This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c57bcef1-b811-4c33-8250-10863c654d10.roa
File:                     c57bcef1-b811-4c33-8250-10863c654d10.roa (raw, json)
Hash identifier:          rp3p+9jMXvGttVfXGV5W2p4tjylApA3J3QUt9orNpsE=
Subject key identifier:   48:41:57:BE:0A:2B:FC:4A:EC:C3:9E:16:DF:1A:77:27:5C:B1:7A:58
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6151DB393D276E2B69CB4B8798946D97D316CFB4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c57bcef1-b811-4c33-8250-10863c654d10.roa
Signing time:             Sun 30 Nov 2025 00:20:33 +0000
ROA not before:           Sun 30 Nov 2025 00:20:33 +0000
ROA not after:            Sat 28 Feb 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        204.33.160.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 08 Dec 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:51:db:39:3d:27:6e:2b:69:cb:4b:87:98:94:6d:97:d3:16:cf:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 30 00:20:33 2025 GMT
            Not After : Feb 28 23:59:59 2026 GMT
        Subject: serialNumber=930ac4ba0b2978012def28770ff958e3c5b79788dbb96d63a2670e95da426403, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:a1:cb:64:7c:e5:17:db:e7:5f:fd:20:99:6a:
                    f2:c7:d9:90:eb:88:79:f0:b5:d8:66:22:83:e5:a1:
                    9b:3d:4b:c9:5a:ef:e6:89:03:85:1d:a0:94:a9:c9:
                    f6:f8:4d:62:18:b1:af:92:b9:7f:16:00:91:d9:fd:
                    fb:0a:57:a7:00:ab:86:61:99:c7:e6:1b:f7:28:8c:
                    e1:68:ab:a0:a2:57:c3:03:b6:93:b3:02:99:fd:ef:
                    d7:26:35:32:63:f4:a8:66:73:59:3e:a8:a1:2e:02:
                    a9:57:4c:00:2e:68:fa:ea:54:a9:3f:45:6c:2d:0d:
                    65:28:9c:e5:eb:64:d2:2b:c5:0b:2a:81:21:37:aa:
                    d6:09:5f:34:2a:3b:88:8d:9d:51:59:7a:fe:9f:49:
                    2a:42:95:72:89:d4:51:72:a0:43:c6:61:54:3d:b2:
                    63:17:2e:3f:b6:c4:12:55:03:ae:88:e9:12:ef:e9:
                    03:80:42:fc:d6:c5:7c:be:a5:a0:7b:c5:98:cf:57:
                    07:d0:61:96:37:c1:7c:12:64:4d:70:69:0e:6b:f0:
                    88:a7:f4:45:bc:fc:e8:f1:7b:0f:d1:0e:84:66:19:
                    44:06:a2:a9:a5:5c:b9:bd:eb:dc:a5:0c:c2:9f:fd:
                    87:b0:1f:97:a3:b0:58:8d:ac:ff:1e:cf:98:ae:d0:
                    49:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:41:57:BE:0A:2B:FC:4A:EC:C3:9E:16:DF:1A:77:27:5C:B1:7A:58
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c57bcef1-b811-4c33-8250-10863c654d10.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  204.33.160.0/20

    Signature Algorithm: sha256WithRSAEncryption
         aa:ed:d2:be:75:01:88:c8:4a:ea:38:45:d7:73:cf:c9:cd:9c:
         c0:da:fb:22:f5:6e:0d:b6:13:e7:e7:66:a7:93:75:27:a3:f5:
         58:d8:33:60:66:bf:d4:b7:93:13:c1:76:97:10:76:59:b2:fe:
         e3:2d:bc:22:1f:8e:41:d2:65:ed:79:ed:1a:6a:0c:4a:36:37:
         e5:11:c3:01:72:91:d4:a0:a0:fc:84:40:f0:ac:e4:3d:ba:2e:
         fd:1c:17:12:5e:f6:89:6a:91:e8:6a:7a:3e:c7:f5:dd:f6:a1:
         90:7f:91:6a:d2:75:bb:20:4f:d5:91:9a:5b:24:96:43:32:5f:
         0d:89:b6:1a:1a:51:8b:e0:57:cd:65:b9:64:ec:a8:50:58:a0:
         cc:9c:6a:dd:20:54:56:53:bb:0a:c7:90:3d:f0:78:71:6a:2a:
         c8:1c:d7:89:54:bb:71:24:f4:e6:50:94:45:9f:20:63:3f:d6:
         b2:e0:f0:f3:11:0e:fb:bd:5e:a1:f7:22:a0:f7:22:e6:d3:7d:
         be:63:91:c4:6c:f6:c4:47:d5:63:53:6b:d7:ae:f6:8a:21:5c:
         3a:de:91:18:07:0e:0c:01:20:d1:fe:61:a7:2a:f3:8b:2c:53:
         7a:d4:a2:a7:1f:1d:20:09:99:9f:70:9a:c4:17:ed:71:fb:e3:
         c7:ad:65:d9
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYVHbOT0nbitpy0uHmJRtl9MWz7QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTMwMDAyMDMzWhcNMjYwMjI4MjM1OTU5
WjB6MUkwRwYDVQQFE0A5MzBhYzRiYTBiMjk3ODAxMmRlZjI4NzcwZmY5NThlM2M1
Yjc5Nzg4ZGJiOTZkNjNhMjY3MGU5NWRhNDI2NDAzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDDoctkfOUX2+df/SCZavLH2ZDriHnwtdhmIoPloZs9S8la
7+aJA4UdoJSpyfb4TWIYsa+SuX8WAJHZ/fsKV6cAq4ZhmcfmG/cojOFoq6CiV8MD
tpOzApn979cmNTJj9Khmc1k+qKEuAqlXTAAuaPrqVKk/RWwtDWUonOXrZNIrxQsq
gSE3qtYJXzQqO4iNnVFZev6fSSpClXKJ1FFyoEPGYVQ9smMXLj+2xBJVA66I6RLv
6QOAQvzWxXy+paB7xZjPVwfQYZY3wXwSZE1waQ5r8Iin9EW8/Ojxew/RDoRmGUQG
oqmlXLm969ylDMKf/YewH5ejsFiNrP8ez5iu0EkZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUSEFXvgor/Ersw54W3xp3J1yxelgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M1N2JjZWYxLWI4MTEtNGMzMy04MjUwLTEwODYzYzY1NGQxMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBATMIaAwDQYJKoZIhvcNAQELBQADggEBAKrt0r51AYjISuo4Rddzz8nNnMDa
+yL1bg22E+fnZqeTdSej9VjYM2Bmv9S3kxPBdpcQdlmy/uMtvCIfjkHSZe157Rpq
DEo2N+URwwFykdSgoPyEQPCs5D26Lv0cFxJe9olqkehqej7H9d32oZB/kWrSdbsg
T9WRmlsklkMyXw2JthoaUYvgV81luWTsqFBYoMycat0gVFZTuwrHkD3weHFqKsgc
14lUu3Ek9OZQlEWfIGM/1rLg8PMRDvu9XqH3IqD3IubTfb5jkcRs9sRH1WNTa9eu
9oohXDrekRgHDgwBINH+Yacq84ssU3rUoqcfHSAJmZ9wmsQX7XH748etZdk=
-----END CERTIFICATE-----