This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ceacf551-02ee-4f40-8abd-053509a65c13.roa
File:                     ceacf551-02ee-4f40-8abd-053509a65c13.roa (raw, json)
Hash identifier:          LB+XK1BB0qzh9h1vQDd0/2j/wgFXdIHDDinPpyW30po=
Subject key identifier:   61:E3:92:B7:EB:DF:A8:02:C5:FD:C1:3A:41:49:A8:94:37:EF:0B:63
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       308F5758FA6B5751D6262049F32A64EBFEB17C8B
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ceacf551-02ee-4f40-8abd-053509a65c13.roa
Signing time:             Wed 10 Dec 2025 05:10:12 +0000
ROA not before:           Wed 10 Dec 2025 05:10:12 +0000
ROA not after:            Tue 10 Mar 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0fb:ea00::/42 maxlen: 42
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 21 Dec 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:8f:57:58:fa:6b:57:51:d6:26:20:49:f3:2a:64:eb:fe:b1:7c:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Dec 10 05:10:12 2025 GMT
            Not After : Mar 10 23:59:59 2026 GMT
        Subject: serialNumber=7b16c4f1b77cc3e7b5485cc03482a42d03c9ef418f0fb601e3a9f10eeb59bb72, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:e6:e3:f3:58:88:e2:c2:ed:44:f1:cb:4c:57:
                    72:78:fc:38:08:9c:e2:84:d3:c3:20:8f:3a:8d:08:
                    ba:68:99:da:60:d1:ef:6f:44:42:00:2f:f3:b3:f6:
                    f3:3d:bb:1c:b1:8d:2d:9d:87:96:a5:33:3a:98:d8:
                    a2:7a:33:cc:e2:64:d0:53:2e:06:de:ea:8e:4a:a9:
                    6b:3a:76:b5:f5:68:32:73:ea:75:48:fa:40:d9:16:
                    1e:32:bf:39:49:d3:eb:ca:72:77:55:ca:00:e8:26:
                    b2:3f:00:da:bb:a4:dd:4a:45:fb:02:39:67:61:ce:
                    a3:be:dc:18:7f:9d:18:16:5f:29:7c:98:83:b6:62:
                    32:f9:37:5b:d1:c5:4e:8b:4d:48:81:52:fb:f0:0f:
                    5f:70:42:1a:1c:13:89:bd:bd:da:ee:21:5d:01:9b:
                    98:19:d5:8c:3e:5b:fd:f6:67:a0:2a:2e:18:c8:5b:
                    48:91:86:02:18:40:40:60:f0:5c:a6:28:cc:8e:2c:
                    77:7f:f3:75:76:91:44:32:89:b0:9c:cc:7c:e5:08:
                    77:96:88:94:b6:88:99:77:21:98:12:56:27:58:f1:
                    e4:65:7e:80:68:04:4d:82:32:a8:5c:95:ea:14:23:
                    de:d9:66:56:e5:27:ab:24:1e:37:49:53:45:f6:73:
                    09:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:E3:92:B7:EB:DF:A8:02:C5:FD:C1:3A:41:49:A8:94:37:EF:0B:63
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ceacf551-02ee-4f40-8abd-053509a65c13.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:ea00::/42

    Signature Algorithm: sha256WithRSAEncryption
         3f:56:7f:ca:af:ce:09:24:56:a4:f7:9d:df:11:0e:31:60:ad:
         0c:a2:f4:82:8d:ce:d9:f5:13:56:29:3b:39:c3:90:d5:9f:be:
         e7:65:b8:2e:59:cd:eb:3e:96:24:28:69:a4:12:57:d8:a6:b7:
         ac:54:9b:26:b5:2d:02:cd:e7:53:31:ca:bd:2e:10:f2:eb:ba:
         eb:a6:6c:bb:a2:6f:be:c3:91:28:de:a8:d0:d9:de:8f:ba:0f:
         8f:f4:9d:7d:ca:c4:ee:95:ae:fb:50:13:95:05:ad:73:ce:af:
         b5:fe:e7:75:42:c2:80:1d:ea:74:43:70:19:db:0c:9c:d5:2b:
         8f:19:f1:7c:66:3a:6f:2e:fb:5f:96:39:f9:88:ce:53:7f:5f:
         62:23:fd:b5:0d:e2:f1:8a:95:9e:8b:16:77:e0:a0:67:dc:b3:
         3d:a5:44:7f:bd:4d:11:b8:71:4c:c5:f4:b2:68:9b:08:a6:c3:
         b4:b6:f0:a3:a4:6f:4b:e6:d9:eb:81:9d:4e:3c:f9:9e:bf:52:
         40:10:2f:bb:f6:eb:99:6a:20:7f:e0:6e:05:b3:7e:46:4c:72:
         41:26:e5:40:aa:d1:9a:3d:db:50:80:59:dd:1e:b4:94:ae:f6:
         66:7b:2e:49:a4:95:b2:70:b0:5a:31:47:b0:ee:fd:2b:07:7d:
         39:d0:62:83
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUMI9XWPprV1HWJiBJ8ypk6/6xfIswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMjEwMDUxMDEyWhcNMjYwMzEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A3YjE2YzRmMWI3N2NjM2U3YjU0ODVjYzAzNDgyYTQyZDAz
YzllZjQxOGYwZmI2MDFlM2E5ZjEwZWViNTliYjcyMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC35uPzWIjiwu1E8ctMV3J4/DgInOKE08MgjzqNCLpomdpg
0e9vREIAL/Oz9vM9uxyxjS2dh5alMzqY2KJ6M8ziZNBTLgbe6o5KqWs6drX1aDJz
6nVI+kDZFh4yvzlJ0+vKcndVygDoJrI/ANq7pN1KRfsCOWdhzqO+3Bh/nRgWXyl8
mIO2YjL5N1vRxU6LTUiBUvvwD19wQhocE4m9vdruIV0Bm5gZ1Yw+W/32Z6AqLhjI
W0iRhgIYQEBg8FymKMyOLHd/83V2kUQyibCczHzlCHeWiJS2iJl3IZgSVidY8eRl
foBoBE2CMqhcleoUI97ZZlblJ6skHjdJU0X2cwkPAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUYeOSt+vfqALF/cE6QUmolDfvC2MwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2NlYWNmNTUxLTAyZWUtNGY0MC04YWJkLTA1MzUwOWE2NWMxMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwYmAPD76gAwDQYJKoZIhvcNAQELBQADggEBAD9Wf8qvzgkkVqT3nd8RDjFg
rQyi9IKNztn1E1YpOznDkNWfvudluC5Zzes+liQoaaQSV9imt6xUmya1LQLN51Mx
yr0uEPLruuumbLuib77DkSjeqNDZ3o+6D4/0nX3KxO6VrvtQE5UFrXPOr7X+53VC
woAd6nRDcBnbDJzVK48Z8XxmOm8u+1+WOfmIzlN/X2Ij/bUN4vGKlZ6LFnfgoGfc
sz2lRH+9TRG4cUzF9LJomwimw7S28KOkb0vm2euBnU48+Z6/UkAQL7v265lqIH/g
bgWzfkZMckEm5UCq0Zo921CAWd0etJSu9mZ7LkmklbJwsFoxR7Du/SsHfTnQYoM=
-----END CERTIFICATE-----