This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ab21c5f9-ce84-4471-a364-da93073d3430.roa
File:                     ab21c5f9-ce84-4471-a364-da93073d3430.roa (raw, json)
Hash identifier:          34nmXbo95TeZ+/+OCAe4S0HxRVvjKWh+8Kl+uxV0oqM=
Subject key identifier:   B1:02:0F:79:4C:D5:D6:AC:B8:FE:45:2B:65:70:F5:5C:0D:AF:DD:9F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0BA763B649BB385E225A5840E8F7999493E7BFF3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ab21c5f9-ce84-4471-a364-da93073d3430.roa
Signing time:             Sat 22 Nov 2025 00:50:09 +0000
ROA not before:           Sat 22 Nov 2025 00:50:09 +0000
ROA not after:            Fri 20 Feb 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        199.35.64.0/19 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 07 Dec 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:a7:63:b6:49:bb:38:5e:22:5a:58:40:e8:f7:99:94:93:e7:bf:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 22 00:50:09 2025 GMT
            Not After : Feb 20 23:59:59 2026 GMT
        Subject: serialNumber=e54edade5ae5ad8a12447886a86b3b2554c98d3a8002219b3ad06dc0e3d55b88, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:8a:bb:46:ae:9c:7a:44:0c:fd:39:34:b2:bd:
                    e2:7b:c3:ec:d2:af:85:69:ad:2d:d4:96:65:41:ad:
                    4a:d6:d9:5e:fb:f3:9c:4b:22:fd:db:9d:d0:b8:6d:
                    3e:9a:df:9d:03:bf:1a:93:7c:33:54:aa:ef:7c:79:
                    eb:1e:65:a3:25:78:99:70:18:03:01:18:ef:e2:df:
                    2f:69:fb:57:3f:a4:5e:1c:12:1e:cc:a2:91:b2:99:
                    c1:cf:21:c0:bd:02:9c:b5:ea:5e:42:1d:de:c8:1f:
                    8f:30:07:c1:4b:e7:e2:35:9f:da:9d:58:70:ae:35:
                    a7:91:95:27:96:23:7b:c0:4f:0e:ab:c4:26:42:99:
                    a1:7b:61:82:27:7b:e7:c1:8b:9b:8e:27:00:32:95:
                    e5:b9:8f:ab:eb:0a:82:9b:3b:80:fc:b7:31:9d:93:
                    83:99:fc:0e:8f:78:8b:85:19:d2:fd:3a:d4:52:15:
                    45:67:83:3c:d3:5e:ff:df:4b:ec:fa:c1:21:d8:3c:
                    8e:99:94:ef:fe:a0:f2:2a:f7:68:7f:78:34:8d:68:
                    4f:da:ee:4c:f9:27:8f:e9:87:ca:18:f3:b1:c3:b6:
                    cb:ca:68:37:d9:94:8a:dc:86:ae:18:27:79:47:04:
                    24:05:4e:18:e6:73:19:51:9c:b0:30:8e:56:5f:b9:
                    73:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:02:0F:79:4C:D5:D6:AC:B8:FE:45:2B:65:70:F5:5C:0D:AF:DD:9F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ab21c5f9-ce84-4471-a364-da93073d3430.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.35.64.0/19

    Signature Algorithm: sha256WithRSAEncryption
         78:47:bf:9b:5f:d7:e2:a5:4b:00:db:36:74:c2:88:72:de:10:
         b2:a1:15:f4:cd:64:5c:85:3c:91:2c:6a:9b:1d:ac:ab:b4:c8:
         55:68:48:3b:46:6f:c7:f9:a7:08:07:ae:34:a2:4c:bc:d1:3d:
         3f:ba:2e:7c:56:30:6a:ba:0d:3c:44:d2:00:2e:a5:7e:f7:6f:
         6a:a4:ba:22:bc:26:ee:b3:36:b7:4c:02:fd:c9:fc:c3:e8:26:
         d9:bc:38:1c:cd:25:63:d8:6a:c9:99:dc:2e:21:22:8d:be:a9:
         21:27:07:2b:c1:01:5e:74:8e:98:09:f5:93:1f:f3:62:4d:c1:
         6b:63:c2:78:5d:95:db:1c:37:9b:e0:13:ec:f0:42:37:e5:5f:
         a3:34:31:ab:09:74:5c:66:be:97:33:03:cc:cf:86:27:38:08:
         67:27:1a:af:5f:0a:59:41:8c:96:49:f8:74:a6:38:95:2e:65:
         d0:d8:f7:68:45:d7:5a:18:8e:f8:b5:8c:27:0f:e5:be:09:54:
         18:46:a1:0b:45:0d:cc:cd:2f:21:c0:40:8b:8a:ae:87:55:1e:
         6c:ff:0a:b8:ed:b1:d5:2c:b7:a3:7e:c9:29:bd:19:f6:5f:8d:
         a3:a5:67:8e:96:42:de:26:95:53:0b:35:c7:95:29:15:59:e4:
         ba:4f:a8:ab
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUC6djtkm7OF4iWlhA6PeZlJPnv/MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTIyMDA1MDA5WhcNMjYwMjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0BlNTRlZGFkZTVhZTVhZDhhMTI0NDc4ODZhODZiM2IyNTU0
Yzk4ZDNhODAwMjIxOWIzYWQwNmRjMGUzZDU1Yjg4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDMirtGrpx6RAz9OTSyveJ7w+zSr4VprS3UlmVBrUrW2V77
85xLIv3bndC4bT6a350DvxqTfDNUqu98eeseZaMleJlwGAMBGO/i3y9p+1c/pF4c
Eh7MopGymcHPIcC9Apy16l5CHd7IH48wB8FL5+I1n9qdWHCuNaeRlSeWI3vATw6r
xCZCmaF7YYIne+fBi5uOJwAyleW5j6vrCoKbO4D8tzGdk4OZ/A6PeIuFGdL9OtRS
FUVngzzTXv/fS+z6wSHYPI6ZlO/+oPIq92h/eDSNaE/a7kz5J4/ph8oY87HDtsvK
aDfZlIrchq4YJ3lHBCQFThjmcxlRnLAwjlZfuXMPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUsQIPeUzV1qy4/kUrZXD1XA2v3Z8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FiMjFjNWY5LWNlODQtNDQ3MS1hMzY0LWRhOTMwNzNkMzQzMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAXHI0AwDQYJKoZIhvcNAQELBQADggEBAHhHv5tf1+KlSwDbNnTCiHLeELKh
FfTNZFyFPJEsapsdrKu0yFVoSDtGb8f5pwgHrjSiTLzRPT+6LnxWMGq6DTxE0gAu
pX73b2qkuiK8Ju6zNrdMAv3J/MPoJtm8OBzNJWPYasmZ3C4hIo2+qSEnByvBAV50
jpgJ9ZMf82JNwWtjwnhdldscN5vgE+zwQjflX6M0MasJdFxmvpczA8zPhic4CGcn
Gq9fCllBjJZJ+HSmOJUuZdDY92hF11oYjvi1jCcP5b4JVBhGoQtFDczNLyHAQIuK
rodVHmz/CrjtsdUst6N+ySm9GfZfjaOlZ46WQt4mlVMLNceVKRVZ5LpPqKs=
-----END CERTIFICATE-----