This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/b5e0d86e-0f74-41d8-a413-497ad79e414d.roa
File:                     b5e0d86e-0f74-41d8-a413-497ad79e414d.roa (raw, json)
Hash identifier:          WIDRUTgbXlOM2Cv2tXCBCnEDplOb1lHommCITViBy4U=
Subject key identifier:   DB:0C:10:12:0D:92:44:6D:F4:63:25:9E:07:36:95:BA:3F:C1:3B:06
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       733412C907C849F963DFF5998A333BB1473C1E97
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/b5e0d86e-0f74-41d8-a413-497ad79e414d.roa
Signing time:             Sat 22 Nov 2025 00:00:07 +0000
ROA not before:           Sat 22 Nov 2025 00:00:07 +0000
ROA not after:            Fri 20 Feb 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        216.221.160.0/19 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 07 Dec 2025 15:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:34:12:c9:07:c8:49:f9:63:df:f5:99:8a:33:3b:b1:47:3c:1e:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Nov 22 00:00:07 2025 GMT
            Not After : Feb 20 23:59:59 2026 GMT
        Subject: serialNumber=acdfde6931edad3844e8a968fe40f1f48edbed04f6efdc9db8b97bfdc40060a1, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:d5:c0:70:cc:ff:55:eb:4c:18:64:d4:c0:fa:
                    46:dc:65:8f:75:ab:e7:a2:f9:f2:74:59:9b:71:f5:
                    f4:85:af:a5:8d:9a:80:d2:18:f3:b4:b2:fa:fb:7a:
                    94:3b:a0:82:ec:ab:17:ce:1b:1f:f7:c7:2b:0d:c5:
                    17:02:93:ea:55:3e:28:48:ac:e4:07:ce:c6:21:75:
                    e1:cf:f1:00:69:ce:92:95:1a:ac:80:16:a3:98:41:
                    4f:21:53:e9:f3:b2:42:20:2a:6d:9c:78:27:75:40:
                    6c:8e:5a:b4:3c:4f:db:39:95:e7:0e:12:71:43:db:
                    0b:0e:33:c6:4c:fa:40:1b:5f:b9:84:92:b9:c7:cf:
                    4b:1f:5d:b9:04:b0:7f:70:c3:d1:83:b4:2d:07:d0:
                    43:96:cc:f6:de:cf:fc:74:b3:7c:f5:b8:1a:3f:f7:
                    f2:05:5c:d1:4f:a7:84:32:2f:f7:aa:3c:db:43:90:
                    f7:2f:8d:b4:e1:ee:2f:04:16:58:a8:5e:b2:25:22:
                    89:b0:35:77:8d:c5:e9:2c:9c:4a:95:99:8e:fc:71:
                    68:ee:0d:f2:00:94:d8:e7:7d:54:2a:5f:c9:3f:2d:
                    73:7c:98:da:c4:90:9d:62:f7:16:f1:26:f3:c9:8e:
                    1c:ef:24:87:f1:bf:ed:eb:7a:96:f2:de:d9:6e:48:
                    49:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:0C:10:12:0D:92:44:6D:F4:63:25:9E:07:36:95:BA:3F:C1:3B:06
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/b5e0d86e-0f74-41d8-a413-497ad79e414d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.221.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         94:22:40:3a:49:e2:e4:6b:50:fa:f9:52:12:27:af:8b:47:a0:
         91:81:d0:17:7a:ab:e1:b4:a3:12:fd:a6:24:3f:85:05:ae:08:
         2b:90:e4:f8:b8:66:84:6c:fa:be:e0:9a:14:2b:25:81:ca:cb:
         64:b2:16:65:97:cf:92:7a:3d:b1:aa:23:51:bd:62:61:84:58:
         20:26:4b:98:6c:2a:67:7d:9d:01:96:21:7b:48:c2:b4:f9:44:
         2a:33:21:f4:a5:b5:42:38:29:ec:fe:f5:aa:7f:2d:6e:b2:e5:
         28:27:7f:6c:37:6c:f3:ab:8e:45:f5:c1:72:f2:44:f8:a8:97:
         03:6c:7e:13:a9:ce:86:65:df:67:82:b8:58:f8:47:73:1c:eb:
         e4:a0:17:17:0b:e2:91:e5:76:79:0b:28:9b:f8:ba:5b:13:21:
         8c:19:94:01:10:64:21:f7:1a:c5:a3:e1:26:4d:ae:db:71:97:
         ed:15:78:dd:30:1c:68:9a:9c:09:4f:c5:72:e5:3d:76:52:c7:
         2f:10:61:7f:2d:c0:9e:71:b8:d7:20:bc:91:66:6e:bc:72:e7:
         d2:cb:ba:e2:04:f2:a6:5a:61:94:d2:9f:2d:58:fb:8e:b0:ab:
         47:e1:e9:34:d4:22:48:b8:bf:01:18:80:72:ea:ca:95:f6:d1:
         39:02:3a:5b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUczQSyQfISflj3/WZijM7sUc8HpcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUxMTIyMDAwMDA3WhcNMjYwMjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0BhY2RmZGU2OTMxZWRhZDM4NDRlOGE5NjhmZTQwZjFmNDhl
ZGJlZDA0ZjZlZmRjOWRiOGI5N2JmZGM0MDA2MGExMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC41cBwzP9V60wYZNTA+kbcZY91q+ei+fJ0WZtx9fSFr6WN
moDSGPO0svr7epQ7oILsqxfOGx/3xysNxRcCk+pVPihIrOQHzsYhdeHP8QBpzpKV
GqyAFqOYQU8hU+nzskIgKm2ceCd1QGyOWrQ8T9s5lecOEnFD2wsOM8ZM+kAbX7mE
krnHz0sfXbkEsH9ww9GDtC0H0EOWzPbez/x0s3z1uBo/9/IFXNFPp4QyL/eqPNtD
kPcvjbTh7i8EFlioXrIlIomwNXeNxeksnEqVmY78cWjuDfIAlNjnfVQqX8k/LXN8
mNrEkJ1i9xbxJvPJjhzvJIfxv+3repby3tluSEmpAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU2wwQEg2SRG30YyWeBzaVuj/BOwYwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkL2I1ZTBkODZlLTBmNzQtNDFkOC1hNDEzLTQ5N2FkNzllNDE0ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAXY3aAwDQYJKoZIhvcNAQELBQADggEBAJQiQDpJ4uRrUPr5UhInr4tHoJGB
0Bd6q+G0oxL9piQ/hQWuCCuQ5Pi4ZoRs+r7gmhQrJYHKy2SyFmWXz5J6PbGqI1G9
YmGEWCAmS5hsKmd9nQGWIXtIwrT5RCozIfSltUI4Kez+9ap/LW6y5Sgnf2w3bPOr
jkX1wXLyRPiolwNsfhOpzoZl32eCuFj4R3Mc6+SgFxcL4pHldnkLKJv4ulsTIYwZ
lAEQZCH3GsWj4SZNrttxl+0VeN0wHGianAlPxXLlPXZSxy8QYX8twJ5xuNcgvJFm
brxy59LLuuIE8qZaYZTSny1Y+46wq0fh6TTUIki4vwEYgHLqypX20TkCOls=
-----END CERTIFICATE-----