This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c00bb77a-bf87-433c-8520-37a88e9af99d.roa
File:                     c00bb77a-bf87-433c-8520-37a88e9af99d.roa (raw, json)
Hash identifier:          G3gGpSQXjjUdcZYSEGwTQxkjhDjdzX4N+t6jI/UyK+M=
Subject key identifier:   F8:8D:05:58:99:F5:A2:CC:BB:A4:FE:A3:A4:7F:33:F3:EE:6A:1C:AC
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       41EF01B17C892365B2D321CE1000B41318694E4C
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c00bb77a-bf87-433c-8520-37a88e9af99d.roa
Signing time:             Sat 29 Nov 2025 01:32:07 +0000
ROA not before:           Sat 29 Nov 2025 01:32:07 +0000
ROA not after:            Fri 27 Feb 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        15.193.4.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 08 Dec 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:ef:01:b1:7c:89:23:65:b2:d3:21:ce:10:00:b4:13:18:69:4e:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov 29 01:32:07 2025 GMT
            Not After : Feb 27 23:59:59 2026 GMT
        Subject: serialNumber=ffa01ee205710551f1b6fb767503621509d71c50533b0e1553ba51c5b1f09dac, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:99:51:c4:4a:0d:ca:0d:be:f8:6d:17:f3:fa:
                    8e:0c:d4:62:6d:c1:cc:b4:ec:76:bb:d5:39:a5:77:
                    6a:85:49:37:82:dc:87:a5:02:11:4c:8b:c7:5c:e4:
                    54:0f:58:98:00:7a:63:93:21:f8:cf:fb:42:38:dc:
                    39:47:1f:f7:f6:5f:d2:7d:c8:36:c8:c3:7f:60:4b:
                    88:b9:ef:d5:d8:c5:b6:e2:a6:bb:be:ef:30:7d:05:
                    64:ee:6a:30:8f:e4:14:b2:a4:30:36:c5:34:9c:bb:
                    fd:3d:f4:32:72:2f:83:0d:78:7a:67:b1:84:e7:2e:
                    19:ef:c7:30:60:99:7a:fe:5b:07:dd:54:41:a5:52:
                    1b:29:4d:bb:2e:e1:f6:11:a1:64:11:47:9d:e4:eb:
                    ea:3b:9a:d5:57:4f:de:7c:56:76:bf:be:23:fa:bc:
                    03:c7:0b:52:56:f2:fe:c0:c4:06:5d:55:b9:cd:6d:
                    f4:eb:62:a4:69:d4:42:22:f5:02:34:2e:4b:6b:92:
                    4b:d4:04:dd:d3:31:fd:3f:87:09:e9:73:32:e5:d9:
                    e8:04:cc:f8:6c:4b:f1:6c:7f:54:25:39:7b:bf:db:
                    f6:b4:7e:b9:ec:dc:d3:f8:bd:cc:f0:d6:18:01:f2:
                    f2:63:7e:a0:f5:60:bd:15:32:1c:4a:eb:91:91:c1:
                    0c:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:8D:05:58:99:F5:A2:CC:BB:A4:FE:A3:A4:7F:33:F3:EE:6A:1C:AC
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c00bb77a-bf87-433c-8520-37a88e9af99d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.193.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:d8:18:02:6c:70:74:44:00:e9:0d:18:39:5c:fa:7a:73:93:
         1a:76:0f:e2:7c:92:57:67:c4:4e:13:0d:e5:17:5f:cc:c2:76:
         e9:0e:5e:f4:8e:be:8f:e0:70:12:4d:c4:c6:73:55:8a:15:49:
         6e:a1:12:2b:c9:c8:78:43:98:65:35:cc:0d:7c:4e:e0:be:31:
         08:c4:8d:74:99:b9:76:99:cd:62:fe:95:e6:dd:f5:0a:c8:4b:
         da:82:68:80:04:fb:41:05:6c:0c:a0:a4:51:b3:50:fb:62:5e:
         59:a2:76:f5:5c:bb:d6:cc:93:ca:4c:b2:7e:07:0c:66:d9:f7:
         bb:46:47:ae:34:c8:42:7a:b3:c2:2b:df:3f:d5:27:5e:13:9f:
         1c:bd:4b:55:a4:79:09:e4:3b:0e:9b:ca:50:8d:8c:ea:14:11:
         b3:58:02:b0:e6:c4:37:cc:db:f0:5d:13:92:1b:8c:44:82:d9:
         4b:95:ef:2d:57:ac:0d:dd:b3:4a:58:ac:a6:7b:60:3d:ba:f7:
         7d:62:00:f2:77:8d:e1:7d:5c:72:fd:98:b7:8b:a9:2a:69:9f:
         cd:9c:45:1c:8b:c5:80:8f:60:51:5a:8d:89:8b:b7:b7:f1:89:
         20:6b:e0:2a:20:48:a1:8b:ef:e4:84:99:a0:3a:93:3d:92:92:
         54:91:1f:69
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQe8BsXyJI2Wy0yHOEAC0ExhpTkwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTI5MDEzMjA3WhcNMjYwMjI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BmZmEwMWVlMjA1NzEwNTUxZjFiNmZiNzY3NTAzNjIxNTA5
ZDcxYzUwNTMzYjBlMTU1M2JhNTFjNWIxZjA5ZGFjMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDemVHESg3KDb74bRfz+o4M1GJtwcy07Ha71Tmld2qFSTeC
3IelAhFMi8dc5FQPWJgAemOTIfjP+0I43DlHH/f2X9J9yDbIw39gS4i579XYxbbi
pru+7zB9BWTuajCP5BSypDA2xTScu/099DJyL4MNeHpnsYTnLhnvxzBgmXr+Wwfd
VEGlUhspTbsu4fYRoWQRR53k6+o7mtVXT958Vna/viP6vAPHC1JW8v7AxAZdVbnN
bfTrYqRp1EIi9QI0LktrkkvUBN3TMf0/hwnpczLl2egEzPhsS/Fsf1QlOXu/2/a0
frns3NP4vczw1hgB8vJjfqD1YL0VMhxK65GRwQybAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU+I0FWJn1osy7pP6jpH8z8+5qHKwwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2MwMGJiNzdhLWJmODctNDMzYy04NTIwLTM3YTg4ZTlhZjk5ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAPwQQwDQYJKoZIhvcNAQELBQADggEBAEjYGAJscHREAOkNGDlc+npzkxp2
D+J8kldnxE4TDeUXX8zCdukOXvSOvo/gcBJNxMZzVYoVSW6hEivJyHhDmGU1zA18
TuC+MQjEjXSZuXaZzWL+lebd9QrIS9qCaIAE+0EFbAygpFGzUPtiXlmidvVcu9bM
k8pMsn4HDGbZ97tGR640yEJ6s8Ir3z/VJ14Tnxy9S1WkeQnkOw6bylCNjOoUEbNY
ArDmxDfM2/BdE5IbjESC2UuV7y1XrA3ds0pYrKZ7YD26931iAPJ3jeF9XHL9mLeL
qSppn82cRRyLxYCPYFFajYmLt7fxiSBr4CogSKGL7+SEmaA6kz2SklSRH2k=
-----END CERTIFICATE-----