This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/35dd8080-5375-4755-bea9-982f40526ea4.roa
File:                     35dd8080-5375-4755-bea9-982f40526ea4.roa (raw, json)
Hash identifier:          gnn3pVzVb8Zf/MSFZiIMKiutaLlb8liD7PuGdvusSnw=
Subject key identifier:   07:D4:AD:41:32:F5:C3:E4:24:BC:BE:F7:7E:5B:25:07:EB:CF:B1:BF
Certificate issuer:       /CN=0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d
Certificate serial:       7157F1F2FC0D73C1AB860D13751F4B8028B2D9DC
Authority key identifier: 7D:84:47:C4:97:8A:0B:4C:73:9B:EB:F6:92:E2:4C:75:DD:3F:BC:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/35dd8080-5375-4755-bea9-982f40526ea4.roa
Signing time:             Sat 29 Nov 2025 00:10:06 +0000
ROA not before:           Sat 29 Nov 2025 00:10:06 +0000
ROA not after:            Fri 27 Feb 2026 23:59:59 +0000
asID:                     7224
IP address blocks:        172.96.96.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/b4e4fec5-3510-4017-90ef-8391412ecd6c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/b4e4fec5-3510-4017-90ef-8391412ecd6c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 07 Dec 2025 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:57:f1:f2:fc:0d:73:c1:ab:86:0d:13:75:1f:4b:80:28:b2:d9:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d
        Validity
            Not Before: Nov 29 00:10:06 2025 GMT
            Not After : Feb 27 23:59:59 2026 GMT
        Subject: serialNumber=a1cb8b6e4d43dc472217b84859b026a3be4fa0ab4de8926333304191795ce529, CN=b0dbbb6a-5472-4b68-ae4d-401518603039
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:03:3a:dd:12:63:99:a3:fa:94:94:a4:79:ea:
                    b3:4e:bf:5e:2f:f2:a1:d0:40:83:59:a3:f0:5e:75:
                    19:50:ff:6d:d4:31:85:7d:ec:26:11:d9:85:e0:55:
                    52:9f:9f:55:f6:cb:5f:18:71:9a:b0:8b:76:75:75:
                    37:f7:3d:1d:43:27:c6:60:bd:8b:3c:2c:56:7d:d6:
                    a8:0f:27:a8:93:86:7b:f6:7f:00:f2:80:02:76:34:
                    c6:a4:ad:b3:d7:37:34:6e:a5:3b:e4:aa:74:c8:c4:
                    d1:47:55:12:b2:c2:6a:0f:52:3e:76:51:2a:72:2e:
                    e8:e2:8d:63:77:51:a9:dd:de:06:33:09:9d:99:24:
                    4f:d9:09:3b:6a:05:8d:b2:84:02:92:89:a8:36:38:
                    b3:68:75:63:29:52:8f:47:37:7f:f6:47:c2:30:ea:
                    6f:66:a0:f0:3c:d3:c4:c5:f7:26:aa:fa:73:22:8d:
                    30:1b:64:78:47:93:1a:09:70:90:40:fd:eb:d8:24:
                    3f:50:4e:3d:2d:22:c3:1a:19:5a:c3:4b:c4:97:d2:
                    a9:67:33:c7:45:4e:9d:84:6f:ec:01:77:a9:43:d9:
                    e9:9d:d5:c7:fc:9c:9d:2f:75:d8:3c:8b:5b:d2:57:
                    f4:ae:76:d1:a6:32:8e:59:e1:b8:71:b5:54:11:9a:
                    5a:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:D4:AD:41:32:F5:C3:E4:24:BC:BE:F7:7E:5B:25:07:EB:CF:B1:BF
            X509v3 Authority Key Identifier:
                keyid:7D:84:47:C4:97:8A:0B:4C:73:9B:EB:F6:92:E2:4C:75:DD:3F:BC:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/35dd8080-5375-4755-bea9-982f40526ea4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  172.96.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         aa:60:01:cd:cb:d3:01:bf:93:50:c8:b8:a3:ac:c2:88:60:50:
         80:e6:3e:47:6d:ac:cd:a0:8c:6f:ec:62:b5:43:4d:82:e3:96:
         9b:be:50:37:56:53:d2:30:32:b1:b3:c9:a2:3f:95:97:f5:30:
         f3:6b:20:5c:11:a5:c8:77:f7:52:08:3b:ef:c3:7d:67:18:38:
         b9:0f:55:43:b9:86:e1:29:07:88:d5:fe:34:54:e1:70:99:8d:
         b9:a5:eb:6a:65:3b:51:ce:01:6a:95:d4:da:a6:96:61:fe:17:
         c0:07:a4:a7:e8:4f:2b:8c:0a:1b:d6:3c:c9:0b:ac:ef:58:aa:
         f5:b3:aa:38:b2:f1:fd:b2:4e:c7:42:47:03:7d:27:82:ae:69:
         82:ec:d8:8a:db:07:55:41:d5:62:54:19:1e:7a:4b:14:66:9c:
         12:8e:38:a1:75:26:58:d8:03:0b:6c:dc:b9:8c:d7:4c:7d:30:
         89:68:a5:9b:0b:c0:ff:4c:17:7f:47:b8:1c:ab:cf:38:94:5f:
         0c:ee:63:8a:42:71:2b:a9:25:42:04:44:14:22:87:ab:a4:c6:
         d6:5c:dd:ee:c3:57:8b:2d:ca:7c:52:70:fd:ff:b7:7f:18:e6:
         5e:d9:5a:d1:42:f1:24:f0:41:5a:36:43:df:c5:37:22:7c:c3:
         84:11:4d:89
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcVfx8vwNc8Grhg0TdR9LgCiy2dwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMGVlNDU4M2Q4NGQ5YjRmMDgyNGNiODBiYThmYzEyNDBi
NDc5NGI1MTUwNzFlOTc1MWQwHhcNMjUxMTI5MDAxMDA2WhcNMjYwMjI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BhMWNiOGI2ZTRkNDNkYzQ3MjIxN2I4NDg1OWIwMjZhM2Jl
NGZhMGFiNGRlODkyNjMzMzMwNDE5MTc5NWNlNTI5MS0wKwYDVQQDEyRiMGRiYmI2
YS01NDcyLTRiNjgtYWU0ZC00MDE1MTg2MDMwMzkwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyAzrdEmOZo/qUlKR56rNOv14v8qHQQINZo/BedRlQ/23U
MYV97CYR2YXgVVKfn1X2y18YcZqwi3Z1dTf3PR1DJ8ZgvYs8LFZ91qgPJ6iThnv2
fwDygAJ2NMakrbPXNzRupTvkqnTIxNFHVRKywmoPUj52USpyLujijWN3Uand3gYz
CZ2ZJE/ZCTtqBY2yhAKSiag2OLNodWMpUo9HN3/2R8Iw6m9moPA808TF9yaq+nMi
jTAbZHhHkxoJcJBA/evYJD9QTj0tIsMaGVrDS8SX0qlnM8dFTp2Eb+wBd6lD2emd
1cf8nJ0vddg8i1vSV/SudtGmMo5Z4bhxtVQRmlpBAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUB9StQTL1w+QkvL73flslB+vPsb8wHwYDVR0jBBgwFoAUfYRHxJeKC0xz
m+v2kuJMdd0/vK4wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS9iNGU0ZmVjNS0z
NTEwLTQwMTctOTBlZi04MzkxNDEyZWNkNmMvMGVlNDU4M2Q4NGQ5YjRmMDgyNGNi
ODBiYThmYzEyNDBiNDc5NGI1MTUwNzFlOTc1MWQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZGZkN2Y2ZDMtZTZlOS00OTg3LTlhZTctZDA1
MmM1MzUzODk4LzM1ZGQ4MDgwLTUzNzUtNDc1NS1iZWE5LTk4MmY0MDUyNmVhNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2RmZDdmNmQzLWU2ZTktNDk4Ny05YWU3
LWQwNTJjNTM1Mzg5OC8yYlR3Z2t5NEM2ajhFa0MwZVV0UlVISHBkUjAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBASsYGAwDQYJKoZIhvcNAQELBQADggEBAKpgAc3L0wG/k1DIuKOswohgUIDm
PkdtrM2gjG/sYrVDTYLjlpu+UDdWU9IwMrGzyaI/lZf1MPNrIFwRpch391IIO+/D
fWcYOLkPVUO5huEpB4jV/jRU4XCZjbml62plO1HOAWqV1NqmlmH+F8AHpKfoTyuM
ChvWPMkLrO9YqvWzqjiy8f2yTsdCRwN9J4KuaYLs2IrbB1VB1WJUGR56SxRmnBKO
OKF1JljYAwts3LmM10x9MIlopZsLwP9MF39HuByrzziUXwzuY4pCcSupJUIERBQi
h6ukxtZc3e7DV4stynxScP3/t38Y5l7ZWtFC8STwQVo2Q9/FNyJ8w4QRTYk=
-----END CERTIFICATE-----