This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3112a797-d560-40be-8b71-e2eefd7e01b2.roa
File:                     3112a797-d560-40be-8b71-e2eefd7e01b2.roa (raw, json)
Hash identifier:          6h+E0YkxEB7nQ46sCWm7etsL5jCH56ho/998LDm7YDQ=
Subject key identifier:   96:69:9A:1C:07:C3:30:B4:8A:E2:17:56:0D:EA:36:CE:CA:CF:94:DE
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       164ACA91476C21DE852F6753A210335D6233C511
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3112a797-d560-40be-8b71-e2eefd7e01b2.roa
Signing time:             Sat 29 Nov 2025 00:00:39 +0000
ROA not before:           Sat 29 Nov 2025 00:00:39 +0000
ROA not after:            Fri 27 Feb 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        75.47.0.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 07 Dec 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:4a:ca:91:47:6c:21:de:85:2f:67:53:a2:10:33:5d:62:33:c5:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 29 00:00:39 2025 GMT
            Not After : Feb 27 23:59:59 2026 GMT
        Subject: serialNumber=dc2f656f88e4e67b7039b5e61d4a82cb1f9238c3913762bc1b82c7d09c4a4a37, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:8a:81:c1:3d:3e:51:ee:62:ce:b2:d2:14:15:
                    9e:03:4a:1e:03:c0:37:1f:93:8c:1a:5e:da:8f:14:
                    d6:e9:38:5f:7a:7e:db:33:fb:14:a2:c0:3d:95:15:
                    73:02:d8:0c:0e:d2:67:a6:c6:74:7d:3b:8b:4d:91:
                    42:70:de:22:c1:30:09:fe:0b:ff:7d:86:d3:f1:1c:
                    78:e9:2f:0d:09:4c:fa:d1:49:48:c0:5a:11:9f:df:
                    2d:a2:83:46:b3:c6:77:d1:89:08:67:96:de:d5:a3:
                    1d:52:a9:90:91:a1:98:d9:5f:8f:72:97:5e:90:15:
                    ad:98:6c:8e:8e:00:81:4a:bc:63:42:7e:23:b5:46:
                    dd:2e:32:00:a7:72:8a:86:a4:13:cd:f3:3e:6d:4b:
                    9d:8a:03:93:1e:83:01:ff:0c:87:43:7c:0b:0a:58:
                    c0:cd:a7:d2:46:20:37:f9:3c:4c:f7:4d:e1:17:01:
                    1d:56:83:7d:3d:34:41:4c:0d:66:4f:70:e3:1f:d1:
                    03:dd:05:90:64:59:8c:1f:6b:9b:be:61:31:ae:ed:
                    98:b8:d3:b4:69:02:d0:42:34:d8:ca:7e:36:43:05:
                    58:74:d3:c8:87:f1:2a:6a:9d:29:76:e5:64:2a:f8:
                    c5:ce:35:ca:34:9a:3e:a7:55:53:6a:36:9b:ae:69:
                    b9:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:69:9A:1C:07:C3:30:B4:8A:E2:17:56:0D:EA:36:CE:CA:CF:94:DE
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3112a797-d560-40be-8b71-e2eefd7e01b2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  75.47.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         31:25:a9:d8:20:21:c1:b1:1a:74:74:2d:e4:0f:f1:f9:f4:31:
         45:de:5d:6f:34:d2:f8:ad:bf:eb:fc:41:18:f6:a5:b6:cf:67:
         52:99:30:8f:f6:31:87:af:67:1f:40:de:16:05:3f:f9:17:ee:
         10:88:82:b8:07:d3:8b:8b:20:1b:20:2c:1b:0d:93:25:31:43:
         38:d4:04:62:15:68:e3:48:19:27:ad:77:56:d3:75:fe:13:55:
         f5:d5:f8:62:1f:7e:57:86:c0:44:24:12:98:92:b9:7b:95:85:
         35:bb:3b:f7:dc:c4:78:b4:49:ea:9c:75:f3:43:4b:e0:a5:b2:
         68:01:a3:29:3f:62:92:13:a1:50:eb:8e:8a:a8:8c:af:c4:f0:
         3d:a8:16:e4:ca:23:a7:5c:b1:6b:e0:bd:c9:72:eb:02:69:d6:
         03:a4:f8:71:0a:ee:7b:87:ea:d0:ba:7d:14:57:0b:1a:c4:35:
         20:23:4c:12:c5:4e:18:a7:d1:57:c0:72:95:6f:cc:cc:49:ed:
         e9:e7:d6:68:8d:54:6b:54:1a:96:02:b3:c5:c1:98:af:ed:ee:
         d0:67:36:bf:fe:01:dc:2e:c5:0f:1d:df:e7:00:bb:0f:f1:be:
         9f:54:08:70:50:9e:fb:f0:d4:b0:10:3a:ad:31:da:13:dd:9f:
         b2:aa:60:4e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFkrKkUdsId6FL2dTohAzXWIzxREwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTI5MDAwMDM5WhcNMjYwMjI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BkYzJmNjU2Zjg4ZTRlNjdiNzAzOWI1ZTYxZDRhODJjYjFm
OTIzOGMzOTEzNzYyYmMxYjgyYzdkMDljNGE0YTM3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFioHBPT5R7mLOstIUFZ4DSh4DwDcfk4waXtqPFNbpOF96
ftsz+xSiwD2VFXMC2AwO0memxnR9O4tNkUJw3iLBMAn+C/99htPxHHjpLw0JTPrR
SUjAWhGf3y2ig0azxnfRiQhnlt7Vox1SqZCRoZjZX49yl16QFa2YbI6OAIFKvGNC
fiO1Rt0uMgCncoqGpBPN8z5tS52KA5MegwH/DIdDfAsKWMDNp9JGIDf5PEz3TeEX
AR1Wg309NEFMDWZPcOMf0QPdBZBkWYwfa5u+YTGu7Zi407RpAtBCNNjKfjZDBVh0
08iH8SpqnSl25WQq+MXONco0mj6nVVNqNpuuabmzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUlmmaHAfDMLSK4hdWDeo2zsrPlN4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzMxMTJhNzk3LWQ1NjAtNDBiZS04YjcxLWUyZWVmZDdlMDFiMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZLLwAwDQYJKoZIhvcNAQELBQADggEBADElqdggIcGxGnR0LeQP8fn0MUXe
XW800vitv+v8QRj2pbbPZ1KZMI/2MYevZx9A3hYFP/kX7hCIgrgH04uLIBsgLBsN
kyUxQzjUBGIVaONIGSetd1bTdf4TVfXV+GIffleGwEQkEpiSuXuVhTW7O/fcxHi0
SeqcdfNDS+ClsmgBoyk/YpIToVDrjoqojK/E8D2oFuTKI6dcsWvgvcly6wJp1gOk
+HEK7nuH6tC6fRRXCxrENSAjTBLFThin0VfAcpVvzMxJ7enn1miNVGtUGpYCs8XB
mK/t7tBnNr/+AdwuxQ8d3+cAuw/xvp9UCHBQnvvw1LAQOq0x2hPdn7KqYE4=
-----END CERTIFICATE-----