This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ebaea730-5e58-4690-973d-b99a24f55ff6.roa
File:                     ebaea730-5e58-4690-973d-b99a24f55ff6.roa (raw, json)
Hash identifier:          qmrsP/eHjo1r2NQc0dMBtiCYhKEo/kcGj4Bjokv+L9o=
Subject key identifier:   D8:2B:3B:31:57:E3:C1:25:CA:E0:7E:0D:CC:49:06:B6:5B:9F:C3:C3
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0B6C6AB03639C877C6711D9EC17097E7AA64CBBB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ebaea730-5e58-4690-973d-b99a24f55ff6.roa
Signing time:             Sat 29 Nov 2025 00:20:10 +0000
ROA not before:           Sat 29 Nov 2025 00:20:10 +0000
ROA not after:            Fri 27 Feb 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        130.217.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 08 Dec 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:6c:6a:b0:36:39:c8:77:c6:71:1d:9e:c1:70:97:e7:aa:64:cb:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 29 00:20:10 2025 GMT
            Not After : Feb 27 23:59:59 2026 GMT
        Subject: serialNumber=53740cfb24d91fb4bfa7055651bf5a66242daa907bde51854aee1bfa21c90712, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:a9:47:66:3a:ca:dd:12:38:c2:75:85:92:4e:
                    87:60:f7:5b:76:a9:40:24:c3:70:c0:92:76:f5:1f:
                    f0:08:21:d8:e7:c3:5b:25:26:db:77:3e:a3:33:e3:
                    75:71:f7:61:42:90:57:59:3f:7d:5a:24:19:b5:c1:
                    28:b3:cf:ad:fb:4c:fd:de:29:da:71:9f:8e:d2:c7:
                    09:c5:d9:44:55:66:5c:12:f5:21:de:13:ed:0a:71:
                    45:43:ba:12:17:8c:41:32:ba:45:62:a7:77:ce:43:
                    6b:a8:e8:8f:60:43:69:a8:b8:37:55:b0:25:9c:9b:
                    dc:0e:5d:b8:b1:b3:d4:6b:7f:2e:82:8a:e0:7a:82:
                    b3:07:78:ba:06:2c:4d:ff:de:b3:c5:db:c2:9d:f6:
                    a5:d1:2c:7f:f0:40:df:12:cd:1e:e8:1c:34:52:f4:
                    66:23:f8:92:93:7b:ee:64:78:ad:c0:ff:84:b2:e4:
                    c3:3c:62:08:bc:33:d7:f4:d8:7f:33:fb:4d:44:79:
                    13:f9:b4:e0:b9:0d:38:b0:56:9d:d9:8a:3b:68:ec:
                    56:c0:2c:9b:38:b8:f8:46:5f:cd:f6:38:ba:07:9e:
                    ba:40:80:fe:04:14:78:9c:d4:cd:7b:ca:59:b4:f9:
                    26:47:54:f5:34:b5:88:a3:ea:7b:74:51:88:53:9d:
                    1d:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:2B:3B:31:57:E3:C1:25:CA:E0:7E:0D:CC:49:06:B6:5B:9F:C3:C3
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ebaea730-5e58-4690-973d-b99a24f55ff6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  130.217.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         49:ce:0b:30:5d:c6:45:15:b5:5f:18:0d:f9:f5:f6:8f:08:c5:
         64:56:b3:7d:33:a1:54:66:57:6c:c5:20:f0:49:56:75:21:c3:
         c3:1c:64:60:de:74:22:e9:5e:51:99:ef:c2:ac:0e:c4:ad:46:
         e6:b3:a4:11:a5:87:9f:69:04:ce:4e:5d:4b:de:c2:7f:6c:d2:
         15:7a:c0:65:bd:f2:76:a6:81:6a:20:6e:d5:b1:b0:53:d1:31:
         74:b7:42:9f:13:7a:88:8d:7c:01:fb:e2:53:9a:22:67:0a:1a:
         ac:e7:8f:41:f3:03:11:2d:21:20:9d:a4:02:2a:ef:ad:05:7a:
         a2:d5:a9:2c:7a:90:2e:b7:f0:2e:1d:11:a3:af:59:49:1b:ca:
         ac:b6:91:ec:b9:2b:67:30:a3:fb:56:ea:7e:d6:c3:22:25:bf:
         fb:ae:9b:ae:71:61:a2:55:4c:f3:92:0b:82:75:43:7a:76:ed:
         3c:1a:ad:e0:a0:72:81:c5:06:44:f7:8c:a5:9f:9d:78:f1:b7:
         0f:7a:71:0d:0e:83:ae:fa:05:e7:94:93:39:8b:bd:95:4e:bd:
         74:fa:f5:d7:f2:1a:be:71:53:2e:78:8e:40:75:26:b3:c3:74:
         92:b4:48:52:72:ca:e8:87:a0:20:f8:2e:97:37:24:74:da:c3:
         03:07:3e:4d
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUC2xqsDY5yHfGcR2ewXCX56pky7swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTI5MDAyMDEwWhcNMjYwMjI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A1Mzc0MGNmYjI0ZDkxZmI0YmZhNzA1NTY1MWJmNWE2NjI0
MmRhYTkwN2JkZTUxODU0YWVlMWJmYTIxYzkwNzEyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCeqUdmOsrdEjjCdYWSTodg91t2qUAkw3DAknb1H/AIIdjn
w1slJtt3PqMz43Vx92FCkFdZP31aJBm1wSizz637TP3eKdpxn47SxwnF2URVZlwS
9SHeE+0KcUVDuhIXjEEyukVip3fOQ2uo6I9gQ2mouDdVsCWcm9wOXbixs9Rrfy6C
iuB6grMHeLoGLE3/3rPF28Kd9qXRLH/wQN8SzR7oHDRS9GYj+JKTe+5keK3A/4Sy
5MM8Ygi8M9f02H8z+01EeRP5tOC5DTiwVp3Zijto7FbALJs4uPhGX832OLoHnrpA
gP4EFHic1M17ylm0+SZHVPU0tYij6nt0UYhTnR2TAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU2Cs7MVfjwSXK4H4NzEkGtlufw8MwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ViYWVhNzMwLTVlNTgtNDY5MC05NzNkLWI5OWEyNGY1NWZmNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCC2TANBgkqhkiG9w0BAQsFAAOCAQEASc4LMF3GRRW1XxgN+fX2jwjFZFaz
fTOhVGZXbMUg8ElWdSHDwxxkYN50IuleUZnvwqwOxK1G5rOkEaWHn2kEzk5dS97C
f2zSFXrAZb3ydqaBaiBu1bGwU9ExdLdCnxN6iI18AfviU5oiZwoarOePQfMDES0h
IJ2kAirvrQV6otWpLHqQLrfwLh0Ro69ZSRvKrLaR7LkrZzCj+1bqftbDIiW/+66b
rnFholVM85ILgnVDenbtPBqt4KBygcUGRPeMpZ+dePG3D3pxDQ6DrvoF55STOYu9
lU69dPr11/IavnFTLniOQHUms8N0krRIUnLK6IegIPgulzckdNrDAwc+TQ==
-----END CERTIFICATE-----