This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/24380034-e10c-4d59-ac88-4ced5057129c.roa
File:                     24380034-e10c-4d59-ac88-4ced5057129c.roa (raw, json)
Hash identifier:          1ciOx3wg+8o/56gMNfJgKbsElddvsM+ttgJeoCojl+0=
Subject key identifier:   CB:62:92:AF:FB:B7:29:BE:0D:1E:C7:FE:D8:58:BB:9B:27:6F:17:32
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       06329EF5CE7080AFEE97F52AED8E4934FAE75A87
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/24380034-e10c-4d59-ac88-4ced5057129c.roa
Signing time:             Wed 10 Dec 2025 01:50:50 +0000
ROA not before:           Wed 10 Dec 2025 01:50:50 +0000
ROA not after:            Tue 10 Mar 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        15.248.123.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 22 Dec 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:32:9e:f5:ce:70:80:af:ee:97:f5:2a:ed:8e:49:34:fa:e7:5a:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Dec 10 01:50:50 2025 GMT
            Not After : Mar 10 23:59:59 2026 GMT
        Subject: serialNumber=88e15ec4004e9c7911dbdcf107d294430c8f540ffc96b2e30653617b92a2ba0c, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:4d:f6:01:46:67:c7:bb:4f:99:c5:45:11:5f:
                    d6:4e:45:46:fc:3e:76:15:2e:8a:6c:aa:a3:83:a0:
                    4b:7e:cd:75:ba:61:84:7c:36:fe:e5:d1:67:29:f2:
                    f8:a3:44:ff:22:3d:1a:e3:41:44:3d:6b:39:7f:7a:
                    8d:0c:63:c3:50:23:30:67:5a:ec:53:7c:4c:49:a1:
                    f5:df:6d:a7:93:da:c7:3b:97:78:f3:5c:37:5f:d5:
                    c5:80:08:91:a5:b8:79:b4:65:84:7a:e4:09:9b:00:
                    f7:a8:55:92:4b:7e:dc:62:bb:05:7e:10:44:c8:ef:
                    32:23:ed:67:a7:88:92:bd:c8:76:5e:54:36:dd:68:
                    32:a4:76:d8:95:48:d3:73:da:5e:88:47:2f:6e:af:
                    ea:d7:0c:11:4e:66:e6:31:e2:83:82:37:39:1a:b5:
                    7e:22:80:a2:42:4a:51:25:ce:e4:74:5f:03:fc:8b:
                    ca:fd:65:cf:23:61:61:9b:d0:f7:6d:43:03:44:ec:
                    88:93:82:22:f9:d2:b6:c1:ac:85:b0:48:a7:69:9d:
                    9b:31:d0:26:cd:88:fc:8f:2c:07:ae:39:07:97:4b:
                    e0:6f:a3:fb:1e:03:96:c4:52:ce:22:72:e4:ad:01:
                    e3:c8:73:d5:20:17:6e:c2:94:44:3f:2e:aa:49:b0:
                    47:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:62:92:AF:FB:B7:29:BE:0D:1E:C7:FE:D8:58:BB:9B:27:6F:17:32
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/24380034-e10c-4d59-ac88-4ced5057129c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.248.123.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:8b:1a:95:24:91:3d:a9:43:bf:d4:6d:78:fa:a6:04:ab:58:
         0f:c5:87:4e:0f:29:10:93:37:c9:5b:ca:77:56:9c:5b:42:82:
         2c:ef:da:f1:12:a8:ea:29:e3:12:4b:c1:c4:0c:bf:b4:09:09:
         eb:fd:89:57:db:50:1c:a3:0d:f4:a1:7a:9b:f8:31:40:84:a1:
         ad:4d:96:40:ec:d7:3c:a4:1f:08:cc:e0:29:f6:df:a1:e7:fa:
         91:6c:e5:3f:49:d1:e5:95:d3:c1:88:c9:a9:a6:04:17:cd:e3:
         49:33:79:2f:b1:50:02:d6:e9:36:fe:59:f4:b6:a8:70:ff:dd:
         88:8f:94:40:9b:31:5c:fe:4d:91:e4:10:4d:66:31:f2:a8:5a:
         cc:ff:81:45:cb:04:58:3a:46:c9:0e:f9:e3:fb:da:5d:8d:05:
         9b:55:79:8a:b9:a1:95:33:49:d9:d0:aa:bd:ed:8f:3d:ea:72:
         fc:9e:59:74:d8:e2:a0:28:fe:6d:d3:fc:9a:85:36:fb:81:20:
         c1:3e:3b:9e:4e:44:07:76:5b:51:a6:9c:81:16:df:86:41:0a:
         fb:31:5b:97:e4:10:d4:03:9c:7f:20:9a:cf:61:ed:96:c5:f6:
         ad:c0:8c:00:0c:32:f6:84:c4:48:47:ef:8c:1c:39:a5:30:58:
         50:72:7f:cb
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBjKe9c5wgK/ul/Uq7Y5JNPrnWocwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMjEwMDE1MDUwWhcNMjYwMzEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A4OGUxNWVjNDAwNGU5Yzc5MTFkYmRjZjEwN2QyOTQ0MzBj
OGY1NDBmZmM5NmIyZTMwNjUzNjE3YjkyYTJiYTBjMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDOTfYBRmfHu0+ZxUURX9ZORUb8PnYVLopsqqODoEt+zXW6
YYR8Nv7l0Wcp8vijRP8iPRrjQUQ9azl/eo0MY8NQIzBnWuxTfExJofXfbaeT2sc7
l3jzXDdf1cWACJGluHm0ZYR65AmbAPeoVZJLftxiuwV+EETI7zIj7WeniJK9yHZe
VDbdaDKkdtiVSNNz2l6IRy9ur+rXDBFOZuYx4oOCNzkatX4igKJCSlElzuR0XwP8
i8r9Zc8jYWGb0PdtQwNE7IiTgiL50rbBrIWwSKdpnZsx0CbNiPyPLAeuOQeXS+Bv
o/seA5bEUs4icuStAePIc9UgF27ClEQ/LqpJsEflAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUy2KSr/u3Kb4NHsf+2Fi7mydvFzIwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzI0MzgwMDM0LWUxMGMtNGQ1OS1hYzg4LTRjZWQ1MDU3MTI5Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAP+HswDQYJKoZIhvcNAQELBQADggEBAA6LGpUkkT2pQ7/UbXj6pgSrWA/F
h04PKRCTN8lbyndWnFtCgizv2vESqOop4xJLwcQMv7QJCev9iVfbUByjDfShepv4
MUCEoa1NlkDs1zykHwjM4Cn236Hn+pFs5T9J0eWV08GIyammBBfN40kzeS+xUALW
6Tb+WfS2qHD/3YiPlECbMVz+TZHkEE1mMfKoWsz/gUXLBFg6RskO+eP72l2NBZtV
eYq5oZUzSdnQqr3tjz3qcvyeWXTY4qAo/m3T/JqFNvuBIME+O55ORAd2W1GmnIEW
34ZBCvsxW5fkENQDnH8gms9h7ZbF9q3AjAAMMvaExEhH74wcOaUwWFByf8s=
-----END CERTIFICATE-----