This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bedd4620-fa90-4fab-8cf2-33541daccdc8.roa
File:                     bedd4620-fa90-4fab-8cf2-33541daccdc8.roa (raw, json)
Hash identifier:          I9wwHxORAIjsYjHhyRAb8z2ARjrJ+asXsuCQoUeQjPA=
Subject key identifier:   B2:9E:DA:DD:FD:3D:4C:68:9A:3A:5A:EA:9C:64:FC:A1:63:3F:ED:35
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       157F876B5FE368108E9FBB7C79605A4984036E53
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bedd4620-fa90-4fab-8cf2-33541daccdc8.roa
Signing time:             Thu 13 Nov 2025 01:30:16 +0000
ROA not before:           Thu 13 Nov 2025 01:30:16 +0000
ROA not after:            Thu 18 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.239.99.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 08 Dec 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:7f:87:6b:5f:e3:68:10:8e:9f:bb:7c:79:60:5a:49:84:03:6e:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov 13 01:30:16 2025 GMT
            Not After : Dec 18 23:59:59 2025 GMT
        Subject: serialNumber=383661470370408aacd444aae991ccf2b10475e6ca59cf7a1d0455ebe647f7c0, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:b0:8f:ab:48:1d:45:98:62:b9:14:b4:68:9c:
                    16:b2:4e:33:4f:17:1c:4d:53:ec:8b:e8:a0:11:b3:
                    d2:25:f5:15:a8:4f:00:1e:83:26:10:0b:96:54:33:
                    ec:3a:01:40:4c:de:5d:6f:f8:1d:8d:57:7f:92:59:
                    af:47:46:6f:1c:ba:53:e4:ff:db:93:07:3a:db:2c:
                    c1:50:94:43:6f:be:b5:01:aa:ff:e0:98:3a:54:30:
                    e0:b3:ac:48:85:3d:b4:a5:60:f9:67:c1:94:dd:ef:
                    88:04:d3:be:13:25:5a:a1:f8:c1:97:b8:da:1f:2e:
                    44:1b:a0:e9:e1:49:4c:9f:34:36:c4:94:a9:de:d1:
                    a3:e7:da:af:6f:36:c7:dc:54:e5:45:85:77:70:04:
                    01:89:fa:3b:64:55:76:60:ba:cd:51:d9:e6:67:db:
                    7e:41:98:c7:c7:b4:a1:a5:71:f1:7a:a1:15:13:77:
                    f5:a9:0c:c8:58:7f:ac:94:b9:0f:7d:6f:b7:40:16:
                    11:f4:92:52:c9:af:53:e9:63:fc:5b:3f:aa:bc:24:
                    89:06:aa:06:40:73:96:5a:3f:ba:17:20:8b:5b:ad:
                    5b:e4:26:07:56:15:ae:34:c4:4a:b2:b2:69:f3:ac:
                    18:66:ba:98:af:78:0f:5f:30:ec:fe:b4:8b:0a:62:
                    ec:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:9E:DA:DD:FD:3D:4C:68:9A:3A:5A:EA:9C:64:FC:A1:63:3F:ED:35
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bedd4620-fa90-4fab-8cf2-33541daccdc8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.239.99.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:bc:93:3a:45:f4:39:e2:17:37:fa:0b:c5:c9:7a:77:b8:25:
         ba:50:96:0d:23:1f:dc:68:b5:79:39:6d:d9:78:81:1e:76:f9:
         4c:b5:71:2b:17:5f:91:20:14:9a:dc:6e:25:9d:02:92:5e:4b:
         13:00:e5:04:f9:a0:db:b3:20:f2:93:65:94:1e:36:19:28:9d:
         eb:ad:1e:40:5f:ec:58:17:34:ec:ca:56:fe:7b:e5:f2:43:17:
         55:e6:bd:6b:9f:c3:23:98:40:ec:ab:78:d0:a3:78:12:58:18:
         ef:26:85:cc:67:8a:aa:bd:c1:94:74:23:2c:ab:1e:1d:26:04:
         bc:70:50:b9:8b:0c:5d:f8:70:88:5f:c8:57:36:74:be:46:64:
         e0:b4:3d:3c:b3:6e:85:7f:86:59:ce:98:eb:5b:48:a7:01:8d:
         c3:12:06:b1:e5:45:42:8b:76:91:4b:9a:d0:b7:03:41:d9:59:
         a0:8b:49:c1:d5:2b:71:2e:2f:c5:15:d8:46:0f:fa:35:f4:23:
         05:07:d3:69:80:2f:1e:cf:51:62:3a:ca:f4:9b:ff:1f:bd:40:
         40:54:db:7c:f8:b2:30:96:8c:4d:90:82:0c:7a:9f:e2:f6:41:
         a7:a1:e4:0b:70:b9:a0:be:94:da:0a:d6:64:e0:15:8e:45:4a:
         9d:80:eb:2c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFX+Ha1/jaBCOn7t8eWBaSYQDblMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTEzMDEzMDE2WhcNMjUxMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AzODM2NjE0NzAzNzA0MDhhYWNkNDQ0YWFlOTkxY2NmMmIx
MDQ3NWU2Y2E1OWNmN2ExZDA0NTVlYmU2NDdmN2MwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC5sI+rSB1FmGK5FLRonBayTjNPFxxNU+yL6KARs9Il9RWo
TwAegyYQC5ZUM+w6AUBM3l1v+B2NV3+SWa9HRm8culPk/9uTBzrbLMFQlENvvrUB
qv/gmDpUMOCzrEiFPbSlYPlnwZTd74gE074TJVqh+MGXuNofLkQboOnhSUyfNDbE
lKne0aPn2q9vNsfcVOVFhXdwBAGJ+jtkVXZgus1R2eZn235BmMfHtKGlcfF6oRUT
d/WpDMhYf6yUuQ99b7dAFhH0klLJr1PpY/xbP6q8JIkGqgZAc5ZaP7oXIItbrVvk
JgdWFa40xEqysmnzrBhmupiveA9fMOz+tIsKYuwnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUsp7a3f09TGiaOlrqnGT8oWM/7TUwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2JlZGQ0NjIwLWZhOTAtNGZhYi04Y2YyLTMzNTQxZGFjY2RjOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA272MwDQYJKoZIhvcNAQELBQADggEBAIC8kzpF9DniFzf6C8XJene4JbpQ
lg0jH9xotXk5bdl4gR52+Uy1cSsXX5EgFJrcbiWdApJeSxMA5QT5oNuzIPKTZZQe
NhkoneutHkBf7FgXNOzKVv575fJDF1XmvWufwyOYQOyreNCjeBJYGO8mhcxniqq9
wZR0IyyrHh0mBLxwULmLDF34cIhfyFc2dL5GZOC0PTyzboV/hlnOmOtbSKcBjcMS
BrHlRUKLdpFLmtC3A0HZWaCLScHVK3EuL8UV2EYP+jX0IwUH02mALx7PUWI6yvSb
/x+9QEBU23z4sjCWjE2Qggx6n+L2Qaeh5AtwuaC+lNoK1mTgFY5FSp2A6yw=
-----END CERTIFICATE-----