This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/283d9ad9-8773-4702-8d3e-c2a0b3d78076.roa
File:                     283d9ad9-8773-4702-8d3e-c2a0b3d78076.roa (raw, json)
Hash identifier:          YP1xjHfgOXSiIBSJzKrGkd6y8LFf8DiedfqRQdnVkqA=
Subject key identifier:   50:35:40:D7:FC:A5:49:86:B7:7F:A6:D5:8C:F9:4C:26:BC:FC:AB:73
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       37F3B0ABB66F730DB9C37CC557249885899E1774
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/283d9ad9-8773-4702-8d3e-c2a0b3d78076.roa
Signing time:             Tue 25 Nov 2025 19:01:19 +0000
ROA not before:           Tue 25 Nov 2025 19:01:19 +0000
ROA not after:            Mon 23 Feb 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        3.2.76.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 08 Dec 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:f3:b0:ab:b6:6f:73:0d:b9:c3:7c:c5:57:24:98:85:89:9e:17:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov 25 19:01:19 2025 GMT
            Not After : Feb 23 23:59:59 2026 GMT
        Subject: serialNumber=88055114e6376384d6e7594d10b3d1c373b2a6ea4da156a45d4fff6b40d87473, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:69:db:f7:95:11:a7:29:60:01:89:31:d9:9f:
                    10:ef:87:59:63:51:cb:10:89:60:fc:d4:2c:44:b0:
                    b0:62:8f:d1:87:86:96:66:13:f5:d2:9e:1e:04:2f:
                    0c:be:41:3d:c7:e2:3e:5e:a8:81:74:33:bf:14:96:
                    8a:2e:53:b7:52:89:2a:d6:9d:20:6a:5a:6f:70:f4:
                    1d:c1:05:fc:15:13:25:9b:8d:5b:a5:e6:2c:59:82:
                    46:ba:c8:ef:e5:06:fc:dc:c4:bd:9a:3f:01:52:ef:
                    44:4c:95:c7:5c:c8:dc:ab:82:b3:65:e1:03:bb:df:
                    6a:ca:93:59:db:ee:0c:93:bf:ef:45:6c:76:28:90:
                    71:54:43:f6:0c:a4:8e:22:41:3a:0c:6d:da:b9:18:
                    c1:39:f6:63:69:37:69:99:10:2d:60:b5:c0:e3:fe:
                    26:a7:94:e4:29:94:a8:9f:ce:23:e5:5f:7a:31:c2:
                    bf:70:27:ac:92:8b:3f:b4:30:ee:58:07:9a:96:e9:
                    3e:02:ca:77:3f:28:e7:91:ad:d4:65:9b:e1:c9:a4:
                    95:9f:d3:e0:59:47:32:ed:ea:75:56:60:7c:88:29:
                    96:a2:6b:47:b9:e0:35:83:a9:3d:8f:bb:f8:2b:f9:
                    b8:b6:02:5c:0a:5a:a3:f7:b0:c5:e9:00:7b:a3:3b:
                    0d:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:35:40:D7:FC:A5:49:86:B7:7F:A6:D5:8C:F9:4C:26:BC:FC:AB:73
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/283d9ad9-8773-4702-8d3e-c2a0b3d78076.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.2.76.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:dc:0c:bc:63:4b:fd:c9:6f:6a:63:8a:d4:35:2d:c6:07:49:
         c2:96:bf:c4:27:00:26:24:d0:69:57:7d:d6:cc:16:5c:e4:e9:
         6e:7a:2c:56:e9:ff:49:43:17:1d:c4:9f:44:c8:0b:b9:31:a0:
         91:2d:fb:bd:79:43:77:c4:79:96:f2:31:49:a4:74:24:a4:94:
         63:c3:cc:21:c5:c8:c6:54:6b:31:f9:b6:49:97:95:d2:47:a0:
         5a:8d:7b:39:9f:2c:12:e6:d9:e2:ee:03:29:a2:9a:63:d7:6a:
         50:0c:31:c1:bc:50:99:ab:11:74:e4:d9:5b:c5:d0:eb:ce:08:
         7a:bd:da:a7:0a:87:73:8b:74:d1:76:07:86:88:51:bc:48:50:
         72:3a:d8:35:93:83:77:aa:a6:d4:af:3f:fc:15:ff:28:b4:80:
         f6:86:b6:2c:f4:da:92:6e:36:2a:c6:50:dc:c7:cc:a2:cf:15:
         37:7b:af:3d:0e:df:b6:05:ce:a0:ce:12:ba:13:b4:d0:f4:08:
         af:0a:e2:8a:5e:02:0f:66:42:17:d8:da:36:f0:c2:a2:4a:32:
         6e:e9:a4:3f:00:b7:5c:7b:95:fb:4b:41:4e:8a:5a:da:7b:1c:
         81:22:76:ec:ac:af:d6:7f:4b:9a:e9:7a:42:d8:b5:da:eb:70:
         54:b5:e4:50
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUN/Owq7Zvcw25w3zFVySYhYmeF3QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTI1MTkwMTE5WhcNMjYwMjIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A4ODA1NTExNGU2Mzc2Mzg0ZDZlNzU5NGQxMGIzZDFjMzcz
YjJhNmVhNGRhMTU2YTQ1ZDRmZmY2YjQwZDg3NDczMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD5adv3lRGnKWABiTHZnxDvh1ljUcsQiWD81CxEsLBij9GH
hpZmE/XSnh4ELwy+QT3H4j5eqIF0M78UloouU7dSiSrWnSBqWm9w9B3BBfwVEyWb
jVul5ixZgka6yO/lBvzcxL2aPwFS70RMlcdcyNyrgrNl4QO732rKk1nb7gyTv+9F
bHYokHFUQ/YMpI4iQToMbdq5GME59mNpN2mZEC1gtcDj/ianlOQplKifziPlX3ox
wr9wJ6ySiz+0MO5YB5qW6T4Cync/KOeRrdRlm+HJpJWf0+BZRzLt6nVWYHyIKZai
a0e54DWDqT2Pu/gr+bi2AlwKWqP3sMXpAHujOw0hAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUUDVA1/ylSYa3f6bVjPlMJrz8q3MwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzI4M2Q5YWQ5LTg3NzMtNDcwMi04ZDNlLWMyYTBiM2Q3ODA3Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAADAkwwDQYJKoZIhvcNAQELBQADggEBAGfcDLxjS/3Jb2pjitQ1LcYHScKW
v8QnACYk0GlXfdbMFlzk6W56LFbp/0lDFx3En0TIC7kxoJEt+715Q3fEeZbyMUmk
dCSklGPDzCHFyMZUazH5tkmXldJHoFqNezmfLBLm2eLuAymimmPXalAMMcG8UJmr
EXTk2VvF0OvOCHq92qcKh3OLdNF2B4aIUbxIUHI62DWTg3eqptSvP/wV/yi0gPaG
tiz02pJuNirGUNzHzKLPFTd7rz0O37YFzqDOEroTtND0CK8K4opeAg9mQhfY2jbw
wqJKMm7ppD8At1x7lftLQU6KWtp7HIEiduysr9Z/S5rpekLYtdrrcFS15FA=
-----END CERTIFICATE-----