This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2a3aefdd-2281-4c50-a86b-248569ce3189.roa
File:                     2a3aefdd-2281-4c50-a86b-248569ce3189.roa (raw, json)
Hash identifier:          Rx1WBDZk3QyCVaQ7JinWTM4lXVfO8HVKGOAmtip1I98=
Subject key identifier:   3A:F7:78:A9:63:FF:17:C0:FB:59:A0:A4:65:82:D9:34:3E:3B:4C:BF
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       73C93C97DEB0D8C3759D70FEFEA1A86D507081E4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2a3aefdd-2281-4c50-a86b-248569ce3189.roa
Signing time:             Thu 20 Nov 2025 00:10:04 +0000
ROA not before:           Thu 20 Nov 2025 00:10:04 +0000
ROA not after:            Wed 18 Feb 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        72.150.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 08 Dec 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:c9:3c:97:de:b0:d8:c3:75:9d:70:fe:fe:a1:a8:6d:50:70:81:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 20 00:10:04 2025 GMT
            Not After : Feb 18 23:59:59 2026 GMT
        Subject: serialNumber=7af8cea659e01340ffb159935da7f1b59252edffd0f14d743cff27aba6a097ac, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:96:d7:95:79:67:05:61:47:97:fb:32:76:af:
                    b6:16:99:39:26:7c:e0:4d:d9:a4:af:ad:0e:fc:3d:
                    f4:16:a5:a5:af:a6:b0:c6:b8:61:65:23:a9:be:11:
                    01:9c:20:28:e4:91:f7:23:6d:90:60:b4:02:e6:65:
                    f4:b5:d2:4b:1f:e5:f5:16:85:9a:62:af:69:66:68:
                    85:2e:24:4d:6d:26:81:73:67:1e:be:d9:d5:68:fb:
                    4d:24:82:b6:7d:e9:32:df:4d:a2:5b:47:d1:c2:1c:
                    4f:05:a9:f0:6b:98:21:c5:85:3a:ce:b5:cf:6d:f8:
                    3b:a4:0a:d7:e3:d9:42:6a:a7:6f:c1:04:19:66:90:
                    47:ac:f0:fb:92:8a:f6:fb:0c:4b:d6:e3:06:93:fb:
                    d9:e5:69:6c:9f:a3:80:4e:45:e0:fd:eb:4b:99:5a:
                    ee:50:21:0d:d5:c6:50:5b:e6:a4:e4:20:81:87:1b:
                    e4:36:48:c2:e9:fa:23:d2:5d:28:1f:db:50:6f:41:
                    9b:04:c0:e9:cf:1c:98:79:2e:c1:a5:c1:f5:02:0c:
                    31:fa:22:45:c0:18:56:cf:70:de:87:8e:b4:d3:01:
                    4e:41:3b:43:cf:e5:85:15:8f:9a:01:6b:e8:06:8f:
                    cd:67:47:92:7d:0d:a2:1e:c3:49:ec:74:06:22:00:
                    04:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:F7:78:A9:63:FF:17:C0:FB:59:A0:A4:65:82:D9:34:3E:3B:4C:BF
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2a3aefdd-2281-4c50-a86b-248569ce3189.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  72.150.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         ac:37:64:36:3c:6a:65:5d:18:7f:7c:54:ae:b4:f9:2d:70:8b:
         6e:9d:1e:5c:56:72:3d:db:0a:53:cd:ab:86:0b:da:ed:97:7d:
         7e:49:69:77:b9:93:55:85:59:8a:b2:95:55:92:9d:5c:66:69:
         f2:04:aa:b4:44:03:90:02:2f:e0:17:09:be:65:4d:55:e9:b7:
         56:de:7a:9e:30:53:69:ba:84:83:b4:2c:99:ac:53:a9:27:5a:
         cc:42:73:90:85:15:f7:fe:e7:39:e9:ba:96:3b:b7:29:9d:e2:
         f3:81:4f:01:9f:3d:fd:ca:5f:81:61:45:da:50:de:32:f3:01:
         f6:0d:a4:96:2b:9b:cd:e6:7b:83:21:db:00:a9:8e:88:84:2c:
         2c:0f:69:e6:7c:16:c7:4c:e8:54:d2:5d:fc:ac:16:56:80:e0:
         d4:17:9d:59:33:ee:3f:1c:88:e2:2d:ca:86:df:99:65:76:38:
         a8:2b:4a:da:80:0b:a2:64:49:94:e0:17:36:ed:e4:71:70:95:
         9f:5f:0c:68:9b:fd:0b:9b:70:e0:eb:65:87:02:66:d3:b0:99:
         6d:68:5e:c0:0f:84:5e:8c:d4:a5:c0:63:93:7c:30:21:6a:85:
         02:07:8f:17:8f:2a:de:6f:c4:61:79:f1:19:d0:87:82:77:82:
         9b:ae:4e:78
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUc8k8l96w2MN1nXD+/qGobVBwgeQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTIwMDAxMDA0WhcNMjYwMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A3YWY4Y2VhNjU5ZTAxMzQwZmZiMTU5OTM1ZGE3ZjFiNTky
NTJlZGZmZDBmMTRkNzQzY2ZmMjdhYmE2YTA5N2FjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJlteVeWcFYUeX+zJ2r7YWmTkmfOBN2aSvrQ78PfQWpaWv
prDGuGFlI6m+EQGcICjkkfcjbZBgtALmZfS10ksf5fUWhZpir2lmaIUuJE1tJoFz
Zx6+2dVo+00kgrZ96TLfTaJbR9HCHE8FqfBrmCHFhTrOtc9t+DukCtfj2UJqp2/B
BBlmkEes8PuSivb7DEvW4waT+9nlaWyfo4BOReD960uZWu5QIQ3VxlBb5qTkIIGH
G+Q2SMLp+iPSXSgf21BvQZsEwOnPHJh5LsGlwfUCDDH6IkXAGFbPcN6HjrTTAU5B
O0PP5YUVj5oBa+gGj81nR5J9DaIew0nsdAYiAAS7AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUOvd4qWP/F8D7WaCkZYLZND47TL8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJhM2FlZmRkLTIyODEtNGM1MC1hODZiLTI0ODU2OWNlMzE4OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBIljANBgkqhkiG9w0BAQsFAAOCAQEArDdkNjxqZV0Yf3xUrrT5LXCLbp0e
XFZyPdsKU82rhgva7Zd9fklpd7mTVYVZirKVVZKdXGZp8gSqtEQDkAIv4BcJvmVN
Vem3Vt56njBTabqEg7QsmaxTqSdazEJzkIUV9/7nOem6lju3KZ3i84FPAZ89/cpf
gWFF2lDeMvMB9g2kliubzeZ7gyHbAKmOiIQsLA9p5nwWx0zoVNJd/KwWVoDg1Bed
WTPuPxyI4i3Kht+ZZXY4qCtK2oALomRJlOAXNu3kcXCVn18MaJv9C5tw4OtlhwJm
07CZbWhewA+EXozUpcBjk3wwIWqFAgePF48q3m/EYXnxGdCHgneCm65OeA==
-----END CERTIFICATE-----