This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/a86c8ffa-34ab-4a01-8f63-86207fe44159.roa
File:                     a86c8ffa-34ab-4a01-8f63-86207fe44159.roa (raw, json)
Hash identifier:          ootzGQwhJ52rnNYvqNwKXld8zgoM8khZhfyBxwYGPCM=
Subject key identifier:   BD:67:8F:78:5D:27:CA:EA:C9:B5:A8:A8:D7:9E:D6:4C:D5:CF:57:F1
Certificate issuer:       /CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
Certificate serial:       0991BF7E0F05D54A5F2E4CC00C3DC8F6D3CB64C5
Authority key identifier: 1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/a86c8ffa-34ab-4a01-8f63-86207fe44159.roa
Signing time:             Sat 29 Nov 2025 00:00:06 +0000
ROA not before:           Sat 29 Nov 2025 00:00:06 +0000
ROA not after:            Fri 27 Feb 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        2606:f40::/39 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 08 Dec 2025 07:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:91:bf:7e:0f:05:d5:4a:5f:2e:4c:c0:0c:3d:c8:f6:d3:cb:64:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
        Validity
            Not Before: Nov 29 00:00:06 2025 GMT
            Not After : Feb 27 23:59:59 2026 GMT
        Subject: serialNumber=4ab94c09e377ea638867eaf37ba215a1efa34050f46671bc7ea2902a90a20335, CN=8f95e4d1-f14f-4d61-ae00-67e047d2f102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:05:e3:5e:cc:8e:f3:29:72:2a:f6:f4:e5:c9:
                    96:2f:44:43:85:0e:98:ef:8d:d3:b1:d1:6f:c3:3b:
                    57:2a:73:da:17:c5:70:4e:f9:3c:6f:40:0d:4f:03:
                    4e:60:f7:ca:5e:b4:0b:3b:53:b8:ce:84:ba:c9:d8:
                    29:31:3a:b3:d9:00:02:c1:2e:53:09:2d:76:24:80:
                    32:03:09:f7:31:fd:98:5c:fc:1d:e5:36:71:d8:40:
                    f4:11:75:63:67:43:ed:dc:10:ee:5a:f9:5b:63:d6:
                    f1:12:d8:04:32:56:a7:cf:18:e0:9b:e8:81:80:8d:
                    7c:2e:c3:ba:f4:71:50:3f:0e:40:3f:21:0d:7b:57:
                    80:23:04:83:29:da:31:69:2b:e0:37:f8:be:e2:23:
                    6b:0d:ca:77:cb:b2:3f:61:62:ed:76:80:d9:fe:54:
                    1c:1a:cc:72:a8:9f:1b:c2:63:48:9f:89:49:42:00:
                    95:9b:0e:88:e5:d3:eb:ec:1e:2e:8c:16:7b:a7:7f:
                    2f:5f:5c:6a:93:70:27:a3:61:29:ea:e8:2b:ae:74:
                    ab:c3:d6:7f:e1:dd:7b:1b:a2:fd:12:a0:6c:ae:43:
                    a5:22:34:a9:d6:dc:20:4e:64:bf:e8:88:ed:d4:91:
                    31:01:b0:fe:f8:b4:6d:76:34:1c:4e:4a:59:11:3d:
                    a6:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:67:8F:78:5D:27:CA:EA:C9:B5:A8:A8:D7:9E:D6:4C:D5:CF:57:F1
            X509v3 Authority Key Identifier:
                keyid:1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/a86c8ffa-34ab-4a01-8f63-86207fe44159.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2606:f40::/39

    Signature Algorithm: sha256WithRSAEncryption
         a7:00:19:16:04:0c:e9:0c:b0:31:34:2c:b0:b0:63:c7:59:a3:
         04:64:42:b0:ad:ab:d5:0e:2b:29:dc:f8:60:bf:f4:c2:a7:29:
         10:60:da:2e:bc:7e:a7:84:d8:ff:a3:12:7f:64:48:b6:5d:be:
         03:78:d1:1d:e4:2a:88:23:88:b4:cd:7c:ca:a3:52:0b:a6:e6:
         be:bc:f3:76:8d:c1:bc:1e:24:21:a4:75:0a:34:c6:20:5b:45:
         6f:eb:98:5a:ea:22:82:b6:bf:61:56:7b:9d:de:26:c0:c6:75:
         6e:30:e2:db:21:27:e9:f3:00:75:8e:38:0b:99:3a:b5:cc:6a:
         a5:ae:29:29:4b:a2:e8:ab:f4:ac:09:31:db:87:33:bb:71:a8:
         47:8a:66:74:0b:0d:0f:da:6a:fc:0b:ef:f8:ee:42:31:ed:bb:
         55:5d:c2:a8:28:c3:ca:ca:b7:99:f9:5a:59:9b:f4:b4:4f:5d:
         bd:02:28:03:c7:83:db:48:a0:4d:e5:66:f7:27:91:ed:4e:ed:
         a7:f7:3f:41:55:cc:13:51:89:61:4c:c7:12:ce:61:29:3a:5f:
         0c:59:15:33:90:50:5d:5c:54:21:a2:d7:05:19:46:21:ff:73:
         d3:ba:1a:ca:cd:e7:0b:1a:1f:4a:ed:b8:18:29:98:f5:db:c7:
         d2:60:d2:fd
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUCZG/fg8F1UpfLkzADD3I9tPLZMUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzE2N2E4YjNhMDFmMDY3MTdkMmFmNjJlMzgwOTA3MjA4
NGMzYWY4ZjQ4OTQ4ZTQwZTIwHhcNMjUxMTI5MDAwMDA2WhcNMjYwMjI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A0YWI5NGMwOWUzNzdlYTYzODg2N2VhZjM3YmEyMTVhMWVm
YTM0MDUwZjQ2NjcxYmM3ZWEyOTAyYTkwYTIwMzM1MS0wKwYDVQQDEyQ4Zjk1ZTRk
MS1mMTRmLTRkNjEtYWUwMC02N2UwNDdkMmYxMDIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyBeNezI7zKXIq9vTlyZYvREOFDpjvjdOx0W/DO1cqc9oX
xXBO+TxvQA1PA05g98petAs7U7jOhLrJ2CkxOrPZAALBLlMJLXYkgDIDCfcx/Zhc
/B3lNnHYQPQRdWNnQ+3cEO5a+Vtj1vES2AQyVqfPGOCb6IGAjXwuw7r0cVA/DkA/
IQ17V4AjBIMp2jFpK+A3+L7iI2sNynfLsj9hYu12gNn+VBwazHKonxvCY0ifiUlC
AJWbDojl0+vsHi6MFnunfy9fXGqTcCejYSnq6CuudKvD1n/h3Xsbov0SoGyuQ6Ui
NKnW3CBOZL/oiO3UkTEBsP74tG12NBxOSlkRPaY7AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUvWePeF0nyurJtaio157WTNXPV/EwHwYDVR0jBBgwFoAUHl8tYvha0oTU
0Ykla4hp6OkRKDgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
Lzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS8wYTNkYjRmZi05
Y2Q4LTRkMDItYTAyNy02ZmE5MDQ5NGEzYTEvYzE2N2E4YjNhMDFmMDY3MTdkMmFm
NjJlMzgwOTA3MjA4NGMzYWY4ZjQ4OTQ4ZTQwZTIuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmYwNTlhMjEtZDQxYi00ODQ2LWI3YWUtN2Vh
MzhjMzJmZDRjL2E4NmM4ZmZhLTM0YWItNGEwMS04ZjYzLTg2MjA3ZmU0NDE1OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJmMDU5YTIxLWQ0MWItNDg0Ni1iN2Fl
LTdlYTM4YzMyZmQ0Yy9Id1p4ZlNyMkxqZ0pCeUNFdzYtUFNKU09RT0kuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmBg9AADANBgkqhkiG9w0BAQsFAAOCAQEApwAZFgQM6QywMTQssLBjx1mj
BGRCsK2r1Q4rKdz4YL/0wqcpEGDaLrx+p4TY/6MSf2RItl2+A3jRHeQqiCOItM18
yqNSC6bmvrzzdo3BvB4kIaR1CjTGIFtFb+uYWuoigra/YVZ7nd4mwMZ1bjDi2yEn
6fMAdY44C5k6tcxqpa4pKUui6Kv0rAkx24czu3GoR4pmdAsND9pq/Avv+O5CMe27
VV3CqCjDysq3mflaWZv0tE9dvQIoA8eD20igTeVm9yeR7U7tp/c/QVXME1GJYUzH
Es5hKTpfDFkVM5BQXVxUIaLXBRlGIf9z07oays3nCxofSu24GCmY9dvH0mDS/Q==
-----END CERTIFICATE-----