This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b711b513-e0f0-4a59-a188-036dda4ade5a.roa
File:                     b711b513-e0f0-4a59-a188-036dda4ade5a.roa (raw, json)
Hash identifier:          2ylitpelTntcvBg2zXtDrYpBJ2Qf8PN71eLOht6RNJI=
Subject key identifier:   16:B5:B4:AC:60:DB:B4:B8:49:C0:FF:76:3E:98:92:7B:0D:64:F3:F6
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       4F8037D41A6B51562134116AFE7DEE5A19F7E7E6
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b711b513-e0f0-4a59-a188-036dda4ade5a.roa
Signing time:             Sat 15 Nov 2025 05:20:20 +0000
ROA not before:           Sat 15 Nov 2025 05:20:20 +0000
ROA not after:            Sat 20 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0fb:ef00::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 07 Dec 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:80:37:d4:1a:6b:51:56:21:34:11:6a:fe:7d:ee:5a:19:f7:e7:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Nov 15 05:20:20 2025 GMT
            Not After : Dec 20 23:59:59 2025 GMT
        Subject: serialNumber=0524a1f271f71e3f200158eaeb4bd1232044b50bb22cd502914868c7fea392ee, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:9e:d4:80:85:2c:41:b9:ff:59:cf:ba:34:82:
                    52:ed:21:49:a5:8a:22:69:b7:81:3f:bb:eb:ea:a1:
                    5e:82:2c:c5:c5:4a:f7:64:0c:15:e5:43:71:a1:a1:
                    f3:f8:f4:64:21:76:be:17:f8:61:a0:9f:2f:9f:3f:
                    b5:07:20:a8:40:a9:59:b1:de:2d:f1:ff:eb:a9:99:
                    84:d4:8d:53:24:cc:52:e4:96:74:75:62:81:a4:36:
                    7a:48:6f:c6:d6:5f:5b:4c:42:76:76:32:2f:c5:f4:
                    db:fd:91:5a:e3:e0:67:90:2f:ca:c6:11:13:70:a5:
                    6b:7d:4e:92:da:fd:83:92:f2:2a:11:75:c7:55:cf:
                    19:fc:76:c0:c4:9d:08:91:96:ab:22:1c:8d:fe:b6:
                    89:9c:77:85:a3:29:68:05:7a:59:55:76:d8:27:3c:
                    14:ef:88:46:7d:1a:8a:4b:8b:27:e8:93:12:81:e9:
                    3d:8f:ad:f9:14:ea:7d:72:89:44:2b:23:67:d6:24:
                    30:b0:6f:02:bd:8b:b1:8b:13:92:31:49:4b:ae:b9:
                    80:34:18:0c:4e:c0:70:ea:97:35:27:d7:59:53:4d:
                    10:c5:a9:78:92:e1:1e:a1:53:d3:a5:54:2a:7b:bd:
                    65:ad:92:50:a8:75:42:b8:30:e4:af:bf:37:5e:f9:
                    82:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:B5:B4:AC:60:DB:B4:B8:49:C0:FF:76:3E:98:92:7B:0D:64:F3:F6
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b711b513-e0f0-4a59-a188-036dda4ade5a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:ef00::/40

    Signature Algorithm: sha256WithRSAEncryption
         90:f9:c7:17:78:71:38:81:c3:9f:e0:a2:00:29:34:1e:0c:29:
         89:02:41:6d:63:63:93:e4:86:2a:87:c1:d3:e0:40:82:0c:69:
         73:09:1b:fa:21:f9:75:de:fd:74:cd:ff:ec:b7:ed:47:e6:0e:
         b3:ed:98:59:d1:6b:0f:4f:73:39:a7:7d:cb:dc:c3:8f:5b:67:
         e5:36:38:c2:56:8b:9e:1d:bb:ed:7d:a4:d4:da:45:50:98:e9:
         1f:47:35:69:ca:9e:fa:3b:87:e9:cb:0e:0d:97:5b:81:8e:15:
         7b:c8:75:99:20:b1:d8:33:e4:1f:66:66:3c:11:96:57:91:b0:
         f3:23:26:27:23:e9:9e:f1:b6:26:5f:b3:8e:84:db:5e:83:14:
         d6:7b:87:b8:99:da:fe:12:6a:6d:31:b6:ae:0e:0c:ed:fb:de:
         cb:de:9d:6f:28:9e:5b:d4:5d:85:cd:81:f6:71:31:f7:a6:ab:
         fa:48:e1:d4:cf:a9:18:b3:4a:ee:93:7b:70:33:7e:9c:61:b3:
         d3:78:f3:56:0f:d8:8f:4d:15:39:75:1d:01:d0:99:b1:37:6c:
         84:bc:37:94:56:5f:c0:fe:4d:09:ca:0f:0d:e6:2b:4b:4c:b4:
         8f:22:26:67:44:7b:f4:9f:5a:43:fb:29:53:84:19:c2:a3:72:
         bc:6e:ca:39
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUT4A31BprUVYhNBFq/n3uWhn35+YwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMTE1MDUyMDIwWhcNMjUxMjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0AwNTI0YTFmMjcxZjcxZTNmMjAwMTU4ZWFlYjRiZDEyMzIw
NDRiNTBiYjIyY2Q1MDI5MTQ4NjhjN2ZlYTM5MmVlMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCSntSAhSxBuf9Zz7o0glLtIUmliiJpt4E/u+vqoV6CLMXF
SvdkDBXlQ3GhofP49GQhdr4X+GGgny+fP7UHIKhAqVmx3i3x/+upmYTUjVMkzFLk
lnR1YoGkNnpIb8bWX1tMQnZ2Mi/F9Nv9kVrj4GeQL8rGERNwpWt9TpLa/YOS8ioR
dcdVzxn8dsDEnQiRlqsiHI3+tomcd4WjKWgFellVdtgnPBTviEZ9GopLiyfokxKB
6T2PrfkU6n1yiUQrI2fWJDCwbwK9i7GLE5IxSUuuuYA0GAxOwHDqlzUn11lTTRDF
qXiS4R6hU9OlVCp7vWWtklCodUK4MOSvvzde+YKPAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUFrW0rGDbtLhJwP92PpiSew1k8/YwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2I3MTFiNTEzLWUwZjAtNGE1OS1hMTg4LTAzNmRkYTRhZGU1YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAPD77zANBgkqhkiG9w0BAQsFAAOCAQEAkPnHF3hxOIHDn+CiACk0Hgwp
iQJBbWNjk+SGKofB0+BAggxpcwkb+iH5dd79dM3/7LftR+YOs+2YWdFrD09zOad9
y9zDj1tn5TY4wlaLnh277X2k1NpFUJjpH0c1acqe+juH6csODZdbgY4Ve8h1mSCx
2DPkH2ZmPBGWV5Gw8yMmJyPpnvG2Jl+zjoTbXoMU1nuHuJna/hJqbTG2rg4M7fve
y96dbyieW9Rdhc2B9nEx96ar+kjh1M+pGLNK7pN7cDN+nGGz03jzVg/Yj00VOXUd
AdCZsTdshLw3lFZfwP5NCcoPDeYrS0y0jyImZ0R79J9aQ/spU4QZwqNyvG7KOQ==
-----END CERTIFICATE-----