBd1eGVdzF1AVjAHYHnkzz3XuDPAX4al0hViGkRZDUbzrZ
WvxWTfPF3Yc8RBpBUPZEhZQ0oNPfHIoSGO6HkjbbAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU8ZPei15vbBjSfLFtnoHqR5hNcaYwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2JkZmZiNDExLTY2YTQtNDQ5Zi1hMTM5LWI2NzUwOWUxNjBmOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA26+0wDQYJKoZIhvcNAQELBQADggEBAG+EG9teX5rmYwPyboh4giD/iKJB
uZOfK54jH4oYzrDAXS7wzFtpNVyaWCEX91Hgd41RiY2nlY4A6iynS73jOou9qJEl
3UlFafSf1T5wJAsuABaHGoFsOiICKv/U4wxBDxNNIXY22CF2WTumG36VS0xzRZ1G
Xbo43K+bCjvKvvl+AZS3CaXBteo8WTiSiav8BvF9HlIln9Y7tiBv5uhn6hQg8NUx
ZRAFdtB6kRxI0loL/ZW+slcRPXEs8xB5BnloXgjV1cs12W0DOAHG5zn6aYk0CXkb
JUkSAvfZ0oV/cwrltVnkwjg6y/Zk7iOAK/eCVoZMcQTCytRwgluq+OCqqqY=
-----END CERTIFICATE-----