This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/45857694-e31f-402e-8257-3676e1f390ba.roa
File:                     45857694-e31f-402e-8257-3676e1f390ba.roa (raw, json)
Hash identifier:          3PiYP9FR/KgCRqfSoTld5ypoCrmwCbwr9aTeSktsJGE=
Subject key identifier:   C8:19:6A:69:79:8C:43:17:E9:32:0C:BA:50:D4:68:76:01:34:3A:F2
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       284A2D322323E1D497AED4422DF1A1454B5B084C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/45857694-e31f-402e-8257-3676e1f390ba.roa
Signing time:             Wed 19 Nov 2025 00:20:08 +0000
ROA not before:           Wed 19 Nov 2025 00:20:08 +0000
ROA not after:            Tue 17 Feb 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        147.106.0.0/18 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 07 Dec 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:4a:2d:32:23:23:e1:d4:97:ae:d4:42:2d:f1:a1:45:4b:5b:08:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 19 00:20:08 2025 GMT
            Not After : Feb 17 23:59:59 2026 GMT
        Subject: serialNumber=f3399a7e615de8d5b195346241b676c97de2369d796e576af61ff0a372c76c1a, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:55:d5:de:75:75:33:28:d9:74:76:bf:c7:38:
                    2d:59:2e:17:e1:43:44:61:fa:c0:ba:ca:02:37:b1:
                    4a:18:b6:e0:82:d1:32:91:bd:f2:eb:02:8d:4f:43:
                    d7:b2:8f:db:1c:08:e7:f7:16:4b:3f:de:10:48:a4:
                    c8:3e:e5:88:d0:c6:05:42:e4:0b:a6:d5:74:95:04:
                    62:df:73:93:3a:3c:20:68:bd:d0:54:ae:af:6b:b5:
                    14:82:77:27:bd:e0:e4:a2:ea:3b:e0:25:48:4d:06:
                    f6:c4:57:f4:ca:ef:33:6e:7f:f9:41:09:a3:41:e2:
                    b9:d9:1d:fb:75:86:cd:35:c2:a0:78:59:36:46:56:
                    32:7a:57:17:c6:f3:01:c8:f0:9a:78:3d:0b:fb:57:
                    a8:35:05:ef:23:aa:a6:ec:b5:97:e3:c5:38:f6:c7:
                    b6:b5:51:8f:4f:b5:63:be:42:a3:97:6b:35:13:0c:
                    f2:09:9b:a8:e6:bb:b8:7a:59:95:fd:ad:e0:f3:0c:
                    62:54:90:7e:ad:04:fc:62:02:91:20:e4:27:ff:cc:
                    b3:e3:27:16:7a:ba:08:4a:3c:2c:be:f3:ea:a8:b8:
                    9c:12:e0:5d:e4:f0:ec:48:e5:46:7e:9e:90:2c:bd:
                    0c:ea:3f:de:14:b2:e9:fb:1d:8c:c0:ff:84:5c:03:
                    e9:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:19:6A:69:79:8C:43:17:E9:32:0C:BA:50:D4:68:76:01:34:3A:F2
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/45857694-e31f-402e-8257-3676e1f390ba.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.106.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         8c:11:33:11:cc:41:da:60:8a:be:36:91:48:9d:4b:8e:94:50:
         ab:51:7f:79:fc:38:63:bf:32:f2:72:b2:2c:ad:f1:95:e0:a2:
         30:2f:a9:1c:3f:76:cd:a2:b8:2e:b7:bc:c3:3f:de:f9:d7:41:
         64:58:b4:3a:55:db:94:42:cc:e1:8e:98:de:a2:18:e1:b1:da:
         6e:f9:07:15:ca:06:f3:81:b6:5d:54:dd:5e:94:d9:1c:f6:08:
         0a:8b:f2:7c:be:07:79:c2:12:4f:32:a8:8d:7a:44:52:b2:1d:
         a4:69:17:7e:13:36:8a:75:1b:c4:e9:54:ea:44:1f:d9:d1:9f:
         64:f7:fe:11:16:32:23:20:53:7e:1e:8d:f1:c1:8e:73:83:6a:
         4a:41:e3:b4:80:b3:b7:78:02:50:cc:c6:06:43:da:34:28:a4:
         96:45:d9:39:82:c7:04:86:65:b8:bc:f6:3b:0f:a6:0d:a0:ad:
         9f:99:a1:3b:4c:a0:dd:31:f0:7a:8f:d6:d9:2d:a5:de:5f:4f:
         4e:c7:39:63:62:00:7d:ab:6c:12:4d:11:a6:87:b6:4f:dd:b8:
         7e:62:e8:63:fc:a9:a4:bf:67:94:d4:19:20:8a:df:ce:f4:d9:
         60:d3:a5:c4:86:a9:dc:bd:c2:f0:2b:51:20:92:32:60:4e:3a:
         88:86:26:3b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKEotMiMj4dSXrtRCLfGhRUtbCEwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTE5MDAyMDA4WhcNMjYwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BmMzM5OWE3ZTYxNWRlOGQ1YjE5NTM0NjI0MWI2NzZjOTdk
ZTIzNjlkNzk2ZTU3NmFmNjFmZjBhMzcyYzc2YzFhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCqVdXedXUzKNl0dr/HOC1ZLhfhQ0Rh+sC6ygI3sUoYtuCC
0TKRvfLrAo1PQ9eyj9scCOf3Fks/3hBIpMg+5YjQxgVC5Aum1XSVBGLfc5M6PCBo
vdBUrq9rtRSCdye94OSi6jvgJUhNBvbEV/TK7zNuf/lBCaNB4rnZHft1hs01wqB4
WTZGVjJ6VxfG8wHI8Jp4PQv7V6g1Be8jqqbstZfjxTj2x7a1UY9PtWO+QqOXazUT
DPIJm6jmu7h6WZX9reDzDGJUkH6tBPxiApEg5Cf/zLPjJxZ6ughKPCy+8+qouJwS
4F3k8OxI5UZ+npAsvQzqP94Usun7HYzA/4RcA+lDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUyBlqaXmMQxfpMgy6UNRodgE0OvIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ1ODU3Njk0LWUzMWYtNDAyZS04MjU3LTM2NzZlMWYzOTBiYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAaTagAwDQYJKoZIhvcNAQELBQADggEBAIwRMxHMQdpgir42kUidS46UUKtR
f3n8OGO/MvJysiyt8ZXgojAvqRw/ds2iuC63vMM/3vnXQWRYtDpV25RCzOGOmN6i
GOGx2m75BxXKBvOBtl1U3V6U2Rz2CAqL8ny+B3nCEk8yqI16RFKyHaRpF34TNop1
G8TpVOpEH9nRn2T3/hEWMiMgU34ejfHBjnODakpB47SAs7d4AlDMxgZD2jQopJZF
2TmCxwSGZbi89jsPpg2grZ+ZoTtMoN0x8HqP1tktpd5fT07HOWNiAH2rbBJNEaaH
tk/duH5i6GP8qaS/Z5TUGSCK38702WDTpcSGqdy9wvArUSCSMmBOOoiGJjs=
-----END CERTIFICATE-----