This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e1f0a816-1364-4917-888a-675b4cccc750.roa
File:                     e1f0a816-1364-4917-888a-675b4cccc750.roa (raw, json)
Hash identifier:          NpG64W7O3ChrRsYjKF69NT0bIewC3KGhTeDg8tfKjec=
Subject key identifier:   E9:66:C5:60:88:BC:D2:14:AB:CC:8F:BD:9A:BF:AE:39:85:7A:CD:70
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       59A8E319307E19A958CF02B72999B5C57BB4FBCF
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e1f0a816-1364-4917-888a-675b4cccc750.roa
Signing time:             Wed 10 Dec 2025 02:30:49 +0000
ROA not before:           Wed 10 Dec 2025 02:30:49 +0000
ROA not after:            Tue 10 Mar 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        170.58.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 20 Dec 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:a8:e3:19:30:7e:19:a9:58:cf:02:b7:29:99:b5:c5:7b:b4:fb:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Dec 10 02:30:49 2025 GMT
            Not After : Mar 10 23:59:59 2026 GMT
        Subject: serialNumber=1349066bf6c863ca972e1b194504fd8b7312a609e88064992816abccb0aed7b3, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:8a:59:ef:fe:0b:fb:ff:46:15:87:ae:8a:0d:
                    f6:1f:9a:ce:86:6c:2a:74:80:3f:a3:88:92:d7:26:
                    4e:49:8c:05:06:05:c0:86:25:f8:e4:a6:3e:a2:e8:
                    a8:ea:09:f9:f6:00:47:c3:f7:70:50:8c:74:9c:1f:
                    a5:43:8e:95:2b:df:2b:af:43:bc:ae:87:54:3d:20:
                    84:de:4c:af:ba:2f:33:d2:0d:45:17:b9:fa:7c:48:
                    36:70:06:db:0a:27:33:3f:61:d6:9d:2c:cc:62:3d:
                    ab:0e:23:b5:27:43:e8:37:7a:c0:0b:15:ec:39:bc:
                    f6:32:73:19:e8:5f:d7:18:ff:e3:cd:f3:4e:0d:dc:
                    57:ca:fb:68:5f:ab:70:29:e0:f0:94:79:17:a4:66:
                    50:b3:b5:86:ea:2c:17:65:4c:26:fe:4e:d2:60:e3:
                    59:00:37:fe:c3:5b:2c:6c:b5:ef:04:de:8e:67:60:
                    0c:45:b6:94:74:21:3c:51:22:6d:ee:de:0e:36:af:
                    09:a1:a9:a3:02:d2:0b:e3:f0:0e:8e:5a:db:be:ae:
                    6f:62:28:58:12:fd:0f:5f:d5:0f:5f:30:5a:82:ca:
                    04:ff:2d:e0:7e:00:34:5b:6b:b2:76:72:c7:5a:b9:
                    60:c2:51:12:90:40:e0:9b:46:11:22:94:75:78:10:
                    f0:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:66:C5:60:88:BC:D2:14:AB:CC:8F:BD:9A:BF:AE:39:85:7A:CD:70
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e1f0a816-1364-4917-888a-675b4cccc750.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.58.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         61:98:e0:34:54:eb:9f:09:b2:63:81:49:de:66:3f:da:f5:7e:
         6b:58:36:b7:bb:3d:8b:ba:06:3f:c9:2c:2d:bd:7c:04:68:39:
         4b:73:59:ed:d9:bf:86:1b:05:2a:6a:76:6e:4d:ed:35:fc:92:
         4e:7f:4f:d0:fb:5d:43:b2:d7:fc:d7:f9:14:68:3b:a0:8d:b7:
         a0:21:53:a4:79:1f:9c:f9:8d:dc:1a:4b:f7:11:8b:f5:52:10:
         4f:fc:1c:c1:ce:27:f1:09:9a:4d:d6:fb:7b:48:39:e4:c2:2b:
         a5:55:9c:23:17:c7:11:1a:1c:30:a7:8a:a2:c2:25:a7:f7:3f:
         30:d3:ed:cf:c2:79:ab:c0:6d:e6:39:18:27:6e:05:ec:77:bc:
         a4:37:36:2f:11:5e:fb:af:92:eb:5a:8f:19:b8:7a:58:de:49:
         d2:ae:dd:5f:eb:e4:36:c4:86:90:00:7b:c4:d6:e5:f6:cc:ac:
         89:40:ed:93:5f:13:d8:88:92:8e:80:02:9f:82:cf:34:69:26:
         f4:2c:64:c7:41:13:48:c8:d5:30:1a:e5:53:0b:67:ef:3b:46:
         57:f9:cc:e7:f7:d0:29:57:f1:b9:77:9d:ad:32:68:e3:99:9f:
         06:34:cf:47:6f:a5:d2:c1:ca:f5:29:ea:d7:d2:56:0f:b5:b9:
         79:5b:82:2b
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUWajjGTB+GalYzwK3KZm1xXu0+88wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMjEwMDIzMDQ5WhcNMjYwMzEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AxMzQ5MDY2YmY2Yzg2M2NhOTcyZTFiMTk0NTA0ZmQ4Yjcz
MTJhNjA5ZTg4MDY0OTkyODE2YWJjY2IwYWVkN2IzMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC6ilnv/gv7/0YVh66KDfYfms6GbCp0gD+jiJLXJk5JjAUG
BcCGJfjkpj6i6KjqCfn2AEfD93BQjHScH6VDjpUr3yuvQ7yuh1Q9IITeTK+6LzPS
DUUXufp8SDZwBtsKJzM/YdadLMxiPasOI7UnQ+g3esALFew5vPYycxnoX9cY/+PN
804N3FfK+2hfq3Ap4PCUeRekZlCztYbqLBdlTCb+TtJg41kAN/7DWyxste8E3o5n
YAxFtpR0ITxRIm3u3g42rwmhqaMC0gvj8A6OWtu+rm9iKFgS/Q9f1Q9fMFqCygT/
LeB+ADRba7J2csdauWDCURKQQOCbRhEilHV4EPCHAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU6WbFYIi80hSrzI+9mr+uOYV6zXAwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2UxZjBhODE2LTEzNjQtNDkxNy04ODhhLTY3NWI0Y2NjYzc1MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCqOjANBgkqhkiG9w0BAQsFAAOCAQEAYZjgNFTrnwmyY4FJ3mY/2vV+a1g2
t7s9i7oGP8ksLb18BGg5S3NZ7dm/hhsFKmp2bk3tNfySTn9P0PtdQ7LX/Nf5FGg7
oI23oCFTpHkfnPmN3BpL9xGL9VIQT/wcwc4n8QmaTdb7e0g55MIrpVWcIxfHERoc
MKeKosIlp/c/MNPtz8J5q8Bt5jkYJ24F7He8pDc2LxFe+6+S61qPGbh6WN5J0q7d
X+vkNsSGkAB7xNbl9sysiUDtk18T2IiSjoACn4LPNGkm9Cxkx0ETSMjVMBrlUwtn
7ztGV/nM5/fQKVfxuXedrTJo45mfBjTPR2+l0sHK9Snq19JWD7W5eVuCKw==
-----END CERTIFICATE-----