This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fead37cf-fd8d-43cb-8c50-1971d2dbdb01.roa
File:                     fead37cf-fd8d-43cb-8c50-1971d2dbdb01.roa (raw, json)
Hash identifier:          ck1UKOSoOpllxk3eUO3L3YbLsgx29yNxZdRUWaNqIAU=
Subject key identifier:   6D:45:16:66:DE:CA:EC:C7:B3:35:E6:28:14:88:24:04:B3:3D:DF:F8
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       7C060CA39B38DBEAC22D1B34EFB90589CF639129
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fead37cf-fd8d-43cb-8c50-1971d2dbdb01.roa
Signing time:             Wed 10 Dec 2025 02:21:51 +0000
ROA not before:           Wed 10 Dec 2025 02:21:51 +0000
ROA not after:            Tue 10 Mar 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.74.0.0/17 maxlen: 17
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 16 Dec 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:06:0c:a3:9b:38:db:ea:c2:2d:1b:34:ef:b9:05:89:cf:63:91:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Dec 10 02:21:51 2025 GMT
            Not After : Mar 10 23:59:59 2026 GMT
        Subject: serialNumber=662d41f3fad4f275500cd6384d8a6e5842164767f2a31d7f85b2bd82764061d8, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:24:98:71:05:69:17:ae:b9:0f:c3:37:8e:da:
                    44:4c:43:75:62:77:24:39:9c:a9:4f:82:80:b2:60:
                    85:2b:23:98:b9:8e:60:3f:3f:81:a2:07:a3:31:b0:
                    9b:7c:0a:fd:fe:ce:bf:72:7d:ef:95:8c:9c:95:9d:
                    8b:9e:e2:2f:de:15:e0:b1:ad:8b:2a:90:9c:68:3b:
                    a1:57:91:cd:b7:b1:fe:45:b5:e4:4a:86:74:21:09:
                    80:f1:fb:1e:dc:0f:c2:ff:a1:a8:d7:9b:6f:1e:36:
                    73:20:7f:1b:44:64:20:28:68:df:da:75:b7:c0:78:
                    5a:4a:f2:bf:9e:f8:ee:64:9f:cd:dc:d2:9d:b4:7c:
                    67:c3:d4:3e:19:12:38:d3:9b:35:99:70:28:23:27:
                    81:73:34:5e:7b:53:c3:70:dc:32:fd:ed:03:e0:9b:
                    5a:a8:d7:d2:62:b2:18:af:79:0a:87:0d:00:32:f6:
                    c8:0b:2b:62:5e:88:75:f4:c5:7f:2e:5f:a3:1c:c8:
                    2d:2b:f1:02:b4:87:58:09:8c:2e:ad:b1:5c:b7:01:
                    bb:a8:1b:2c:98:ba:90:bd:bd:95:eb:c5:3e:be:54:
                    7d:68:20:0f:bb:99:de:f0:e7:e8:66:68:b1:30:c0:
                    18:44:73:5a:66:22:de:91:37:5d:ee:b3:00:0b:16:
                    fd:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:45:16:66:DE:CA:EC:C7:B3:35:E6:28:14:88:24:04:B3:3D:DF:F8
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fead37cf-fd8d-43cb-8c50-1971d2dbdb01.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.74.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         77:23:d2:91:d3:a8:ee:e9:23:5a:de:9b:14:3f:34:b2:6c:aa:
         07:e6:0a:aa:cd:65:95:a8:ad:6c:e5:fe:eb:08:9d:e3:0f:da:
         0c:1a:bf:83:76:82:b9:b2:9c:ed:39:79:6f:17:81:0e:a5:13:
         22:98:54:24:bf:1a:c9:7b:aa:51:ec:a6:51:5b:c9:9a:0b:06:
         d5:b8:05:c3:40:79:c1:c7:88:f5:f0:84:3c:cd:f5:92:a6:4a:
         21:6f:af:6e:85:87:d7:54:0a:cf:53:79:3a:3c:24:98:84:45:
         e0:99:69:95:43:12:a7:86:33:94:8c:82:5f:5a:7d:fd:23:4e:
         17:92:c4:91:31:60:03:c8:fc:7b:01:5f:a1:1b:a4:74:ad:10:
         6c:68:82:26:e3:1d:5b:c6:f4:f1:26:cc:33:36:a6:10:c8:12:
         9f:db:19:d0:ae:da:e6:51:f6:71:52:76:7c:eb:b9:c5:99:88:
         4b:be:a8:57:03:5b:78:d5:cc:25:92:6a:65:d5:17:c6:30:12:
         5e:71:74:e1:2f:c9:f8:38:57:8e:96:f1:7f:ea:dc:87:9c:94:
         d1:75:1d:a2:bc:8c:f8:89:84:1f:56:77:43:d1:50:49:ad:0b:
         e2:2b:84:e8:cc:44:85:90:e7:47:01:4b:d6:8d:d9:71:5c:09:
         f1:17:e9:9a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfAYMo5s42+rCLRs077kFic9jkSkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMjEwMDIyMTUxWhcNMjYwMzEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A2NjJkNDFmM2ZhZDRmMjc1NTAwY2Q2Mzg0ZDhhNmU1ODQy
MTY0NzY3ZjJhMzFkN2Y4NWIyYmQ4Mjc2NDA2MWQ4MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7JJhxBWkXrrkPwzeO2kRMQ3VidyQ5nKlPgoCyYIUrI5i5
jmA/P4GiB6MxsJt8Cv3+zr9yfe+VjJyVnYue4i/eFeCxrYsqkJxoO6FXkc23sf5F
teRKhnQhCYDx+x7cD8L/oajXm28eNnMgfxtEZCAoaN/adbfAeFpK8r+e+O5kn83c
0p20fGfD1D4ZEjjTmzWZcCgjJ4FzNF57U8Nw3DL97QPgm1qo19JishiveQqHDQAy
9sgLK2JeiHX0xX8uX6McyC0r8QK0h1gJjC6tsVy3AbuoGyyYupC9vZXrxT6+VH1o
IA+7md7w5+hmaLEwwBhEc1pmIt6RN13uswALFv3rAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUbUUWZt7K7MezNeYoFIgkBLM93/gwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2ZlYWQzN2NmLWZkOGQtNDNjYi04YzUwLTE5NzFkMmRiZGIwMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAc2SgAwDQYJKoZIhvcNAQELBQADggEBAHcj0pHTqO7pI1remxQ/NLJsqgfm
CqrNZZWorWzl/usIneMP2gwav4N2grmynO05eW8XgQ6lEyKYVCS/Gsl7qlHsplFb
yZoLBtW4BcNAecHHiPXwhDzN9ZKmSiFvr26Fh9dUCs9TeTo8JJiEReCZaZVDEqeG
M5SMgl9aff0jTheSxJExYAPI/HsBX6EbpHStEGxogibjHVvG9PEmzDM2phDIEp/b
GdCu2uZR9nFSdnzrucWZiEu+qFcDW3jVzCWSamXVF8YwEl5xdOEvyfg4V46W8X/q
3IeclNF1HaK8jPiJhB9Wd0PRUEmtC+IrhOjMRIWQ50cBS9aN2XFcCfEX6Zo=
-----END CERTIFICATE-----