This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8756ab5a-c0b9-47e7-85b9-11c7e70d38d7.roa
File:                     8756ab5a-c0b9-47e7-85b9-11c7e70d38d7.roa (raw, json)
Hash identifier:          +ceFbYICdVjnsMbiuQd0RfUiDIYYwdEPA5j/gKXu2wM=
Subject key identifier:   5E:19:FA:A8:AB:00:66:D3:E3:9E:6D:8A:B6:2A:59:3A:0B:E7:14:64
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       48152EE427E8A819B0774DD97656D3B90CDFD6B7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8756ab5a-c0b9-47e7-85b9-11c7e70d38d7.roa
Signing time:             Thu 27 Nov 2025 00:21:11 +0000
ROA not before:           Thu 27 Nov 2025 00:21:11 +0000
ROA not after:            Wed 25 Feb 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        99.151.156.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 07 Dec 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:15:2e:e4:27:e8:a8:19:b0:77:4d:d9:76:56:d3:b9:0c:df:d6:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 27 00:21:11 2025 GMT
            Not After : Feb 25 23:59:59 2026 GMT
        Subject: serialNumber=f764199cf489d3cf5d65513d42af3f8515d6c6bc6634982ad5e3685e9171f600, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:ef:d3:2b:4d:5b:75:da:ef:a3:86:4c:33:61:
                    90:43:7b:16:f1:23:be:f9:d3:4b:2b:9f:d8:53:76:
                    d0:32:72:6f:bf:3e:53:bb:e9:0e:9b:80:f3:c1:49:
                    7c:72:7a:c0:90:c6:10:6d:88:66:82:86:64:2c:8a:
                    ce:1e:3a:55:41:db:1e:4a:1f:a3:33:ed:de:62:3f:
                    ee:15:b6:9c:48:23:be:40:1f:b5:cf:aa:66:fc:90:
                    7b:28:cd:72:08:7f:a0:84:62:74:76:13:bd:3e:bb:
                    ad:c9:f6:7a:d1:55:1f:58:db:a6:28:4a:03:96:f6:
                    8d:62:fa:d7:1e:dd:4e:dc:51:92:78:bf:dd:c5:76:
                    3b:77:00:f9:2b:72:bb:4b:e5:c6:ff:cd:ae:c7:ba:
                    0c:3e:fa:97:77:2a:db:71:55:5c:1a:f7:7b:01:9c:
                    65:e6:48:a3:7b:1a:6d:b8:8e:2f:aa:98:2d:a4:3d:
                    e8:88:ba:76:45:ab:85:c7:5e:d2:a0:b9:38:11:d5:
                    f5:0b:52:34:a8:43:1a:2e:21:37:ff:59:aa:2e:21:
                    db:e7:7e:76:d8:1b:01:29:f8:c8:b8:82:55:c1:40:
                    77:c8:c0:9c:f2:d7:c7:4f:74:95:b6:2a:da:a7:e7:
                    99:25:39:c2:ca:f6:0e:82:21:bf:5d:ae:f8:8e:77:
                    58:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:19:FA:A8:AB:00:66:D3:E3:9E:6D:8A:B6:2A:59:3A:0B:E7:14:64
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8756ab5a-c0b9-47e7-85b9-11c7e70d38d7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.151.156.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2f:50:ec:93:70:e0:49:f3:ca:17:df:7b:c0:b7:b0:26:52:78:
         40:29:64:d6:6f:b9:40:b3:06:24:8c:b0:a1:5d:00:42:7d:98:
         9b:09:b8:cd:49:e3:8c:b8:c6:e9:29:f8:14:68:e0:cc:0f:01:
         43:f7:2e:e9:7a:8f:36:a1:cb:bf:e9:9d:49:0b:e6:b1:40:0b:
         66:a2:1a:80:d6:41:af:93:93:2e:1b:3e:50:97:b6:29:08:b2:
         f7:cb:81:7b:34:a9:9d:d1:2f:d3:a6:80:55:61:8e:26:8a:26:
         89:51:5e:63:f2:41:3d:d1:3f:95:a7:8e:7e:ed:95:be:ed:2b:
         92:f1:da:8e:d8:31:c8:03:0b:42:0e:99:9f:c0:7c:51:71:fa:
         48:e1:34:75:b6:93:e5:f4:09:14:16:6c:38:56:7c:1a:4f:dd:
         7a:97:3c:35:39:dc:4b:5b:f5:74:09:ee:56:b4:7d:71:75:8d:
         58:6c:8f:96:be:ef:16:c9:5c:9f:b7:b2:a4:ad:b5:e4:6f:b2:
         e3:c7:ae:89:11:78:2e:6c:56:c7:02:ae:20:6e:7d:44:6c:8a:
         ce:37:64:71:42:9a:07:73:88:c3:82:03:50:36:4e:10:5a:0e:
         2e:07:34:36:09:19:1b:83:99:b1:2d:c9:d2:68:72:02:b6:61:
         b6:f2:c7:f1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSBUu5CfoqBmwd03ZdlbTuQzf1rcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTI3MDAyMTExWhcNMjYwMjI1MjM1OTU5
WjB6MUkwRwYDVQQFE0BmNzY0MTk5Y2Y0ODlkM2NmNWQ2NTUxM2Q0MmFmM2Y4NTE1
ZDZjNmJjNjYzNDk4MmFkNWUzNjg1ZTkxNzFmNjAwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCU79MrTVt12u+jhkwzYZBDexbxI77500srn9hTdtAycm+/
PlO76Q6bgPPBSXxyesCQxhBtiGaChmQsis4eOlVB2x5KH6Mz7d5iP+4VtpxII75A
H7XPqmb8kHsozXIIf6CEYnR2E70+u63J9nrRVR9Y26YoSgOW9o1i+tce3U7cUZJ4
v93Fdjt3APkrcrtL5cb/za7Hugw++pd3KttxVVwa93sBnGXmSKN7Gm24ji+qmC2k
PeiIunZFq4XHXtKguTgR1fULUjSoQxouITf/WaouIdvnfnbYGwEp+Mi4glXBQHfI
wJzy18dPdJW2Ktqn55klOcLK9g6CIb9drviOd1gVAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUXhn6qKsAZtPjnm2KtipZOgvnFGQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg3NTZhYjVhLWMwYjktNDdlNy04NWI5LTExYzdlNzBkMzhkNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFjl5wwDQYJKoZIhvcNAQELBQADggEBAC9Q7JNw4Enzyhffe8C3sCZSeEAp
ZNZvuUCzBiSMsKFdAEJ9mJsJuM1J44y4xukp+BRo4MwPAUP3Lul6jzahy7/pnUkL
5rFAC2aiGoDWQa+Tky4bPlCXtikIsvfLgXs0qZ3RL9OmgFVhjiaKJolRXmPyQT3R
P5Wnjn7tlb7tK5Lx2o7YMcgDC0IOmZ/AfFFx+kjhNHW2k+X0CRQWbDhWfBpP3XqX
PDU53Etb9XQJ7la0fXF1jVhsj5a+7xbJXJ+3sqStteRvsuPHrokReC5sVscCriBu
fURsis43ZHFCmgdziMOCA1A2ThBaDi4HNDYJGRuDmbEtydJocgK2Ybbyx/E=
-----END CERTIFICATE-----