This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/17964269-4037-4ed5-aaa5-d2527a564b59.roa
File:                     17964269-4037-4ed5-aaa5-d2527a564b59.roa (raw, json)
Hash identifier:          vJzZXwavoIu023ufmq8jycoGFdZ6POyDGS9m7nFKBxg=
Subject key identifier:   88:A5:0A:0D:6E:BC:AD:25:DB:E0:38:7B:B2:9D:81:D9:94:12:A1:AC
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       75AD3EECBBDF70365D9D9CEF7E31846599830989
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/17964269-4037-4ed5-aaa5-d2527a564b59.roa
Signing time:             Tue 25 Nov 2025 19:50:49 +0000
ROA not before:           Tue 25 Nov 2025 19:50:49 +0000
ROA not after:            Mon 23 Feb 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f0:6114::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 07 Dec 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:ad:3e:ec:bb:df:70:36:5d:9d:9c:ef:7e:31:84:65:99:83:09:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Nov 25 19:50:49 2025 GMT
            Not After : Feb 23 23:59:59 2026 GMT
        Subject: serialNumber=5f18c4f8a8c3410c3b793aaf68eac60d564d81d7ac365f00a9a8eb3b4a3a8d0e, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:3d:06:8e:61:79:fd:a8:88:b7:0b:ab:01:9e:
                    5b:70:5b:00:57:be:24:dd:a0:35:1a:73:a5:70:e7:
                    24:9f:d2:fb:2d:d3:20:fe:34:c9:01:af:0c:4c:36:
                    9b:ef:cb:36:54:4a:84:4e:ff:f1:8f:63:26:49:d3:
                    3d:fa:17:fd:ab:64:0a:7a:ca:ce:c3:4c:bf:82:71:
                    fc:9e:60:2c:d0:a3:2b:6a:cc:5c:cb:fe:9f:a4:50:
                    b7:a1:52:d2:7a:0e:03:71:76:07:e7:20:8f:9e:9b:
                    3b:cd:76:95:79:90:da:1f:ca:af:43:7a:2a:e1:18:
                    db:cf:f3:d2:0b:ec:00:46:17:08:3d:56:ff:c5:4c:
                    4d:45:28:f5:80:cd:a9:e2:7d:6e:82:c8:61:fe:11:
                    39:df:8f:07:a8:ff:08:cc:8c:ad:1a:f6:62:b0:74:
                    dd:4c:50:23:65:0d:e8:ce:fa:c6:18:7e:b6:00:8f:
                    8c:07:f2:64:22:f6:3b:00:00:b1:6c:21:27:2c:85:
                    d9:33:0c:6f:e2:91:fe:75:a4:96:c7:24:5a:e2:58:
                    f1:fb:68:93:ab:5e:32:15:f6:fa:10:d9:94:8e:d4:
                    8f:42:a5:12:9c:d1:ca:00:b5:d2:2f:f5:fe:6f:e9:
                    7b:54:04:3d:e9:7a:f5:75:ab:15:6b:83:38:f0:b5:
                    19:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:A5:0A:0D:6E:BC:AD:25:DB:E0:38:7B:B2:9D:81:D9:94:12:A1:AC
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/17964269-4037-4ed5-aaa5-d2527a564b59.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:6114::/48

    Signature Algorithm: sha256WithRSAEncryption
         23:83:a7:75:8e:6c:7a:02:6b:e5:e2:02:bd:39:0a:7a:ad:32:
         46:2a:73:59:ef:53:9a:8b:bf:a0:76:e0:2e:0e:62:03:38:bf:
         59:2b:91:b6:3e:e8:95:47:66:b3:44:8b:70:fd:f5:9d:4d:f6:
         0d:8a:25:9b:7b:33:d2:5a:1c:3b:52:70:80:a7:f0:ee:52:80:
         35:15:90:db:5f:11:66:8d:a6:e7:1a:9f:b7:3e:90:bc:cf:98:
         cf:47:48:65:43:ca:88:d6:3f:54:84:65:86:98:62:b5:9b:03:
         25:26:86:7b:49:40:0b:43:9b:94:36:b4:9e:e0:68:64:c4:20:
         a9:70:5e:a0:86:76:bd:0e:93:b3:36:bd:f5:4f:36:1b:da:ba:
         a0:31:28:d1:33:10:e3:12:8d:0d:8b:c1:73:f6:df:c2:c7:84:
         9d:96:86:ba:66:7b:d9:d1:28:e8:e4:6e:a9:5c:c4:12:c8:bb:
         81:9d:04:b3:4a:6e:51:b3:ec:7b:e5:36:a2:b5:4a:5c:45:ee:
         4c:cf:7d:bb:57:02:2d:3d:a8:2a:97:e8:20:97:8f:8c:11:a0:
         67:d8:c8:1b:84:d5:04:12:8d:8d:2e:19:8f:02:32:5d:b6:a9:
         a3:9b:8f:ea:13:5d:5f:0f:74:f3:5c:2f:75:c0:60:9c:fa:17:
         99:f6:98:e1
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUda0+7LvfcDZdnZzvfjGEZZmDCYkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMTI1MTk1MDQ5WhcNMjYwMjIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A1ZjE4YzRmOGE4YzM0MTBjM2I3OTNhYWY2OGVhYzYwZDU2
NGQ4MWQ3YWMzNjVmMDBhOWE4ZWIzYjRhM2E4ZDBlMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDWPQaOYXn9qIi3C6sBnltwWwBXviTdoDUac6Vw5ySf0vst
0yD+NMkBrwxMNpvvyzZUSoRO//GPYyZJ0z36F/2rZAp6ys7DTL+CcfyeYCzQoytq
zFzL/p+kULehUtJ6DgNxdgfnII+emzvNdpV5kNofyq9DeirhGNvP89IL7ABGFwg9
Vv/FTE1FKPWAzanifW6CyGH+ETnfjweo/wjMjK0a9mKwdN1MUCNlDejO+sYYfrYA
j4wH8mQi9jsAALFsIScshdkzDG/ikf51pJbHJFriWPH7aJOrXjIV9voQ2ZSO1I9C
pRKc0coAtdIv9f5v6XtUBD3pevV1qxVrgzjwtRnrAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUiKUKDW68rSXb4Dh7sp2B2ZQSoawwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzE3OTY0MjY5LTQwMzctNGVkNS1hYWE1LWQyNTI3YTU2NGI1OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwYRQwDQYJKoZIhvcNAQELBQADggEBACODp3WObHoCa+XiAr05Cnqt
MkYqc1nvU5qLv6B24C4OYgM4v1krkbY+6JVHZrNEi3D99Z1N9g2KJZt7M9JaHDtS
cICn8O5SgDUVkNtfEWaNpucan7c+kLzPmM9HSGVDyojWP1SEZYaYYrWbAyUmhntJ
QAtDm5Q2tJ7gaGTEIKlwXqCGdr0Ok7M2vfVPNhvauqAxKNEzEOMSjQ2LwXP238LH
hJ2Whrpme9nRKOjkbqlcxBLIu4GdBLNKblGz7HvlNqK1SlxF7kzPfbtXAi09qCqX
6CCXj4wRoGfYyBuE1QQSjY0uGY8CMl22qaObj+oTXV8PdPNcL3XAYJz6F5n2mOE=
-----END CERTIFICATE-----