This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2eededf7-f3f8-4d80-8d73-d02124acd34f.roa
File:                     2eededf7-f3f8-4d80-8d73-d02124acd34f.roa (raw, json)
Hash identifier:          g+hBUOIQdt9gW5QERlqQ328rynVv/oazl4wdcYwB+98=
Subject key identifier:   BA:C7:01:22:84:95:50:B5:13:DB:45:9F:B7:C0:20:C5:04:A8:23:47
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       7BD54DC77BAACC17EB448F13E4A96E5526F11591
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2eededf7-f3f8-4d80-8d73-d02124acd34f.roa
Signing time:             Wed 10 Dec 2025 02:10:44 +0000
ROA not before:           Wed 10 Dec 2025 02:10:44 +0000
ROA not after:            Tue 10 Mar 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.79.0.0/17 maxlen: 17
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 22 Dec 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:d5:4d:c7:7b:aa:cc:17:eb:44:8f:13:e4:a9:6e:55:26:f1:15:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Dec 10 02:10:44 2025 GMT
            Not After : Mar 10 23:59:59 2026 GMT
        Subject: serialNumber=3b0dd23ece8c826a258ac023e21be24b48931f46d7f3e7f9b28338b3d85dd555, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:a4:4a:db:96:1d:a2:27:8e:18:be:49:f0:2b:
                    38:f5:e7:a5:fb:69:eb:e0:f1:75:2c:58:a2:10:43:
                    29:20:65:9b:1b:6e:45:f0:be:7f:e5:dd:80:92:b8:
                    32:27:13:da:bc:67:83:1e:5b:dd:b6:b1:28:77:1f:
                    bd:7e:f9:f5:cb:52:dd:cd:d8:e8:61:51:d5:d9:be:
                    c1:d6:d6:ad:e4:02:6b:13:dc:d2:e9:b6:7c:e9:a7:
                    b0:c2:4b:e6:50:47:00:fe:93:b3:71:94:26:ba:c4:
                    ee:15:7d:36:70:84:02:6f:14:30:b2:76:dd:0e:2a:
                    19:4e:e4:c7:f2:9d:8e:c9:d3:2a:0c:25:03:e3:46:
                    1b:58:01:6e:68:c6:51:a5:b8:f8:56:ab:88:2b:c7:
                    b4:da:fc:f8:3e:73:d8:0e:8c:08:01:7b:d4:97:31:
                    75:33:39:08:a4:af:3f:9c:51:6a:10:73:69:a8:76:
                    db:8a:d2:53:69:29:f2:ab:d3:66:0c:a3:9e:c5:ea:
                    12:d8:3e:95:4b:97:9e:ec:e0:7f:84:48:a6:39:8b:
                    8e:a7:c1:74:04:55:54:e0:1b:45:42:55:53:7b:1e:
                    d1:b6:b7:d9:d0:02:b4:1f:ea:22:5a:94:db:54:b1:
                    d6:76:21:c7:39:60:a5:ab:f9:b4:2a:f6:2b:17:b0:
                    eb:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:C7:01:22:84:95:50:B5:13:DB:45:9F:B7:C0:20:C5:04:A8:23:47
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2eededf7-f3f8-4d80-8d73-d02124acd34f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.79.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         74:62:96:8d:24:f4:23:a1:b6:33:fc:3b:d2:ec:71:ae:8c:5a:
         19:b2:a6:95:da:0c:d3:2d:3b:da:fa:2e:9a:09:d3:58:f7:9e:
         98:1d:0c:72:ce:a2:37:da:a7:f8:28:57:e0:88:9f:d4:71:0e:
         cf:2b:66:77:77:5d:f1:7e:3f:fd:37:62:52:23:c9:8c:a2:95:
         c5:22:73:15:6e:f9:3f:02:ab:73:fd:3f:da:a6:05:e4:85:9d:
         7d:85:bb:91:7d:f3:2c:c1:8f:48:07:98:bb:28:0d:58:83:fc:
         45:6a:7b:b7:c5:ee:e2:89:dc:0b:0c:a3:62:e4:51:56:77:23:
         5d:90:c0:53:13:4d:78:97:9b:85:6e:30:ef:58:76:a9:c8:ee:
         be:fe:50:7c:ff:6f:77:32:01:f2:85:2b:6b:41:37:ef:ff:44:
         64:eb:2e:44:b2:0e:71:42:dc:3e:a0:85:77:15:6f:5e:d9:a9:
         a1:97:4c:02:02:ef:dd:88:c9:0c:11:e5:09:e6:4d:38:38:5b:
         82:4f:10:9b:3f:98:6f:6a:84:89:57:47:60:df:50:1c:40:1c:
         55:fd:c6:1b:a6:27:9a:38:34:a1:a6:b8:09:26:e8:2b:82:ec:
         91:82:52:05:bc:8f:56:af:ec:fd:97:2b:48:dc:55:3e:4f:a2:
         be:68:f6:88
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUe9VNx3uqzBfrRI8T5KluVSbxFZEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMjEwMDIxMDQ0WhcNMjYwMzEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AzYjBkZDIzZWNlOGM4MjZhMjU4YWMwMjNlMjFiZTI0YjQ4
OTMxZjQ2ZDdmM2U3ZjliMjgzMzhiM2Q4NWRkNTU1MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDLpErblh2iJ44YvknwKzj156X7aevg8XUsWKIQQykgZZsb
bkXwvn/l3YCSuDInE9q8Z4MeW922sSh3H71++fXLUt3N2OhhUdXZvsHW1q3kAmsT
3NLptnzpp7DCS+ZQRwD+k7NxlCa6xO4VfTZwhAJvFDCydt0OKhlO5MfynY7J0yoM
JQPjRhtYAW5oxlGluPhWq4grx7Ta/Pg+c9gOjAgBe9SXMXUzOQikrz+cUWoQc2mo
dtuK0lNpKfKr02YMo57F6hLYPpVLl57s4H+ESKY5i46nwXQEVVTgG0VCVVN7HtG2
t9nQArQf6iJalNtUsdZ2Icc5YKWr+bQq9isXsOthAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUuscBIoSVULUT20Wft8AgxQSoI0cwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzJlZWRlZGY3LWYzZjgtNGQ4MC04ZDczLWQwMjEyNGFjZDM0Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAc2TwAwDQYJKoZIhvcNAQELBQADggEBAHRilo0k9COhtjP8O9Lsca6MWhmy
ppXaDNMtO9r6LpoJ01j3npgdDHLOojfap/goV+CIn9RxDs8rZnd3XfF+P/03YlIj
yYyilcUicxVu+T8Cq3P9P9qmBeSFnX2Fu5F98yzBj0gHmLsoDViD/EVqe7fF7uKJ
3AsMo2LkUVZ3I12QwFMTTXiXm4VuMO9YdqnI7r7+UHz/b3cyAfKFK2tBN+//RGTr
LkSyDnFC3D6ghXcVb17ZqaGXTAIC792IyQwR5QnmTTg4W4JPEJs/mG9qhIlXR2Df
UBxAHFX9xhumJ5o4NKGmuAkm6CuC7JGCUgW8j1av7P2XK0jcVT5Por5o9og=
-----END CERTIFICATE-----