This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/c221708b-2fb3-40d7-9d91-a273c57bb3c3.roa
File:                     c221708b-2fb3-40d7-9d91-a273c57bb3c3.roa (raw, json)
Hash identifier:          jFEChMeLTPyjIq4xH6vAiNbdFDsoLOciI9rOmdUzGQs=
Subject key identifier:   A7:C4:AB:3B:CD:16:AE:C4:F7:D5:FE:C0:97:CD:92:82:19:6F:7A:58
Certificate issuer:       /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial:       24F61A95BBE15F2AD127270F295A2D3B6CBB69B2
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/c221708b-2fb3-40d7-9d91-a273c57bb3c3.roa
Signing time:             Thu 13 Nov 2025 01:50:40 +0000
ROA not before:           Thu 13 Nov 2025 01:50:40 +0000
ROA not after:            Thu 18 Dec 2025 23:59:59 +0000
asID:                     801
IP address blocks:        35.96.43.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 08 Dec 2025 01:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:f6:1a:95:bb:e1:5f:2a:d1:27:27:0f:29:5a:2d:3b:6c:bb:69:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
        Validity
            Not Before: Nov 13 01:50:40 2025 GMT
            Not After : Dec 18 23:59:59 2025 GMT
        Subject: serialNumber=6b53918533ac212666b3888c7d1df5df3fe2edb6341217b72111b2592d7a65ad, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:ff:08:6f:46:28:98:7f:89:ff:1a:82:33:cd:
                    bb:c3:f7:9c:58:52:74:cb:ee:3d:d5:b8:3d:d9:91:
                    5f:94:e0:a9:95:14:08:d8:b3:95:26:e4:f0:68:9b:
                    9d:11:6d:7f:90:df:20:6b:d7:d9:0c:07:6e:a8:f7:
                    07:4b:b6:3b:b6:cf:07:25:0f:da:1a:3f:dc:31:12:
                    a0:12:73:64:b7:38:d0:8e:a8:dc:97:62:50:c0:db:
                    dc:a3:4d:58:67:c2:fe:48:e6:62:64:6f:dd:83:b3:
                    19:6d:7e:c9:b0:2e:18:88:e3:a5:ac:05:21:d6:8d:
                    f8:40:03:39:66:de:00:9c:ef:a0:24:be:48:4f:ff:
                    6f:28:49:28:70:28:28:b3:29:4b:e2:a3:a0:bd:1c:
                    14:97:53:43:75:40:93:13:ce:cc:e9:f1:fb:52:e0:
                    1c:e7:cf:68:43:8a:23:b0:e9:8f:92:65:8a:2c:88:
                    fa:ac:ad:a2:d0:5f:dc:05:7a:b9:a1:d7:3d:0a:bf:
                    32:0a:75:0a:76:b8:4b:e4:e7:94:ba:ed:68:da:c3:
                    95:17:7c:69:5d:95:f3:d1:56:fa:f0:d1:cf:d9:01:
                    cf:e4:24:ec:bb:31:82:7c:ab:a1:62:86:c9:62:5c:
                    74:8a:18:01:01:6a:2e:38:9c:38:16:9d:0b:72:24:
                    84:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:C4:AB:3B:CD:16:AE:C4:F7:D5:FE:C0:97:CD:92:82:19:6F:7A:58
            X509v3 Authority Key Identifier:
                keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/c221708b-2fb3-40d7-9d91-a273c57bb3c3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.96.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:9c:12:01:37:94:24:5c:a8:f3:6a:ef:0d:c8:d6:a5:ff:3e:
         28:0b:a9:23:62:f4:5b:55:75:cd:8e:b7:ad:1a:5d:35:05:9f:
         24:f6:a5:2b:e8:14:31:aa:72:20:88:e4:e5:e6:21:db:f5:4d:
         99:7e:8d:70:9d:89:2f:06:db:98:47:78:f5:44:55:49:f5:a9:
         86:43:dc:3a:80:a1:9b:ba:72:6b:55:29:6a:4c:c7:c0:91:e4:
         74:53:7e:a2:12:b4:56:05:b9:c9:6d:21:5d:33:20:f3:4b:93:
         fe:80:83:a3:98:ff:3b:e8:45:68:36:98:62:4e:5a:66:3c:4f:
         43:bf:b4:df:b7:d3:ae:88:53:16:1d:bc:53:29:e7:63:62:10:
         09:e7:4c:eb:2b:b4:8b:d8:f4:60:cc:5a:6d:a7:4c:f2:46:bc:
         b8:02:a8:e6:2f:60:e5:e1:10:ad:12:0c:b6:74:b2:ed:94:36:
         31:96:7c:e0:0c:4b:3c:3a:49:af:64:37:10:38:7d:c7:9a:34:
         44:2b:b7:7e:46:6c:1d:dc:ee:f4:c8:62:27:9e:7e:22:f2:6d:
         9c:40:d1:81:ce:c8:b6:74:76:b8:3c:68:f0:5a:81:83:5c:ee:
         e2:9c:db:33:65:ea:21:b7:5f:c3:d0:d7:a0:a1:04:bb:a4:00:
         e9:4b:b9:2a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJPYalbvhXyrRJycPKVotO2y7abIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUxMTEzMDE1MDQwWhcNMjUxMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A2YjUzOTE4NTMzYWMyMTI2NjZiMzg4OGM3ZDFkZjVkZjNm
ZTJlZGI2MzQxMjE3YjcyMTExYjI1OTJkN2E2NWFkMS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDd/whvRiiYf4n/GoIzzbvD95xYUnTL7j3VuD3ZkV+U4KmV
FAjYs5Um5PBom50RbX+Q3yBr19kMB26o9wdLtju2zwclD9oaP9wxEqASc2S3ONCO
qNyXYlDA29yjTVhnwv5I5mJkb92DsxltfsmwLhiI46WsBSHWjfhAAzlm3gCc76Ak
vkhP/28oSShwKCizKUvio6C9HBSXU0N1QJMTzszp8ftS4Bznz2hDiiOw6Y+SZYos
iPqsraLQX9wFermh1z0KvzIKdQp2uEvk55S67Wjaw5UXfGldlfPRVvrw0c/ZAc/k
JOy7MYJ8q6FihsliXHSKGAEBai44nDgWnQtyJISvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUp8SrO80WrsT31f7Al82SghlvelgwHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyL2MyMjE3MDhiLTJmYjMtNDBkNy05ZDkxLWEyNzNjNTdiYjNjMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAjYCswDQYJKoZIhvcNAQELBQADggEBAEScEgE3lCRcqPNq7w3I1qX/PigL
qSNi9FtVdc2Ot60aXTUFnyT2pSvoFDGqciCI5OXmIdv1TZl+jXCdiS8G25hHePVE
VUn1qYZD3DqAoZu6cmtVKWpMx8CR5HRTfqIStFYFucltIV0zIPNLk/6Ag6OY/zvo
RWg2mGJOWmY8T0O/tN+3066IUxYdvFMp52NiEAnnTOsrtIvY9GDMWm2nTPJGvLgC
qOYvYOXhEK0SDLZ0su2UNjGWfOAMSzw6Sa9kNxA4fceaNEQrt35GbB3c7vTIYiee
fiLybZxA0YHOyLZ0drg8aPBagYNc7uKc2zNl6iG3X8PQ16ChBLukAOlLuSo=
-----END CERTIFICATE-----