This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e62661a5-503b-4b36-ac32-c96775083fd5.roa
File:                     e62661a5-503b-4b36-ac32-c96775083fd5.roa (raw, json)
Hash identifier:          l4WvGMenf56TrvAXt65yIFBAEnFmLpIzNTZbys2WJAc=
Subject key identifier:   DB:57:9F:3B:C3:DD:8C:16:75:D9:73:C5:49:81:7C:FC:57:37:71:5F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2165F664F15EC7B76049AE74004C128A8092855B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e62661a5-503b-4b36-ac32-c96775083fd5.roa
Signing time:             Sun 30 Nov 2025 00:30:08 +0000
ROA not before:           Sun 30 Nov 2025 00:30:08 +0000
ROA not after:            Sat 28 Feb 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        49.128.224.0/19 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 07 Dec 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:65:f6:64:f1:5e:c7:b7:60:49:ae:74:00:4c:12:8a:80:92:85:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 30 00:30:08 2025 GMT
            Not After : Feb 28 23:59:59 2026 GMT
        Subject: serialNumber=eece892f8140d34afb0ed979ae76911d329fdfb448e2a9e567b5c0cee367a736, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:7e:84:59:9b:5d:82:7f:be:10:32:b8:46:3c:
                    ce:4e:6e:52:d2:84:00:b9:81:2d:6a:d6:6a:44:37:
                    fd:06:78:18:8f:b5:cc:38:d0:7f:e3:62:b1:23:3a:
                    e4:c9:ad:74:87:9e:f1:f1:49:fb:d7:58:50:6e:e0:
                    ec:3f:b9:5b:1e:d9:81:ca:18:f6:56:4c:76:31:32:
                    6d:c7:53:98:ad:88:74:93:25:2d:ee:f1:fd:43:2e:
                    0c:b2:09:97:49:e9:cc:89:7d:06:f0:04:97:98:e4:
                    d7:22:2d:55:e0:98:25:49:52:c0:f5:44:5b:df:81:
                    0b:e9:51:2d:01:b5:e1:f0:93:c1:b7:96:75:b8:ae:
                    7a:81:bc:c7:3c:f3:42:d7:98:30:55:27:6f:2d:be:
                    a3:2d:1c:1d:ba:2b:31:c1:7b:57:a4:21:22:d7:0a:
                    05:27:5a:ac:7c:bb:04:f5:32:8b:c0:cb:d9:6e:d1:
                    b3:b2:24:37:e5:dd:5c:7f:38:57:b4:99:4f:56:34:
                    ec:97:e8:df:f3:de:62:6c:17:a5:9e:60:d6:a3:20:
                    cc:b2:08:d7:da:b0:9d:de:cc:d1:ee:50:c2:31:03:
                    9a:b3:a1:0d:1e:5e:ed:7c:55:0f:50:f5:22:7b:75:
                    27:a6:ac:61:3c:8d:66:86:73:e2:72:d9:97:fa:19:
                    63:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:57:9F:3B:C3:DD:8C:16:75:D9:73:C5:49:81:7C:FC:57:37:71:5F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e62661a5-503b-4b36-ac32-c96775083fd5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.128.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         1b:69:5a:84:36:6c:e8:ed:2e:55:5a:f3:66:fe:7a:c3:ab:38:
         d9:f6:4b:41:dd:58:01:ce:3a:d4:3d:08:28:7d:c1:f4:94:56:
         b6:cf:b5:35:00:bc:12:c5:c2:b6:ed:4d:39:de:9c:7c:62:f9:
         aa:3b:9f:84:df:fc:9f:0d:56:f0:91:5c:0f:c7:01:e3:94:92:
         4b:6a:2c:cd:40:1c:05:c7:74:23:80:1b:c2:ff:34:fe:b1:95:
         04:80:12:c8:e0:a7:e4:77:e0:7d:af:35:c3:50:01:cd:c9:97:
         a5:8e:8d:8c:19:db:b8:f0:8f:d1:ac:32:2f:49:b2:5d:77:04:
         72:e4:86:62:f2:d2:8a:a1:9a:f6:37:ec:8d:74:41:1e:c2:b5:
         7d:dc:84:ed:2a:c0:88:11:d8:da:97:cc:32:a5:bb:9d:68:9c:
         71:11:b2:c4:2c:b3:eb:d7:97:de:d3:2d:41:28:9d:60:2a:96:
         00:c4:d4:6c:43:fe:54:9f:71:6d:6d:86:86:c5:d1:82:74:d9:
         43:1d:09:e3:8e:5b:d7:4b:ad:6d:7c:e5:66:2e:06:8f:c8:45:
         6c:e5:91:30:8b:e7:c0:80:69:f2:ab:d2:a5:60:5e:17:90:5d:
         20:49:f2:40:8c:ae:63:bb:0d:b8:e6:3f:87:07:fc:53:35:79:
         09:0d:9e:36
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIWX2ZPFex7dgSa50AEwSioCShVswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTMwMDAzMDA4WhcNMjYwMjI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BlZWNlODkyZjgxNDBkMzRhZmIwZWQ5NzlhZTc2OTExZDMy
OWZkZmI0NDhlMmE5ZTU2N2I1YzBjZWUzNjdhNzM2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCtfoRZm12Cf74QMrhGPM5OblLShAC5gS1q1mpEN/0GeBiP
tcw40H/jYrEjOuTJrXSHnvHxSfvXWFBu4Ow/uVse2YHKGPZWTHYxMm3HU5itiHST
JS3u8f1DLgyyCZdJ6cyJfQbwBJeY5NciLVXgmCVJUsD1RFvfgQvpUS0BteHwk8G3
lnW4rnqBvMc880LXmDBVJ28tvqMtHB26KzHBe1ekISLXCgUnWqx8uwT1MovAy9lu
0bOyJDfl3Vx/OFe0mU9WNOyX6N/z3mJsF6WeYNajIMyyCNfasJ3ezNHuUMIxA5qz
oQ0eXu18VQ9Q9SJ7dSemrGE8jWaGc+Jy2Zf6GWN/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU21efO8PdjBZ12XPFSYF8/Fc3cV8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U2MjY2MWE1LTUwM2ItNGIzNi1hYzMyLWM5Njc3NTA4M2ZkNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAUxgOAwDQYJKoZIhvcNAQELBQADggEBABtpWoQ2bOjtLlVa82b+esOrONn2
S0HdWAHOOtQ9CCh9wfSUVrbPtTUAvBLFwrbtTTnenHxi+ao7n4Tf/J8NVvCRXA/H
AeOUkktqLM1AHAXHdCOAG8L/NP6xlQSAEsjgp+R34H2vNcNQAc3Jl6WOjYwZ27jw
j9GsMi9Jsl13BHLkhmLy0oqhmvY37I10QR7CtX3chO0qwIgR2NqXzDKlu51onHER
ssQss+vXl97TLUEonWAqlgDE1GxD/lSfcW1thobF0YJ02UMdCeOOW9dLrW185WYu
Bo/IRWzlkTCL58CAafKr0qVgXheQXSBJ8kCMrmO7DbjmP4cH/FM1eQkNnjY=
-----END CERTIFICATE-----