This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/30f2ed42-fbcb-4e1d-bc2a-368829912bae.roa
File:                     30f2ed42-fbcb-4e1d-bc2a-368829912bae.roa (raw, json)
Hash identifier:          3Hv3jdcfBu2M0iQ7WIR7qt6KHpinH00iy4y7V/525+U=
Subject key identifier:   D2:20:3F:C3:67:5A:70:AD:31:AC:9F:FD:A9:E6:2E:94:77:4F:E0:B6
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       089EB640B5A1C2F4E374732545F37B7BE1852B6A
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/30f2ed42-fbcb-4e1d-bc2a-368829912bae.roa
Signing time:             Wed 10 Dec 2025 00:50:08 +0000
ROA not before:           Wed 10 Dec 2025 00:50:08 +0000
ROA not after:            Tue 10 Mar 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        3.170.0.0/17 maxlen: 17
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 22 Dec 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:9e:b6:40:b5:a1:c2:f4:e3:74:73:25:45:f3:7b:7b:e1:85:2b:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Dec 10 00:50:08 2025 GMT
            Not After : Mar 10 23:59:59 2026 GMT
        Subject: serialNumber=775dcff0f7365b93bba6fcb1d04de2d6665473909948a444c9f94b09fa001940, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:1a:8d:33:91:c1:b6:6f:6a:71:8d:2f:32:58:
                    0b:2f:b1:d1:87:b8:e2:c2:6e:f1:13:69:fc:73:91:
                    e1:8e:be:f0:96:3c:dd:e8:77:ad:13:9c:89:54:e4:
                    fa:a9:99:ba:e2:02:ee:6b:50:ac:7a:70:b8:1c:0e:
                    24:91:9d:77:c7:d3:6a:e8:11:81:b1:64:4f:1e:cd:
                    11:14:fa:3f:ca:b1:51:17:4b:78:e2:dc:e7:08:e2:
                    f6:0a:43:51:cb:c1:59:bd:f8:da:b3:9b:60:00:35:
                    8e:f0:f0:c1:95:80:df:26:01:ae:6c:f7:6b:67:97:
                    62:9f:fb:ae:3e:bc:aa:1a:2f:5d:58:09:f7:b8:f0:
                    61:3f:75:3b:b0:ed:26:b5:a9:74:34:97:8e:ed:d6:
                    f1:aa:95:5e:43:65:07:8d:f9:ed:75:5b:45:93:dd:
                    69:03:fb:3c:69:ad:14:a9:70:d7:f4:6c:68:07:e8:
                    09:80:62:ff:f1:80:f2:e4:cc:6f:8e:67:ae:cc:df:
                    8a:15:bf:e0:46:d9:1b:0c:c5:8a:b1:99:36:66:fd:
                    a5:5c:39:f7:96:07:d9:0c:dd:7b:00:8e:af:12:29:
                    7d:4b:90:47:3a:db:c1:72:a0:1a:2d:fc:f0:43:c7:
                    0f:b5:b3:4a:4a:47:bb:03:cd:eb:a4:3c:9c:c3:fa:
                    21:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:20:3F:C3:67:5A:70:AD:31:AC:9F:FD:A9:E6:2E:94:77:4F:E0:B6
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/30f2ed42-fbcb-4e1d-bc2a-368829912bae.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.170.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         5c:3f:55:a6:dc:99:c8:b8:d7:9a:8f:4d:81:55:e0:60:74:95:
         67:a1:68:ac:29:35:1f:3f:84:f6:f2:1a:ed:87:ee:ce:80:cd:
         65:d0:c3:0d:40:c5:0d:41:11:25:c3:82:d3:77:b7:a0:6b:d8:
         5f:9a:ba:07:a1:e5:c4:62:80:23:f4:d0:68:b7:9b:94:10:a3:
         f0:e8:6c:63:5f:87:d7:39:48:4c:c5:34:c1:cb:79:75:a3:16:
         f5:6b:d8:e6:7f:37:63:b0:4b:4f:6c:3c:35:50:f8:33:50:db:
         db:0f:48:c0:01:12:ef:28:9d:e5:2d:76:d3:e9:bb:0a:19:c6:
         a1:f5:f7:e6:45:94:4a:c1:b7:d2:1a:46:f7:93:a5:22:4c:3a:
         7d:4e:ef:5e:eb:76:89:ad:1c:b9:ab:ff:b7:6b:b8:67:90:c5:
         11:ac:06:0e:2b:5f:d9:42:3e:cd:fd:b6:cf:1d:22:27:ed:2c:
         1f:3b:12:bd:52:56:19:20:56:ca:52:f6:3d:02:c7:7d:b9:98:
         92:96:2b:2e:ee:f1:3b:e4:47:b9:6b:9f:88:3e:78:dd:86:bb:
         5b:a6:b7:59:7d:8f:f7:93:9d:8c:35:e6:b9:e6:50:ff:4c:c4:
         55:46:e3:29:1e:e5:fc:13:9b:49:e7:bc:6e:8c:e3:b1:77:58:
         0f:fc:8c:f3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCJ62QLWhwvTjdHMlRfN7e+GFK2owDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMjEwMDA1MDA4WhcNMjYwMzEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A3NzVkY2ZmMGY3MzY1YjkzYmJhNmZjYjFkMDRkZTJkNjY2
NTQ3MzkwOTk0OGE0NDRjOWY5NGIwOWZhMDAxOTQwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvGo0zkcG2b2pxjS8yWAsvsdGHuOLCbvETafxzkeGOvvCW
PN3od60TnIlU5PqpmbriAu5rUKx6cLgcDiSRnXfH02roEYGxZE8ezREU+j/KsVEX
S3ji3OcI4vYKQ1HLwVm9+Nqzm2AANY7w8MGVgN8mAa5s92tnl2Kf+64+vKoaL11Y
Cfe48GE/dTuw7Sa1qXQ0l47t1vGqlV5DZQeN+e11W0WT3WkD+zxprRSpcNf0bGgH
6AmAYv/xgPLkzG+OZ67M34oVv+BG2RsMxYqxmTZm/aVcOfeWB9kM3XsAjq8SKX1L
kEc628FyoBot/PBDxw+1s0pKR7sDzeukPJzD+iFJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU0iA/w2dacK0xrJ/9qeYulHdP4LYwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzMwZjJlZDQyLWZiY2ItNGUxZC1iYzJhLTM2ODgyOTkxMmJhZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAcDqgAwDQYJKoZIhvcNAQELBQADggEBAFw/Vabcmci415qPTYFV4GB0lWeh
aKwpNR8/hPbyGu2H7s6AzWXQww1AxQ1BESXDgtN3t6Br2F+augeh5cRigCP00Gi3
m5QQo/DobGNfh9c5SEzFNMHLeXWjFvVr2OZ/N2OwS09sPDVQ+DNQ29sPSMABEu8o
neUtdtPpuwoZxqH19+ZFlErBt9IaRveTpSJMOn1O717rdomtHLmr/7druGeQxRGs
Bg4rX9lCPs39ts8dIiftLB87Er1SVhkgVspS9j0Cx325mJKWKy7u8TvkR7lrn4g+
eN2Gu1umt1l9j/eTnYw15rnmUP9MxFVG4yke5fwTm0nnvG6M47F3WA/8jPM=
-----END CERTIFICATE-----