This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/7e5e4204-8bcf-499a-999a-8f190e991cc4.roa
File:                     7e5e4204-8bcf-499a-999a-8f190e991cc4.roa (raw, json)
Hash identifier:          LZHSingDmh4WSnbSeJHwDZyfE8pO6Dc1ykY1ra3P5zU=
Subject key identifier:   2B:AB:D7:AF:17:D6:56:66:E3:47:A2:20:0D:68:48:74:6A:39:87:D6
Certificate issuer:       /CN=0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d
Certificate serial:       17B76DC27636AE394D43CF78F1EB9F025FF1C905
Authority key identifier: 7D:84:47:C4:97:8A:0B:4C:73:9B:EB:F6:92:E2:4C:75:DD:3F:BC:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/7e5e4204-8bcf-499a-999a-8f190e991cc4.roa
Signing time:             Sat 29 Nov 2025 00:10:05 +0000
ROA not before:           Sat 29 Nov 2025 00:10:05 +0000
ROA not after:            Fri 27 Feb 2026 23:59:59 +0000
asID:                     62785
IP address blocks:        2605:b140::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/b4e4fec5-3510-4017-90ef-8391412ecd6c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/b4e4fec5-3510-4017-90ef-8391412ecd6c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 08 Dec 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:b7:6d:c2:76:36:ae:39:4d:43:cf:78:f1:eb:9f:02:5f:f1:c9:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d
        Validity
            Not Before: Nov 29 00:10:05 2025 GMT
            Not After : Feb 27 23:59:59 2026 GMT
        Subject: serialNumber=de0c784b4a2392d47dbc27c55a1f97f1e155afa9aa92b18d3921c53bc7c985e7, CN=b0dbbb6a-5472-4b68-ae4d-401518603039
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:a8:38:a4:06:74:20:c9:d6:5f:22:fe:0b:06:
                    29:fe:72:e1:31:92:fc:c8:df:d2:08:84:d2:71:2f:
                    6c:da:69:38:fc:30:eb:b5:4b:01:21:5d:75:d8:d7:
                    5a:fb:ca:1a:1e:4d:44:0f:31:76:cd:3c:ab:aa:46:
                    d3:8d:0d:52:b7:37:37:39:1a:90:a5:85:c4:30:3e:
                    b4:7e:19:7c:b9:33:86:cb:61:c3:92:0a:28:a8:3d:
                    c9:51:f7:8a:ee:e5:79:b3:27:25:84:41:85:9c:cd:
                    2d:19:73:53:67:69:64:34:72:2a:39:58:01:0a:61:
                    2f:3c:f0:1c:17:e5:e6:e0:90:50:90:23:b2:40:cd:
                    c4:82:8a:38:56:e8:2f:af:dc:d6:52:51:ad:ff:2c:
                    b5:28:21:5c:31:35:21:fd:38:73:1a:0e:ca:e6:85:
                    1c:97:0c:ae:4c:f1:fa:ee:4c:81:7b:1e:da:9f:cd:
                    f0:31:23:80:f9:09:61:48:07:b2:4f:23:71:57:8c:
                    13:ac:ce:d9:ee:73:ab:7a:7e:74:34:90:4d:51:39:
                    0b:1d:5d:ba:dc:c3:d8:d6:da:8b:5e:8c:d3:cb:81:
                    ea:dd:1f:c1:43:9d:01:d9:84:be:cf:25:e3:3d:86:
                    74:55:8a:8c:23:89:f0:31:43:2d:29:26:ba:d2:10:
                    91:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:AB:D7:AF:17:D6:56:66:E3:47:A2:20:0D:68:48:74:6A:39:87:D6
            X509v3 Authority Key Identifier:
                keyid:7D:84:47:C4:97:8A:0B:4C:73:9B:EB:F6:92:E2:4C:75:DD:3F:BC:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/7e5e4204-8bcf-499a-999a-8f190e991cc4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:b140::/32

    Signature Algorithm: sha256WithRSAEncryption
         6f:87:8c:9e:ed:54:19:4d:46:9c:d4:e7:dd:12:2f:f9:d9:71:
         75:53:9d:ea:7e:46:d0:80:44:84:a8:df:96:c5:51:0b:da:f2:
         76:7e:35:92:a5:10:43:d3:e2:a5:70:93:10:ce:24:a0:bf:06:
         03:a9:cd:53:c4:85:b1:92:ff:e9:cd:9f:32:e5:92:cc:0b:45:
         35:64:6a:88:96:74:26:41:3e:c5:56:75:62:0c:fc:08:54:18:
         8f:d7:86:cf:18:a1:03:2c:5a:b3:11:a4:1b:79:6a:66:84:16:
         0c:8e:af:44:e5:c0:be:63:a2:63:36:55:91:7a:6c:d8:dd:34:
         51:ed:0c:22:e1:0b:86:76:ab:05:d6:fe:45:8c:24:32:47:e6:
         6d:2a:79:7a:d1:cd:ef:c4:22:aa:01:5a:a1:13:1b:06:52:10:
         3e:fc:87:28:e9:67:c8:98:8a:07:46:8c:ab:eb:25:57:4f:fc:
         99:e5:51:c3:27:94:8c:d0:88:2b:0a:85:48:80:43:b3:93:27:
         81:86:16:11:ef:4f:87:c8:82:bd:81:ae:0d:d5:79:59:50:fb:
         62:85:aa:8d:ad:dc:96:69:02:64:21:79:7b:f0:e2:a4:ee:2b:
         6f:a1:bd:16:c9:24:ec:80:5e:8c:53:2d:59:ba:58:8b:06:73:
         90:bf:08:30
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIUF7dtwnY2rjlNQ8948eufAl/xyQUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMGVlNDU4M2Q4NGQ5YjRmMDgyNGNiODBiYThmYzEyNDBi
NDc5NGI1MTUwNzFlOTc1MWQwHhcNMjUxMTI5MDAxMDA1WhcNMjYwMjI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BkZTBjNzg0YjRhMjM5MmQ0N2RiYzI3YzU1YTFmOTdmMWUx
NTVhZmE5YWE5MmIxOGQzOTIxYzUzYmM3Yzk4NWU3MS0wKwYDVQQDEyRiMGRiYmI2
YS01NDcyLTRiNjgtYWU0ZC00MDE1MTg2MDMwMzkwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyqDikBnQgydZfIv4LBin+cuExkvzI39IIhNJxL2zaaTj8
MOu1SwEhXXXY11r7yhoeTUQPMXbNPKuqRtONDVK3Nzc5GpClhcQwPrR+GXy5M4bL
YcOSCiioPclR94ru5XmzJyWEQYWczS0Zc1NnaWQ0cio5WAEKYS888BwX5ebgkFCQ
I7JAzcSCijhW6C+v3NZSUa3/LLUoIVwxNSH9OHMaDsrmhRyXDK5M8fruTIF7Htqf
zfAxI4D5CWFIB7JPI3FXjBOsztnuc6t6fnQ0kE1ROQsdXbrcw9jW2otejNPLgerd
H8FDnQHZhL7PJeM9hnRViowjifAxQy0pJrrSEJHHAgMBAAGjggKyMIICrjAdBgNV
HQ4EFgQUK6vXrxfWVmbjR6IgDWhIdGo5h9YwHwYDVR0jBBgwFoAUfYRHxJeKC0xz
m+v2kuJMdd0/vK4wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS9iNGU0ZmVjNS0z
NTEwLTQwMTctOTBlZi04MzkxNDEyZWNkNmMvMGVlNDU4M2Q4NGQ5YjRmMDgyNGNi
ODBiYThmYzEyNDBiNDc5NGI1MTUwNzFlOTc1MWQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZGZkN2Y2ZDMtZTZlOS00OTg3LTlhZTctZDA1
MmM1MzUzODk4LzdlNWU0MjA0LThiY2YtNDk5YS05OTlhLThmMTkwZTk5MWNjNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2RmZDdmNmQzLWU2ZTktNDk4Ny05YWU3
LWQwNTJjNTM1Mzg5OC8yYlR3Z2t5NEM2ajhFa0MwZVV0UlVISHBkUjAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC
MAcDBQAmBbFAMA0GCSqGSIb3DQEBCwUAA4IBAQBvh4ye7VQZTUac1OfdEi/52XF1
U53qfkbQgESEqN+WxVEL2vJ2fjWSpRBD0+KlcJMQziSgvwYDqc1TxIWxkv/pzZ8y
5ZLMC0U1ZGqIlnQmQT7FVnViDPwIVBiP14bPGKEDLFqzEaQbeWpmhBYMjq9E5cC+
Y6JjNlWRemzY3TRR7Qwi4QuGdqsF1v5FjCQyR+ZtKnl60c3vxCKqAVqhExsGUhA+
/Ico6WfImIoHRoyr6yVXT/yZ5VHDJ5SM0IgrCoVIgEOzkyeBhhYR70+HyIK9ga4N
1XlZUPtihaqNrdyWaQJkIXl78OKk7itvob0WySTsgF6MUy1ZuliLBnOQvwgw
-----END CERTIFICATE-----