This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/dc0e0e73-bbbe-4170-b733-4904ecc27f99.roa
File:                     dc0e0e73-bbbe-4170-b733-4904ecc27f99.roa (raw, json)
Hash identifier:          e2vb+qvMKikutrqvATcK166vAc4IPsQrfaNgMndbrqU=
Subject key identifier:   22:D5:22:73:A9:4E:44:AA:0A:5D:DC:CA:FE:96:E5:5F:CD:F0:59:B5
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       3B7F63D6C377CF5DF836C5EF9122ABF47E2DDE4A
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/dc0e0e73-bbbe-4170-b733-4904ecc27f99.roa
Signing time:             Sat 15 Nov 2025 05:10:31 +0000
ROA not before:           Sat 15 Nov 2025 05:10:31 +0000
ROA not after:            Sat 20 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0fb:e000::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 07 Dec 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:7f:63:d6:c3:77:cf:5d:f8:36:c5:ef:91:22:ab:f4:7e:2d:de:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Nov 15 05:10:31 2025 GMT
            Not After : Dec 20 23:59:59 2025 GMT
        Subject: serialNumber=21d9b0a269b84cb82fab38051f9a650a9f01e084d2526874ab4d327f5161b4ba, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:86:f9:3e:a4:af:83:c0:37:60:2a:0b:3c:b3:
                    e8:fc:77:98:0c:51:29:e8:ee:68:f5:4d:d8:8b:6e:
                    ec:5c:f7:0a:a7:0b:ca:d0:22:67:1f:a6:5b:d2:82:
                    c6:ef:e4:3e:59:e3:02:2d:09:12:c5:be:c7:77:ff:
                    3b:c1:f5:a8:b0:3f:3d:e2:c3:75:e6:f1:30:7b:f0:
                    29:78:19:01:c5:d1:09:a1:d3:56:fb:76:8b:2f:f1:
                    22:f7:9c:8c:83:5d:5f:fd:89:0a:ea:e5:f0:1e:ba:
                    e3:f5:db:26:4e:9d:5e:7d:19:b9:20:75:1a:9a:e2:
                    88:df:69:37:8c:57:3e:cb:bb:d5:5e:90:4d:5c:54:
                    21:9c:95:97:3b:fb:97:ea:f0:c9:5c:34:c1:65:e7:
                    ba:88:d4:87:40:a2:81:85:81:e8:b9:c1:2d:f4:c8:
                    6e:83:67:79:e3:ee:43:3a:ef:2c:6e:9e:20:70:d3:
                    cf:e5:c2:60:d1:e2:28:9f:55:b3:fc:37:fb:71:b7:
                    f5:cc:99:61:e4:06:67:9f:e2:be:de:8a:9f:a1:14:
                    18:4c:09:e0:9e:24:25:b1:91:58:de:77:af:2c:72:
                    f0:09:44:90:c4:c1:8b:34:7b:e1:cb:6d:3e:d7:ba:
                    ad:50:dd:e6:f1:58:f4:eb:9a:f3:1c:b2:5b:b4:fb:
                    5d:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:D5:22:73:A9:4E:44:AA:0A:5D:DC:CA:FE:96:E5:5F:CD:F0:59:B5
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/dc0e0e73-bbbe-4170-b733-4904ecc27f99.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:e000::/40

    Signature Algorithm: sha256WithRSAEncryption
         82:4c:f9:d8:f6:7b:d1:d7:aa:8e:f1:7b:7a:c5:35:f4:56:e4:
         44:ff:e3:60:39:36:1f:63:a6:b5:54:1a:e4:ad:ce:eb:90:ea:
         7d:78:9b:f1:e9:ff:0b:94:c6:c6:d6:3b:cd:3d:a0:5f:54:34:
         1e:dc:0e:82:dd:62:a1:21:49:9e:e5:08:2a:b0:69:e1:0b:68:
         05:25:3a:7f:ed:d6:f9:28:40:ee:8e:f8:46:40:52:cc:9d:98:
         1b:53:aa:34:86:50:42:77:4d:b0:c4:94:40:79:d5:28:36:1b:
         ae:49:40:78:7c:e7:f6:d3:09:14:f5:ee:93:24:f1:eb:e2:7d:
         d9:7f:4c:5f:a0:92:14:ef:4a:fe:43:d2:35:76:a5:b1:4f:87:
         c4:f9:8b:32:64:81:28:28:4b:00:1d:2b:68:6a:0c:3b:58:0d:
         b5:94:50:67:36:09:29:04:e6:4f:44:6d:70:4b:f1:95:54:ef:
         1d:74:6c:25:f9:18:1c:bc:21:29:47:ff:46:ae:9e:65:e3:93:
         94:8a:c4:44:09:e7:b4:89:1f:95:0e:7e:a0:09:1d:d4:9a:5a:
         65:cf:c0:d6:63:40:7e:e7:0f:7d:c7:b0:ae:64:e7:23:f8:10:
         a8:ec:34:23:b4:ab:4d:8a:99:78:d1:29:d2:30:57:b0:33:29:
         83:2d:a2:80
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUO39j1sN3z134NsXvkSKr9H4t3kowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMTE1MDUxMDMxWhcNMjUxMjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0AyMWQ5YjBhMjY5Yjg0Y2I4MmZhYjM4MDUxZjlhNjUwYTlm
MDFlMDg0ZDI1MjY4NzRhYjRkMzI3ZjUxNjFiNGJhMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCqhvk+pK+DwDdgKgs8s+j8d5gMUSno7mj1TdiLbuxc9wqn
C8rQImcfplvSgsbv5D5Z4wItCRLFvsd3/zvB9aiwPz3iw3Xm8TB78Cl4GQHF0Qmh
01b7dosv8SL3nIyDXV/9iQrq5fAeuuP12yZOnV59GbkgdRqa4ojfaTeMVz7Lu9Ve
kE1cVCGclZc7+5fq8MlcNMFl57qI1IdAooGFgei5wS30yG6DZ3nj7kM67yxuniBw
08/lwmDR4iifVbP8N/txt/XMmWHkBmef4r7eip+hFBhMCeCeJCWxkVjed68scvAJ
RJDEwYs0e+HLbT7Xuq1Q3ebxWPTrmvMcslu0+105AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUItUic6lORKoKXdzK/pblX83wWbUwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2RjMGUwZTczLWJiYmUtNDE3MC1iNzMzLTQ5MDRlY2MyN2Y5OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAPD74DANBgkqhkiG9w0BAQsFAAOCAQEAgkz52PZ70deqjvF7esU19Fbk
RP/jYDk2H2OmtVQa5K3O65DqfXib8en/C5TGxtY7zT2gX1Q0HtwOgt1ioSFJnuUI
KrBp4QtoBSU6f+3W+ShA7o74RkBSzJ2YG1OqNIZQQndNsMSUQHnVKDYbrklAeHzn
9tMJFPXukyTx6+J92X9MX6CSFO9K/kPSNXalsU+HxPmLMmSBKChLAB0raGoMO1gN
tZRQZzYJKQTmT0RtcEvxlVTvHXRsJfkYHLwhKUf/Rq6eZeOTlIrERAnntIkflQ5+
oAkd1JpaZc/A1mNAfucPfcewrmTnI/gQqOw0I7SrTYqZeNEp0jBXsDMpgy2igA==
-----END CERTIFICATE-----