This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c20a63f1-f1c7-44fa-b1ea-4432da4a911f.roa
File:                     c20a63f1-f1c7-44fa-b1ea-4432da4a911f.roa (raw, json)
Hash identifier:          b4c35ibyEUXJ1KhCt082f/93lThmoMHXWfxWuoW97jw=
Subject key identifier:   C8:54:EB:55:F3:70:56:60:9A:4C:EC:9F:07:9E:C8:15:7F:DC:1D:AA
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       6AFFC42779063042848E602D1072BB844C61D896
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c20a63f1-f1c7-44fa-b1ea-4432da4a911f.roa
Signing time:             Tue 11 Nov 2025 02:41:28 +0000
ROA not before:           Tue 11 Nov 2025 02:41:28 +0000
ROA not after:            Tue 16 Dec 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        54.224.0.0/15 maxlen: 15
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 24 Nov 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:ff:c4:27:79:06:30:42:84:8e:60:2d:10:72:bb:84:4c:61:d8:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov 11 02:41:28 2025 GMT
            Not After : Dec 16 23:59:59 2025 GMT
        Subject: serialNumber=e23569c369402f889d1848e951ca78c21f2b1096016412fd22b2a11b29ce9365, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:f5:50:0a:47:92:fd:81:68:37:cd:9d:54:6b:
                    b9:94:77:2c:08:dc:f0:2b:41:e4:e9:9f:5d:69:d9:
                    b1:73:da:fc:bf:c8:64:7b:68:b8:18:cd:89:e0:67:
                    22:14:db:36:9f:9e:ba:d7:6e:78:22:85:04:d6:bc:
                    40:6c:96:95:67:5c:a7:71:5b:b9:19:59:f3:d1:a4:
                    81:da:fc:05:4f:ef:bb:a1:d6:61:b3:71:87:76:fb:
                    6c:38:a2:11:6d:c2:12:88:73:b8:62:a7:aa:bc:e3:
                    cd:a1:c4:e4:1c:f6:74:ee:54:36:c1:a1:82:63:15:
                    17:e2:cb:c3:b6:97:00:30:aa:71:23:d7:99:4f:fa:
                    dd:8a:08:d0:53:d8:76:27:82:a1:f0:6d:4e:7a:40:
                    73:fb:26:9e:ef:2c:99:1b:b4:69:4f:25:47:82:74:
                    30:50:fb:a3:e1:78:8d:c3:69:f9:95:d1:5c:99:d2:
                    c9:e4:13:83:de:a9:4a:f3:d6:e9:4d:e7:8b:2f:54:
                    c7:b3:e2:10:f6:e9:12:c2:eb:63:85:8e:30:f4:8d:
                    d2:9a:60:60:51:2c:a3:b5:70:21:97:df:f2:64:67:
                    c2:e6:37:53:a4:26:53:70:ff:77:36:a0:fb:e4:d0:
                    73:03:af:77:cf:86:7a:3f:ae:a8:66:10:65:0b:bc:
                    0d:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:54:EB:55:F3:70:56:60:9A:4C:EC:9F:07:9E:C8:15:7F:DC:1D:AA
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c20a63f1-f1c7-44fa-b1ea-4432da4a911f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.224.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         14:bd:07:d0:54:4f:c9:14:26:db:43:05:cf:db:f9:62:07:fe:
         5d:05:ff:fb:a1:0e:f4:73:55:6f:4f:f5:e9:d1:02:8f:cb:9b:
         f5:c6:dc:32:d5:58:a2:8a:36:1b:f2:58:fd:e1:eb:c9:13:a2:
         5d:81:09:c7:14:06:21:e2:1d:4a:23:69:53:4e:16:29:6c:50:
         a0:01:77:a6:47:f6:52:bd:0b:4b:18:3b:ee:16:17:2e:0a:f2:
         b4:5c:a0:bf:36:c8:2f:0c:0c:32:1e:62:06:53:91:e7:dd:5b:
         20:92:c2:c1:e7:cd:c2:b3:b4:9c:96:d3:6e:c7:f8:96:12:f4:
         8f:11:0e:12:c8:64:0c:fc:98:f9:6f:ee:bb:dd:15:1a:64:50:
         cb:3b:fc:b5:36:bb:8c:1b:bd:cd:0c:d6:67:8c:da:6a:1e:d6:
         2b:23:6a:e3:70:52:e5:1b:7b:2c:fc:a2:d3:fa:40:2f:13:c1:
         49:38:41:69:e9:2e:87:e1:88:7b:32:a4:23:09:b7:99:0a:80:
         80:88:66:7c:bc:3e:4c:1f:de:89:f6:6a:50:2a:42:b5:65:64:
         78:e5:c4:5f:51:81:55:ef:a7:e9:fc:fe:df:68:fc:90:f9:31:
         0f:ce:f5:19:34:61:72:7c:c5:b6:92:1a:5e:0d:9a:5a:61:81:
         54:94:bb:af
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUav/EJ3kGMEKEjmAtEHK7hExh2JYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTExMDI0MTI4WhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BlMjM1NjljMzY5NDAyZjg4OWQxODQ4ZTk1MWNhNzhjMjFm
MmIxMDk2MDE2NDEyZmQyMmIyYTExYjI5Y2U5MzY1MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCs9VAKR5L9gWg3zZ1Ua7mUdywI3PArQeTpn11p2bFz2vy/
yGR7aLgYzYngZyIU2zafnrrXbngihQTWvEBslpVnXKdxW7kZWfPRpIHa/AVP77uh
1mGzcYd2+2w4ohFtwhKIc7hip6q8482hxOQc9nTuVDbBoYJjFRfiy8O2lwAwqnEj
15lP+t2KCNBT2HYngqHwbU56QHP7Jp7vLJkbtGlPJUeCdDBQ+6PheI3DafmV0VyZ
0snkE4PeqUrz1ulN54svVMez4hD26RLC62OFjjD0jdKaYGBRLKO1cCGX3/JkZ8Lm
N1OkJlNw/3c2oPvk0HMDr3fPhno/rqhmEGULvA3nAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUyFTrVfNwVmCaTOyfB57IFX/cHaowHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2MyMGE2M2YxLWYxYzctNDRmYS1iMWVhLTQ0MzJkYTRhOTExZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwE24DANBgkqhkiG9w0BAQsFAAOCAQEAFL0H0FRPyRQm20MFz9v5Ygf+XQX/
+6EO9HNVb0/16dECj8ub9cbcMtVYooo2G/JY/eHryROiXYEJxxQGIeIdSiNpU04W
KWxQoAF3pkf2Ur0LSxg77hYXLgrytFygvzbILwwMMh5iBlOR591bIJLCwefNwrO0
nJbTbsf4lhL0jxEOEshkDPyY+W/uu90VGmRQyzv8tTa7jBu9zQzWZ4zaah7WKyNq
43BS5Rt7LPyi0/pALxPBSThBaekuh+GIezKkIwm3mQqAgIhmfLw+TB/eifZqUCpC
tWVkeOXEX1GBVe+n6fz+32j8kPkxD871GTRhcnzFtpIaXg2aWmGBVJS7rw==
-----END CERTIFICATE-----