This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3c52c0e6-7237-4386-a1d8-c4738c01d3a3.roa
File:                     3c52c0e6-7237-4386-a1d8-c4738c01d3a3.roa (raw, json)
Hash identifier:          lVr45QnsNWx0R+A8UJ8UXRSinSh55IDp/vmEztlp0gs=
Subject key identifier:   6E:B0:84:B3:A5:64:A7:8E:DB:50:11:CE:E5:36:C2:76:80:F9:96:0D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1C4AFBEDF4CB7E6A24DC96A597F4F0C031B1576B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3c52c0e6-7237-4386-a1d8-c4738c01d3a3.roa
Signing time:             Thu 20 Nov 2025 00:10:06 +0000
ROA not before:           Thu 20 Nov 2025 00:10:06 +0000
ROA not after:            Wed 18 Feb 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        32.160.0.0/14 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 08 Dec 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1c:4a:fb:ed:f4:cb:7e:6a:24:dc:96:a5:97:f4:f0:c0:31:b1:57:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 20 00:10:06 2025 GMT
            Not After : Feb 18 23:59:59 2026 GMT
        Subject: serialNumber=676eadba2e7bc0578e1295a8df48dbbb82ede7302ed43a5938834cd5017d549a, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:d0:58:88:4f:4d:67:a0:18:63:74:ee:f2:64:
                    1c:48:d0:2f:97:14:a4:df:d7:cf:79:3c:99:8f:5a:
                    cd:cc:b6:ea:48:d7:63:5e:58:c5:7f:2d:e8:84:5b:
                    ee:3c:84:67:cd:6a:d4:ff:8c:f8:30:7f:0e:81:c1:
                    2a:a2:63:64:e7:b8:54:37:35:14:55:ac:43:8c:de:
                    0c:9b:fc:67:29:50:96:ae:a9:5b:27:46:f2:7f:e1:
                    89:94:ae:4a:65:46:5d:b9:90:74:b0:3f:0c:9f:0a:
                    32:73:30:f3:19:cc:ea:b4:01:06:69:c0:ff:5d:c5:
                    3c:b1:38:78:be:7a:bf:41:05:6c:b3:5b:53:cd:69:
                    a5:7c:d5:03:f7:9c:c0:4a:4c:c6:55:50:02:64:ae:
                    4e:07:7a:ba:b6:35:b9:9e:a0:08:15:73:70:50:bb:
                    64:f5:88:a6:e5:e3:68:6e:9e:74:0d:2e:49:66:fa:
                    ae:06:a7:32:41:76:c4:f7:bb:90:02:a7:58:2a:e8:
                    41:de:7b:91:67:11:da:dc:7f:c4:62:a4:32:5a:18:
                    d9:4b:f6:c9:0c:2a:92:56:fc:aa:d5:7f:50:e5:e8:
                    65:52:6d:08:79:e6:16:79:5c:7f:76:b8:c4:50:89:
                    2c:1a:e1:95:f7:e6:86:d1:53:1b:84:9e:77:36:23:
                    62:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:B0:84:B3:A5:64:A7:8E:DB:50:11:CE:E5:36:C2:76:80:F9:96:0D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3c52c0e6-7237-4386-a1d8-c4738c01d3a3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  32.160.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         4b:e5:2d:76:98:e7:24:1d:72:3d:bc:28:95:8b:4a:88:bf:8f:
         37:55:09:41:8d:b1:0b:f4:f7:dd:98:d3:d4:34:39:37:08:3a:
         bc:3a:c9:ca:fa:e2:21:9c:b6:eb:21:d7:c8:29:b4:d4:e8:94:
         4a:09:6a:a5:d3:67:a6:c3:a1:d3:32:d1:56:7a:d3:93:6b:ea:
         d9:1b:6f:52:f0:5d:c3:7d:e6:bd:44:dd:c7:99:c6:9b:f4:55:
         4e:c5:39:ff:14:ee:cf:b9:a0:ff:17:69:b4:06:da:87:89:9f:
         b9:1b:c5:32:20:7f:85:64:b2:e8:7d:c5:23:77:6f:b4:1a:d0:
         3b:67:3a:13:b6:63:fc:76:da:07:55:63:88:ac:85:0a:e7:95:
         1d:e2:cd:83:d1:1e:1c:c4:a9:67:3f:8c:dd:b2:c3:50:8a:02:
         47:d7:55:e4:93:fe:47:ed:5c:75:38:c3:3e:20:bb:d2:2e:87:
         1a:19:ce:f1:70:04:58:44:a4:70:01:05:ac:2c:6b:d2:69:77:
         b9:ac:2c:73:f8:7f:06:56:d1:b0:de:e5:63:d2:6c:60:be:e9:
         17:83:87:d9:9f:f3:5f:3c:2a:e1:b2:ba:33:24:bc:65:85:ad:
         82:08:93:34:2b:f7:21:e6:5a:8a:a2:51:ee:9e:5f:c2:1e:4a:
         14:d5:47:c1
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUHEr77fTLfmok3Jall/TwwDGxV2swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTIwMDAxMDA2WhcNMjYwMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A2NzZlYWRiYTJlN2JjMDU3OGUxMjk1YThkZjQ4ZGJiYjgy
ZWRlNzMwMmVkNDNhNTkzODgzNGNkNTAxN2Q1NDlhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCY0FiIT01noBhjdO7yZBxI0C+XFKTf1895PJmPWs3MtupI
12NeWMV/LeiEW+48hGfNatT/jPgwfw6BwSqiY2TnuFQ3NRRVrEOM3gyb/GcpUJau
qVsnRvJ/4YmUrkplRl25kHSwPwyfCjJzMPMZzOq0AQZpwP9dxTyxOHi+er9BBWyz
W1PNaaV81QP3nMBKTMZVUAJkrk4Herq2NbmeoAgVc3BQu2T1iKbl42hunnQNLklm
+q4GpzJBdsT3u5ACp1gq6EHee5FnEdrcf8RipDJaGNlL9skMKpJW/KrVf1Dl6GVS
bQh55hZ5XH92uMRQiSwa4ZX35obRUxuEnnc2I2IXAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUbrCEs6Vkp47bUBHO5TbCdoD5lg0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNjNTJjMGU2LTcyMzctNDM4Ni1hMWQ4LWM0NzM4YzAxZDNhMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwIgoDANBgkqhkiG9w0BAQsFAAOCAQEAS+UtdpjnJB1yPbwolYtKiL+PN1UJ
QY2xC/T33ZjT1DQ5Nwg6vDrJyvriIZy26yHXyCm01OiUSglqpdNnpsOh0zLRVnrT
k2vq2RtvUvBdw33mvUTdx5nGm/RVTsU5/xTuz7mg/xdptAbah4mfuRvFMiB/hWSy
6H3FI3dvtBrQO2c6E7Zj/HbaB1VjiKyFCueVHeLNg9EeHMSpZz+M3bLDUIoCR9dV
5JP+R+1cdTjDPiC70i6HGhnO8XAEWESkcAEFrCxr0ml3uawsc/h/BlbRsN7lY9Js
YL7pF4OH2Z/zXzwq4bK6MyS8ZYWtggiTNCv3IeZaiqJR7p5fwh5KFNVHwQ==
-----END CERTIFICATE-----