This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/aa9b2c74-44be-4506-8c26-0e262e9213ae.roa
File:                     aa9b2c74-44be-4506-8c26-0e262e9213ae.roa (raw, json)
Hash identifier:          406/q/D5RNL8Z4qVRWcFkCXOjZ7TK58iVXct8xWTHHI=
Subject key identifier:   07:3D:61:7D:7D:3D:AD:06:2E:98:38:CC:3D:16:3C:5B:A2:E1:B8:B3
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4391E561FA964346482026B47D6C0C770E05E2C4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/aa9b2c74-44be-4506-8c26-0e262e9213ae.roa
Signing time:             Sun 30 Nov 2025 00:20:05 +0000
ROA not before:           Sun 30 Nov 2025 00:20:05 +0000
ROA not after:            Sat 28 Feb 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        207.21.248.0/21 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 08 Dec 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:91:e5:61:fa:96:43:46:48:20:26:b4:7d:6c:0c:77:0e:05:e2:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 30 00:20:05 2025 GMT
            Not After : Feb 28 23:59:59 2026 GMT
        Subject: serialNumber=2b7632ac55669b6d43ec5c7e0bfde1d2151b7e5a9cc1960e8f770c7d525a67c9, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:8c:6a:5c:64:a9:da:d4:e0:27:52:26:2c:e9:
                    f2:3b:02:99:fc:17:1a:e6:a9:1b:2b:a8:25:6b:53:
                    e6:d1:25:11:a3:3c:8c:f1:5d:9d:f3:43:d0:f2:49:
                    0a:c3:4d:91:8b:d3:1e:e5:6c:86:fb:da:d5:6e:04:
                    06:dc:86:be:49:36:d1:ce:eb:bd:9f:5e:80:7d:2b:
                    29:2b:1a:15:bc:b2:91:0e:aa:64:7e:92:4a:08:a7:
                    47:8c:54:97:4f:52:5f:60:4a:bf:7d:88:80:87:a7:
                    db:1d:97:fd:b9:46:57:3e:1d:4b:3f:c4:15:1e:88:
                    00:0e:9b:4b:3e:a6:29:5a:95:47:2c:b3:b8:ea:bd:
                    f0:8d:4d:c3:99:82:21:b3:9e:b1:bd:b5:ae:03:16:
                    a5:6d:03:04:b6:e5:7d:a9:ad:69:fc:5a:45:38:79:
                    96:6a:49:35:db:36:bc:cf:8e:0a:f8:23:cd:cc:d6:
                    ab:69:a8:62:23:e5:38:aa:5c:78:59:d7:3d:64:96:
                    48:10:77:d0:88:7a:2d:b9:87:de:b6:71:76:32:c2:
                    ad:e4:f1:2c:62:b9:5a:df:16:93:39:22:9b:43:74:
                    b9:21:8f:06:42:72:c5:1a:a7:8b:b7:3d:12:61:de:
                    8e:9a:10:6b:59:af:c3:91:c1:ff:24:cb:6e:ea:55:
                    8f:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:3D:61:7D:7D:3D:AD:06:2E:98:38:CC:3D:16:3C:5B:A2:E1:B8:B3
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/aa9b2c74-44be-4506-8c26-0e262e9213ae.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  207.21.248.0/21

    Signature Algorithm: sha256WithRSAEncryption
         23:7c:fd:99:03:63:3c:a4:48:9e:15:4e:9c:75:82:32:25:63:
         22:03:1a:ee:91:b4:a7:11:73:7c:04:1c:06:34:27:99:50:12:
         f2:ad:fd:bc:c0:d5:42:0a:d0:12:1b:c4:77:a7:23:80:b5:e4:
         87:59:55:8d:0d:2e:d6:95:5a:a2:1a:0d:6a:a4:d5:53:70:bc:
         bd:8f:f4:82:af:37:74:ee:89:3b:9c:d3:38:74:04:20:f6:d7:
         62:41:3b:61:8c:52:a0:21:aa:91:f0:e0:78:77:51:62:7d:41:
         8a:44:1d:60:7b:99:38:70:da:ae:81:a9:2a:bd:0b:d1:6d:50:
         87:95:3e:91:15:dd:32:b2:b5:79:96:69:ec:06:b8:a8:3c:16:
         7f:14:5e:00:70:b7:a5:37:36:23:fa:2c:06:7c:0c:2d:a0:55:
         08:96:ea:c0:3a:62:21:6e:74:b8:a7:6f:76:bc:0b:c3:a7:eb:
         37:76:bd:60:ac:74:94:5e:30:1e:37:e3:d8:87:f3:e1:a4:02:
         d9:ed:c2:4d:87:fd:7a:cc:7e:35:bd:d1:26:3a:75:4b:81:e8:
         d0:4f:a1:04:a3:b4:19:dd:2d:9e:7c:5f:78:af:9c:45:f4:e3:
         e9:19:ab:f0:2a:e1:2c:a7:ba:96:33:e5:18:d6:b2:6c:ff:d8:
         3f:55:1e:05
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQ5HlYfqWQ0ZIICa0fWwMdw4F4sQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTMwMDAyMDA1WhcNMjYwMjI4MjM1OTU5
WjB6MUkwRwYDVQQFE0AyYjc2MzJhYzU1NjY5YjZkNDNlYzVjN2UwYmZkZTFkMjE1
MWI3ZTVhOWNjMTk2MGU4Zjc3MGM3ZDUyNWE2N2M5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCkjGpcZKna1OAnUiYs6fI7Apn8FxrmqRsrqCVrU+bRJRGj
PIzxXZ3zQ9DySQrDTZGL0x7lbIb72tVuBAbchr5JNtHO672fXoB9KykrGhW8spEO
qmR+kkoIp0eMVJdPUl9gSr99iICHp9sdl/25Rlc+HUs/xBUeiAAOm0s+pilalUcs
s7jqvfCNTcOZgiGznrG9ta4DFqVtAwS25X2prWn8WkU4eZZqSTXbNrzPjgr4I83M
1qtpqGIj5TiqXHhZ1z1klkgQd9CIei25h962cXYywq3k8SxiuVrfFpM5IptDdLkh
jwZCcsUap4u3PRJh3o6aEGtZr8ORwf8ky27qVY8VAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUBz1hfX09rQYumDjMPRY8W6LhuLMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FhOWIyYzc0LTQ0YmUtNDUwNi04YzI2LTBlMjYyZTkyMTNhZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAPPFfgwDQYJKoZIhvcNAQELBQADggEBACN8/ZkDYzykSJ4VTpx1gjIlYyID
Gu6RtKcRc3wEHAY0J5lQEvKt/bzA1UIK0BIbxHenI4C15IdZVY0NLtaVWqIaDWqk
1VNwvL2P9IKvN3TuiTuc0zh0BCD212JBO2GMUqAhqpHw4Hh3UWJ9QYpEHWB7mThw
2q6BqSq9C9FtUIeVPpEV3TKytXmWaewGuKg8Fn8UXgBwt6U3NiP6LAZ8DC2gVQiW
6sA6YiFudLinb3a8C8On6zd2vWCsdJReMB4349iH8+GkAtntwk2H/XrMfjW90SY6
dUuB6NBPoQSjtBndLZ58X3ivnEX04+kZq/Aq4SynupYz5RjWsmz/2D9VHgU=
-----END CERTIFICATE-----