This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS16276.roa
File:                     AS16276.roa (raw, json)
Hash identifier:          64dsRi9xko0XB1k01yGN4cj5PFSK/0o4Of30RAZ107I=
Subject key identifier:   DF:18:36:79:53:8F:97:22:5D:FE:8D:90:97:9C:C5:DC:80:58:7D:EE
Certificate issuer:       /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial:       389E6BB35080A7BA2015DE97365CA5E9E17C937B
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS16276.roa
Signing time:             Mon 24 Nov 2025 20:54:12 +0000
ROA not before:           Mon 24 Nov 2025 20:49:12 +0000
ROA not after:            Mon 23 Nov 2026 20:54:12 +0000
asID:                     16276
IP address blocks:        104.167.16.0/24 maxlen: 24
                          168.222.242.0/24 maxlen: 24
                          168.222.243.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 07 Dec 2025 05:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:9e:6b:b3:50:80:a7:ba:20:15:de:97:36:5c:a5:e9:e1:7c:93:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
        Validity
            Not Before: Nov 24 20:49:12 2025 GMT
            Not After : Nov 23 20:54:12 2026 GMT
        Subject: CN=DF183679538F97225DFE8D90979CC5DC80587DEE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:4c:3d:f8:1a:71:b6:31:13:a7:ee:0a:6d:88:
                    78:68:ad:ac:e1:67:dc:37:c8:d1:32:94:ed:02:a6:
                    1f:76:fe:25:d7:98:ab:b6:52:bc:ea:ab:67:c8:48:
                    24:67:7e:31:3f:61:f1:9c:98:62:5f:48:8f:c5:0f:
                    aa:33:be:cd:7e:0f:26:a2:11:95:91:4c:38:f5:55:
                    c9:bf:55:47:db:24:c5:e3:a6:a2:64:cf:be:35:cb:
                    2c:cc:fc:d4:22:b1:d0:1c:e4:b2:09:01:26:91:b7:
                    7a:3b:bd:f0:1a:48:24:db:6f:cb:da:e3:79:61:49:
                    e4:3f:63:0e:ed:7c:d7:1d:20:df:51:8b:58:0d:23:
                    a1:78:0f:ee:b0:04:3d:e4:8a:ea:71:96:30:f7:94:
                    49:6c:1a:e2:60:ca:7c:a7:17:37:c9:57:1c:2d:b3:
                    3e:7d:db:10:04:ca:11:d5:87:7c:c3:1b:8b:05:5f:
                    27:cc:72:cb:28:f9:f1:c0:ff:90:57:5f:f1:48:b0:
                    49:38:dc:66:f4:9c:09:11:4b:88:6e:3c:5f:88:49:
                    36:3f:6d:1b:f8:63:e5:5e:20:d3:e2:75:31:20:6e:
                    a0:8c:ec:db:73:33:71:aa:55:19:4d:56:54:65:d7:
                    4b:dc:2c:b4:2d:2f:0d:58:84:7a:a2:dc:78:93:56:
                    f1:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:18:36:79:53:8F:97:22:5D:FE:8D:90:97:9C:C5:DC:80:58:7D:EE
            X509v3 Authority Key Identifier:
                keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS16276.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.167.16.0/24
                  168.222.242.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8e:00:5f:1f:ef:e6:52:9e:cf:77:b6:2c:63:8e:61:93:c7:7f:
         71:bd:68:60:d2:a0:35:ea:24:54:f6:23:6c:6d:40:fe:35:12:
         86:6e:a1:78:80:05:12:6a:9d:33:48:53:ce:6c:83:3e:6e:d8:
         e4:06:53:c1:15:78:d0:c2:e5:09:73:39:91:ff:e2:43:08:59:
         ef:93:f1:67:c5:62:52:fb:9c:59:3b:a7:a3:3f:34:d8:69:30:
         01:be:e2:79:0b:a6:af:11:bd:e4:62:46:7b:c2:7d:90:8d:ce:
         04:82:ca:82:ee:15:e3:93:4f:c6:54:b0:a1:b9:a7:51:52:1a:
         26:33:c1:ba:f3:41:0e:42:35:05:d5:58:20:13:6f:6f:79:a4:
         57:0c:98:68:7c:af:2e:f0:6c:74:e8:9a:73:66:17:72:60:83:
         57:16:0a:0b:ae:b1:b5:3c:a7:72:3d:22:af:bd:43:af:17:d7:
         2a:7a:25:54:81:e1:1a:6f:b1:6b:a3:d8:7a:c3:aa:cd:8a:7f:
         b2:08:d5:08:7a:06:7b:29:65:79:ba:47:b5:54:b9:fc:a0:b7:
         d9:41:4a:ed:cc:87:91:f4:1b:5e:b0:f4:11:0e:3c:6d:40:d3:
         65:61:6d:fa:21:38:76:93:e3:3c:cb:55:b0:e8:b6:ad:2f:4f:
         e9:54:e9:50
-----BEGIN CERTIFICATE-----
MIIE6jCCA9KgAwIBAgIUOJ5rs1CAp7ogFd6XNlyl6eF8k3swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTExMjQyMDQ5MTJaFw0yNjExMjMyMDU0MTJaMDMxMTAvBgNV
BAMTKERGMTgzNjc5NTM4Rjk3MjI1REZFOEQ5MDk3OUNDNURDODA1ODdERUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnTD34GnG2MROn7gptiHhorazh
Z9w3yNEylO0Cph92/iXXmKu2Urzqq2fISCRnfjE/YfGcmGJfSI/FD6ozvs1+Dyai
EZWRTDj1Vcm/VUfbJMXjpqJkz741yyzM/NQisdAc5LIJASaRt3o7vfAaSCTbb8va
43lhSeQ/Yw7tfNcdIN9Ri1gNI6F4D+6wBD3kiupxljD3lElsGuJgynynFzfJVxwt
sz592xAEyhHVh3zDG4sFXyfMcsso+fHA/5BXX/FIsEk43Gb0nAkRS4huPF+ISTY/
bRv4Y+VeINPidTEgbqCM7NtzM3GqVRlNVlRl10vcLLQtLw1YhHqi3HiTVvH/AgMB
AAGjggH0MIIB8DAdBgNVHQ4EFgQU3xg2eVOPlyJd/o2Ql5zF3IBYfe4wHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MTYyNzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcB
Af8EFjAUMBIEAgABMAwDBABopxADBAGo3vIwDQYJKoZIhvcNAQELBQADggEBAI4A
Xx/v5lKez3e2LGOOYZPHf3G9aGDSoDXqJFT2I2xtQP41EoZuoXiABRJqnTNIU85s
gz5u2OQGU8EVeNDC5QlzOZH/4kMIWe+T8WfFYlL7nFk7p6M/NNhpMAG+4nkLpq8R
veRiRnvCfZCNzgSCyoLuFeOTT8ZUsKG5p1FSGiYzwbrzQQ5CNQXVWCATb295pFcM
mGh8ry7wbHTomnNmF3Jgg1cWCguusbU8p3I9Iq+9Q68X1yp6JVSB4RpvsWuj2HrD
qs2Kf7II1Qh6BnspZXm6R7VUufygt9lBSu3Mh5H0G16w9BEOPG1A02VhbfohOHaT
4zzLVbDotq0vT+lU6VA=
-----END CERTIFICATE-----