This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/34472a59-2e2d-4c47-9f12-7f181a908493.roa
File:                     34472a59-2e2d-4c47-9f12-7f181a908493.roa (raw, json)
Hash identifier:          j6aGssIvaqDA+G2XtUIAJ3g8DCTneSO45B325fNAePs=
Subject key identifier:   3D:86:C0:80:41:84:B2:9E:6F:AC:DB:37:06:0E:4E:72:93:9B:12:A9
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       64A349485B6ED8AEF3B4961F28CD24A1D7818CBD
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/34472a59-2e2d-4c47-9f12-7f181a908493.roa
Signing time:             Wed 10 Dec 2025 03:01:23 +0000
ROA not before:           Wed 10 Dec 2025 03:01:23 +0000
ROA not after:            Tue 10 Mar 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        3.174.0.0/15 maxlen: 15
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 22 Dec 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            64:a3:49:48:5b:6e:d8:ae:f3:b4:96:1f:28:cd:24:a1:d7:81:8c:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Dec 10 03:01:23 2025 GMT
            Not After : Mar 10 23:59:59 2026 GMT
        Subject: serialNumber=d5814d8410aa003abc389b1a4068fa147bcad218f171f47ababd7669d9674563, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:d7:54:0e:c8:94:e3:66:b4:88:3b:21:0f:55:
                    fa:32:b6:3b:8d:36:c6:36:82:ef:a1:78:bd:b5:5a:
                    58:2a:5c:44:d7:fb:f7:99:be:7b:47:d4:42:ee:aa:
                    16:14:8d:e2:b6:25:6f:84:d6:63:6b:66:ab:9c:6c:
                    f0:1c:b8:7a:3d:4b:68:96:77:6b:b6:99:2e:20:f6:
                    82:0e:0d:fd:9a:0e:5e:b7:c1:e9:cf:22:e1:a8:f9:
                    73:c2:eb:c9:24:0d:58:7d:2f:d3:3e:6d:b9:2e:e6:
                    35:38:ee:0e:d5:71:3d:92:13:8d:ac:8b:27:c0:4d:
                    c9:b1:d6:db:07:cd:84:c3:5f:c6:ff:26:db:2f:fe:
                    b5:aa:4f:22:c1:48:be:92:f2:86:8d:94:06:9f:f1:
                    4e:4e:90:01:df:7e:45:ca:e4:5b:b5:71:2a:43:41:
                    39:46:f8:a7:30:20:7d:f2:6f:45:e9:dc:19:fa:01:
                    17:f4:64:a1:d0:dc:2d:82:2a:c9:a7:a1:94:ff:fc:
                    52:b0:8f:2f:61:f0:d9:24:fe:84:80:2c:11:83:35:
                    f9:5e:89:11:1d:13:85:b0:a5:53:b6:d2:ac:eb:c1:
                    0e:af:c3:23:7b:35:b5:50:e4:aa:4e:27:65:4e:ac:
                    7b:5f:4a:75:d8:39:67:ef:a2:18:ea:cd:b7:a6:bf:
                    50:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:86:C0:80:41:84:B2:9E:6F:AC:DB:37:06:0E:4E:72:93:9B:12:A9
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/34472a59-2e2d-4c47-9f12-7f181a908493.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.174.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         aa:54:e4:b9:fc:b2:4c:ed:f2:e3:42:1f:3b:e1:69:bd:a9:8e:
         65:9c:79:9a:a0:aa:cd:6a:55:f9:a7:8c:51:a5:b1:87:7d:5d:
         b6:bd:f1:09:c0:52:e1:a6:69:0a:95:07:8a:84:e7:3b:85:87:
         48:e8:af:07:28:8b:6a:11:e1:b9:f9:52:95:30:44:0a:2a:4b:
         22:71:e6:df:20:f4:b6:87:50:38:3b:d7:3f:d1:43:c2:b6:1f:
         c2:8a:44:cc:27:a0:f7:02:fb:3a:68:50:17:85:71:74:be:78:
         08:bd:1f:51:d9:f2:f1:57:40:14:05:18:98:64:97:8e:37:5c:
         50:4c:57:55:62:73:9a:6c:72:af:67:5b:d2:cb:3d:77:b5:75:
         6e:97:7c:dd:72:77:cd:64:d2:d4:24:06:47:2e:c4:36:d8:84:
         5a:b2:d7:36:90:49:9d:92:de:4f:02:7f:6b:34:2c:ce:ff:69:
         df:09:1f:52:db:87:ce:8c:d5:9f:be:ea:7b:e3:4a:54:11:7d:
         01:b9:60:ec:0d:da:67:16:d9:ac:8a:2c:e2:ad:69:8b:27:a4:
         4a:7d:01:86:f3:98:1f:13:5a:c6:55:0a:cb:18:09:29:82:00:
         2d:42:3c:02:14:9f:0d:57:3d:cc:fe:6e:a1:a4:1f:f5:7f:4d:
         17:b8:44:84
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUZKNJSFtu2K7ztJYfKM0kodeBjL0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMjEwMDMwMTIzWhcNMjYwMzEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BkNTgxNGQ4NDEwYWEwMDNhYmMzODliMWE0MDY4ZmExNDdi
Y2FkMjE4ZjE3MWY0N2FiYWJkNzY2OWQ5Njc0NTYzMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC811QOyJTjZrSIOyEPVfoytjuNNsY2gu+heL21WlgqXETX
+/eZvntH1ELuqhYUjeK2JW+E1mNrZqucbPAcuHo9S2iWd2u2mS4g9oIODf2aDl63
wenPIuGo+XPC68kkDVh9L9M+bbku5jU47g7VcT2SE42siyfATcmx1tsHzYTDX8b/
Jtsv/rWqTyLBSL6S8oaNlAaf8U5OkAHffkXK5Fu1cSpDQTlG+KcwIH3yb0Xp3Bn6
ARf0ZKHQ3C2CKsmnoZT//FKwjy9h8Nkk/oSALBGDNfleiREdE4WwpVO20qzrwQ6v
wyN7NbVQ5KpOJ2VOrHtfSnXYOWfvohjqzbemv1CRAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUPYbAgEGEsp5vrNs3Bg5OcpObEqkwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzM0NDcyYTU5LTJlMmQtNGM0Ny05ZjEyLTdmMTgxYTkwODQ5My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEDrjANBgkqhkiG9w0BAQsFAAOCAQEAqlTkufyyTO3y40IfO+FpvamOZZx5
mqCqzWpV+aeMUaWxh31dtr3xCcBS4aZpCpUHioTnO4WHSOivByiLahHhuflSlTBE
CipLInHm3yD0todQODvXP9FDwrYfwopEzCeg9wL7OmhQF4VxdL54CL0fUdny8VdA
FAUYmGSXjjdcUExXVWJzmmxyr2db0ss9d7V1bpd83XJ3zWTS1CQGRy7ENtiEWrLX
NpBJnZLeTwJ/azQszv9p3wkfUtuHzozVn77qe+NKVBF9Ablg7A3aZxbZrIos4q1p
iyekSn0BhvOYHxNaxlUKyxgJKYIALUI8AhSfDVc9zP5uoaQf9X9NF7hEhA==
-----END CERTIFICATE-----