This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c1007d85-fbf5-45da-82c5-653042baeda9.roa
File:                     c1007d85-fbf5-45da-82c5-653042baeda9.roa (raw, json)
Hash identifier:          ITUDD8rhwmioa6l44b498ZgvysdvdWU3Nouhja/2kkA=
Subject key identifier:   D5:B4:E7:C0:BC:E3:36:F7:7C:EC:DD:40:62:F5:D5:83:0A:DB:0B:D0
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       485F0A42640CBF758899AB291D7F88388DBF954E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c1007d85-fbf5-45da-82c5-653042baeda9.roa
Signing time:             Thu 20 Nov 2025 00:51:29 +0000
ROA not before:           Thu 20 Nov 2025 00:51:29 +0000
ROA not after:            Wed 18 Feb 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        16.20.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 07 Dec 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:5f:0a:42:64:0c:bf:75:88:99:ab:29:1d:7f:88:38:8d:bf:95:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 20 00:51:29 2025 GMT
            Not After : Feb 18 23:59:59 2026 GMT
        Subject: serialNumber=94ac1a717179c4a564458d20784a3b41190248c7cd93aaf3ee87c15343a7150e, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:32:23:62:48:de:b6:b7:ef:9d:c7:87:66:d6:
                    25:1b:b7:e1:e1:27:a7:19:8c:98:2f:4e:2b:2e:98:
                    be:b9:69:86:3b:10:fc:61:21:65:71:81:91:34:c9:
                    50:c6:f3:11:be:1b:fa:fe:53:7e:e9:46:55:b0:59:
                    2e:45:7c:1d:5a:2b:3e:5e:e7:42:aa:db:5d:d8:17:
                    23:bd:c8:e5:92:6a:f6:2d:e8:45:dc:95:f2:7c:43:
                    31:42:7c:8c:a3:b4:c0:2b:40:10:3b:b3:ec:60:a2:
                    79:4b:53:e3:a8:95:a2:f9:54:ae:dd:5b:2a:99:4f:
                    9d:6c:74:79:84:51:a8:18:41:fb:50:41:97:ea:fa:
                    06:60:e1:7e:c5:52:95:f7:20:58:53:99:05:e8:c4:
                    01:40:fd:65:af:1c:3d:a0:93:28:1e:5d:b8:de:ba:
                    57:b5:01:18:41:2b:23:e2:b5:41:66:e9:e3:7b:4e:
                    27:a6:4d:78:c3:dd:7f:68:ff:62:18:d5:33:77:a8:
                    7a:62:2b:e5:56:25:f7:01:5f:4a:66:07:09:85:57:
                    f3:be:76:a0:7f:ba:35:04:29:04:48:ab:61:3f:95:
                    9b:d8:a4:7d:e9:42:73:1d:0b:95:b7:08:8b:46:4e:
                    f0:7e:5c:c8:4a:d7:95:84:7f:ec:7b:f7:b3:ef:01:
                    40:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:B4:E7:C0:BC:E3:36:F7:7C:EC:DD:40:62:F5:D5:83:0A:DB:0B:D0
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c1007d85-fbf5-45da-82c5-653042baeda9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.20.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         0c:5c:00:f1:27:25:f5:7a:19:a5:79:e7:71:a6:ea:db:78:57:
         51:99:dd:ef:89:b7:f2:64:d9:53:68:f1:66:36:f2:79:a2:30:
         af:8d:a6:9b:c0:69:45:df:66:bd:05:01:2f:28:a6:b2:3b:61:
         dd:84:9e:b5:78:94:b8:4b:99:21:ac:46:74:af:26:10:f7:8b:
         ec:37:e3:57:da:82:3a:0e:1d:47:80:4e:9d:47:d2:70:24:e3:
         9f:10:67:ea:d8:ee:42:04:2d:73:ba:21:13:ba:25:4d:55:a2:
         e0:95:07:dd:39:cb:97:19:86:2f:08:64:00:d1:27:ff:41:3e:
         18:b9:b6:67:4c:20:cf:e6:d6:b1:7e:c1:f0:06:2a:8d:b1:13:
         23:9b:89:15:b1:e7:3a:7e:3f:19:86:ac:29:51:7e:e8:68:b6:
         6d:02:c6:d3:c1:14:7e:1e:0d:59:a8:42:65:b1:41:d4:e3:de:
         7d:5b:5f:88:e3:66:cd:c8:ff:9a:7a:a5:5c:98:4f:0f:0e:b3:
         b6:c6:07:34:69:09:94:dd:df:d2:e1:a9:8e:65:ea:83:b3:da:
         42:65:16:ba:ef:10:4d:96:fe:52:c6:e0:bf:68:0b:13:3d:4f:
         bf:b4:5f:58:9c:3f:57:99:64:91:4a:a9:21:f3:84:77:a9:68:
         5c:74:2c:02
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUSF8KQmQMv3WImaspHX+IOI2/lU4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTIwMDA1MTI5WhcNMjYwMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A5NGFjMWE3MTcxNzljNGE1NjQ0NThkMjA3ODRhM2I0MTE5
MDI0OGM3Y2Q5M2FhZjNlZTg3YzE1MzQzYTcxNTBlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3MiNiSN62t++dx4dm1iUbt+HhJ6cZjJgvTisumL65aYY7
EPxhIWVxgZE0yVDG8xG+G/r+U37pRlWwWS5FfB1aKz5e50Kq213YFyO9yOWSavYt
6EXclfJ8QzFCfIyjtMArQBA7s+xgonlLU+OolaL5VK7dWyqZT51sdHmEUagYQftQ
QZfq+gZg4X7FUpX3IFhTmQXoxAFA/WWvHD2gkygeXbjeule1ARhBKyPitUFm6eN7
TiemTXjD3X9o/2IY1TN3qHpiK+VWJfcBX0pmBwmFV/O+dqB/ujUEKQRIq2E/lZvY
pH3pQnMdC5W3CItGTvB+XMhK15WEf+x797PvAUDTAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU1bTnwLzjNvd87N1AYvXVgwrbC9AwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2MxMDA3ZDg1LWZiZjUtNDVkYS04MmM1LTY1MzA0MmJhZWRhOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQFDANBgkqhkiG9w0BAQsFAAOCAQEADFwA8Scl9XoZpXnncabq23hXUZnd
74m38mTZU2jxZjbyeaIwr42mm8BpRd9mvQUBLyimsjth3YSetXiUuEuZIaxGdK8m
EPeL7DfjV9qCOg4dR4BOnUfScCTjnxBn6tjuQgQtc7ohE7olTVWi4JUH3TnLlxmG
LwhkANEn/0E+GLm2Z0wgz+bWsX7B8AYqjbETI5uJFbHnOn4/GYasKVF+6Gi2bQLG
08EUfh4NWahCZbFB1OPefVtfiONmzcj/mnqlXJhPDw6ztsYHNGkJlN3f0uGpjmXq
g7PaQmUWuu8QTZb+Usbgv2gLEz1Pv7RfWJw/V5lkkUqpIfOEd6loXHQsAg==
-----END CERTIFICATE-----