This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/1ad26571-c674-4a73-b205-77cb32fe83bd.roa
File:                     1ad26571-c674-4a73-b205-77cb32fe83bd.roa (raw, json)
Hash identifier:          yfpzJTJAdD6XQhbKg9ryMby3ykt0Gv5yDy4kMQ6OHV4=
Subject key identifier:   2A:90:C2:87:10:13:05:BF:AE:5D:DE:F6:13:0A:00:16:2D:B0:CD:54
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       5B6335E04182BF57FE5752C1A205E15B69B7D0DC
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/1ad26571-c674-4a73-b205-77cb32fe83bd.roa
Signing time:             Wed 10 Dec 2025 05:10:46 +0000
ROA not before:           Wed 10 Dec 2025 05:10:46 +0000
ROA not after:            Tue 10 Mar 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:10::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 22 Dec 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:63:35:e0:41:82:bf:57:fe:57:52:c1:a2:05:e1:5b:69:b7:d0:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Dec 10 05:10:46 2025 GMT
            Not After : Mar 10 23:59:59 2026 GMT
        Subject: serialNumber=bae57a971aa2d084fdab8c26e8f56a295e9ce6142d8b771c1b65a4b53f1bd422, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:34:f2:ab:be:9a:34:51:ef:18:dc:8f:38:e6:
                    f7:53:70:6b:44:54:27:23:01:2b:5e:b2:bc:a8:4b:
                    3b:e2:fe:70:aa:4f:cb:32:06:51:9d:5b:f1:b9:4a:
                    2f:de:b9:ec:fe:a9:e5:cf:78:42:9e:16:6c:7f:aa:
                    71:bd:d4:bd:9d:3e:d1:8a:4b:f9:0d:cd:34:92:95:
                    05:c0:bd:24:bc:44:c0:60:c7:cd:14:4c:ae:f2:f9:
                    fa:ee:55:0c:9a:8d:a8:01:39:f9:7d:3a:90:51:d0:
                    90:0c:9b:ca:6b:33:af:a2:ef:c8:7b:d2:f2:d4:9e:
                    7b:c5:10:7e:1c:67:62:ad:5d:f2:47:7f:73:7c:19:
                    54:e5:c9:23:ba:db:3c:9b:31:99:3f:b4:1c:38:90:
                    2d:31:44:87:4d:38:86:a9:54:41:58:57:e1:5a:b8:
                    1f:1e:9f:7e:d5:52:d6:d5:a3:5c:c1:f4:61:1c:6e:
                    79:ab:88:6b:dd:b9:49:0d:10:f4:b3:3d:5a:40:0a:
                    e3:17:a8:e4:c2:16:ce:a0:11:bb:14:a3:c3:70:48:
                    a9:23:c2:ab:ed:e9:94:fd:16:78:00:8e:90:53:49:
                    23:34:23:14:a2:cd:c2:cb:e6:9f:df:4f:ed:d6:d1:
                    1d:b0:d4:33:53:1d:4d:be:d6:7b:33:cc:2e:06:ef:
                    58:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:90:C2:87:10:13:05:BF:AE:5D:DE:F6:13:0A:00:16:2D:B0:CD:54
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/1ad26571-c674-4a73-b205-77cb32fe83bd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:10::/48

    Signature Algorithm: sha256WithRSAEncryption
         55:75:34:bb:8a:01:8c:14:67:6c:77:09:0f:87:47:f1:42:46:
         16:e0:06:e6:e0:6b:05:0d:50:04:6c:33:8a:0e:ef:7f:34:0d:
         ac:b4:91:8a:00:89:77:a1:1a:0f:1f:a6:e7:09:da:73:5e:09:
         8c:29:f8:a4:04:2f:d7:d7:e5:8c:fd:1a:9d:6a:16:d9:0c:75:
         ec:86:e0:e4:78:52:32:03:2e:dd:9a:09:cb:af:40:62:21:be:
         78:a5:c5:e5:1d:de:f4:9e:e1:dd:a3:43:d5:ae:49:5f:f4:31:
         47:22:45:6a:b7:63:4e:be:88:72:c4:fc:53:8d:f6:15:17:82:
         c3:3e:70:86:65:97:ff:4a:a0:78:a8:0b:1f:f8:a6:ab:10:68:
         42:15:5f:5c:4f:28:47:a2:0a:d7:64:f0:3f:c7:b7:69:4c:99:
         6b:23:2c:9e:20:9a:6e:1b:8d:c4:14:d2:6c:9e:ca:bb:fc:f6:
         e7:81:b5:1a:ae:98:34:bd:8d:1f:20:7c:55:b8:ee:01:b0:71:
         44:56:74:7b:11:8b:39:6a:84:81:1c:81:ce:9f:4e:da:96:79:
         e2:7e:96:3f:e7:b6:76:47:92:81:bd:6f:9a:98:d9:bf:ed:32:
         9e:5d:6e:96:d4:40:bb:eb:6e:e8:74:cb:d4:7b:b3:fa:de:98:
         55:9d:76:b5
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUW2M14EGCv1f+V1LBogXhW2m30NwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMjEwMDUxMDQ2WhcNMjYwMzEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BiYWU1N2E5NzFhYTJkMDg0ZmRhYjhjMjZlOGY1NmEyOTVl
OWNlNjE0MmQ4Yjc3MWMxYjY1YTRiNTNmMWJkNDIyMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCVNPKrvpo0Ue8Y3I845vdTcGtEVCcjAStesryoSzvi/nCq
T8syBlGdW/G5Si/euez+qeXPeEKeFmx/qnG91L2dPtGKS/kNzTSSlQXAvSS8RMBg
x80UTK7y+fruVQyajagBOfl9OpBR0JAMm8prM6+i78h70vLUnnvFEH4cZ2KtXfJH
f3N8GVTlySO62zybMZk/tBw4kC0xRIdNOIapVEFYV+FauB8en37VUtbVo1zB9GEc
bnmriGvduUkNEPSzPVpACuMXqOTCFs6gEbsUo8NwSKkjwqvt6ZT9FngAjpBTSSM0
IxSizcLL5p/fT+3W0R2w1DNTHU2+1nszzC4G71gFAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUKpDChxATBb+uXd72EwoAFi2wzVQwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzFhZDI2NTcxLWM2NzQtNGE3My1iMjA1LTc3Y2IzMmZlODNiZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwABAwDQYJKoZIhvcNAQELBQADggEBAFV1NLuKAYwUZ2x3CQ+HR/FC
RhbgBubgawUNUARsM4oO7380Day0kYoAiXehGg8fpucJ2nNeCYwp+KQEL9fX5Yz9
Gp1qFtkMdeyG4OR4UjIDLt2aCcuvQGIhvnilxeUd3vSe4d2jQ9WuSV/0MUciRWq3
Y06+iHLE/FON9hUXgsM+cIZll/9KoHioCx/4pqsQaEIVX1xPKEeiCtdk8D/Ht2lM
mWsjLJ4gmm4bjcQU0myeyrv89ueBtRqumDS9jR8gfFW47gGwcURWdHsRizlqhIEc
gc6fTtqWeeJ+lj/ntnZHkoG9b5qY2b/tMp5dbpbUQLvrbuh0y9R7s/remFWddrU=
-----END CERTIFICATE-----