This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6cb052db-b2e8-4906-a585-69043cc771d2.roa
File:                     6cb052db-b2e8-4906-a585-69043cc771d2.roa (raw, json)
Hash identifier:          lxCzef79hC8zpa4WO3NELJro7G0LijOmGUyaLvM8RRk=
Subject key identifier:   B9:B2:CE:93:96:A7:7F:76:33:AF:A6:92:28:D4:0D:CF:43:A3:14:12
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       3199179371FCD48ED89B18C48AB091FA388BCC6D
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6cb052db-b2e8-4906-a585-69043cc771d2.roa
Signing time:             Wed 10 Dec 2025 03:20:08 +0000
ROA not before:           Wed 10 Dec 2025 03:20:08 +0000
ROA not after:            Tue 10 Mar 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        3.170.128.0/17 maxlen: 17
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 22 Dec 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:99:17:93:71:fc:d4:8e:d8:9b:18:c4:8a:b0:91:fa:38:8b:cc:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Dec 10 03:20:08 2025 GMT
            Not After : Mar 10 23:59:59 2026 GMT
        Subject: serialNumber=e8de904401e607db173e42e5ae74697d034e46a8354a82fa3fc7421ad413fb99, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:d1:ee:9b:2e:a4:36:a9:c1:e7:bb:de:7c:4f:
                    3b:db:a6:af:8b:53:98:18:9d:73:a6:31:35:e6:15:
                    92:63:3b:5a:cf:0f:50:4b:31:db:e8:0e:d9:a7:d3:
                    68:ca:3e:ea:df:f7:92:ee:af:f3:ae:a1:97:cd:ce:
                    f8:f8:00:f3:d0:23:08:3d:3b:7c:99:6c:90:a5:5a:
                    59:e4:81:f0:26:d9:60:1f:d7:24:03:7d:8d:3e:69:
                    fe:d9:7e:50:9e:c4:92:e1:5f:36:e3:72:8d:9b:2a:
                    d7:03:5f:7d:68:0d:f5:28:9b:24:78:e8:e5:5c:4b:
                    61:13:4d:29:33:85:ca:5c:f8:67:da:f9:e4:4d:8e:
                    fd:3c:0b:aa:89:1e:b9:5c:88:c2:2f:2a:4a:c1:98:
                    07:d3:10:02:17:57:70:96:d3:03:3b:f8:b5:1d:48:
                    c4:00:bf:ed:aa:05:56:91:7a:a8:40:77:86:02:b0:
                    29:d4:f3:0c:d5:29:07:0a:49:74:24:12:dc:44:10:
                    e7:0d:c4:48:4c:52:51:91:de:d7:f5:f2:b0:91:4b:
                    42:c7:11:31:da:31:05:d2:cc:c3:7c:41:97:9a:c5:
                    0d:69:26:c2:2d:05:e4:7c:cd:b1:90:2b:0b:53:7b:
                    f3:4c:03:b5:28:5c:14:1f:fb:5c:e8:c3:c2:4d:64:
                    11:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:B2:CE:93:96:A7:7F:76:33:AF:A6:92:28:D4:0D:CF:43:A3:14:12
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6cb052db-b2e8-4906-a585-69043cc771d2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.170.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         b3:03:5e:68:d9:43:2c:e1:50:25:8c:4a:9d:15:55:99:ec:ed:
         e4:6a:c6:cd:20:51:00:36:62:31:c3:09:46:43:69:89:18:da:
         d4:8a:77:36:58:ad:59:ba:73:82:1f:9c:f1:92:2b:53:31:71:
         2b:9e:b6:25:1c:bb:70:8d:88:c7:c3:f5:75:1e:64:a1:a8:7d:
         7d:75:98:17:9d:82:2d:4a:9e:8b:2a:73:3d:ab:0f:7a:fa:ba:
         0c:96:5a:ba:62:5b:20:6e:e4:75:5e:ff:9c:60:20:69:8d:63:
         c0:14:10:4d:8e:8c:90:b4:5e:23:36:bc:35:61:99:8f:dc:43:
         5c:b9:3e:05:5a:5f:9f:4c:90:db:36:0a:57:81:c2:37:69:11:
         88:d1:f8:ce:9d:c8:a8:3e:ca:01:e5:de:4d:24:b7:98:71:4b:
         e9:2a:7d:b4:ae:d6:64:07:de:8c:a0:2e:4a:7e:e4:5f:60:6b:
         42:21:a7:3d:25:91:9f:d7:de:77:73:be:ea:45:4b:71:c9:c0:
         02:1e:90:76:75:92:0a:a5:7f:dc:73:cb:a5:60:de:36:15:6a:
         5a:56:b3:80:bc:85:19:47:27:0f:cb:22:7e:68:c1:88:bf:99:
         ab:df:1f:26:39:11:09:71:d2:e9:f0:ba:b9:ee:94:5e:c1:76:
         f2:a3:1a:19
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMZkXk3H81I7YmxjEirCR+jiLzG0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMjEwMDMyMDA4WhcNMjYwMzEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BlOGRlOTA0NDAxZTYwN2RiMTczZTQyZTVhZTc0Njk3ZDAz
NGU0NmE4MzU0YTgyZmEzZmM3NDIxYWQ0MTNmYjk5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC10e6bLqQ2qcHnu958Tzvbpq+LU5gYnXOmMTXmFZJjO1rP
D1BLMdvoDtmn02jKPurf95Lur/OuoZfNzvj4APPQIwg9O3yZbJClWlnkgfAm2WAf
1yQDfY0+af7ZflCexJLhXzbjco2bKtcDX31oDfUomyR46OVcS2ETTSkzhcpc+Gfa
+eRNjv08C6qJHrlciMIvKkrBmAfTEAIXV3CW0wM7+LUdSMQAv+2qBVaReqhAd4YC
sCnU8wzVKQcKSXQkEtxEEOcNxEhMUlGR3tf18rCRS0LHETHaMQXSzMN8QZeaxQ1p
JsItBeR8zbGQKwtTe/NMA7UoXBQf+1zow8JNZBEpAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUubLOk5anf3Yzr6aSKNQNz0OjFBIwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzZjYjA1MmRiLWIyZTgtNDkwNi1hNTg1LTY5MDQzY2M3NzFkMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAcDqoAwDQYJKoZIhvcNAQELBQADggEBALMDXmjZQyzhUCWMSp0VVZns7eRq
xs0gUQA2YjHDCUZDaYkY2tSKdzZYrVm6c4IfnPGSK1MxcSuetiUcu3CNiMfD9XUe
ZKGofX11mBedgi1Knosqcz2rD3r6ugyWWrpiWyBu5HVe/5xgIGmNY8AUEE2OjJC0
XiM2vDVhmY/cQ1y5PgVaX59MkNs2CleBwjdpEYjR+M6dyKg+ygHl3k0kt5hxS+kq
fbSu1mQH3oygLkp+5F9ga0Ihpz0lkZ/X3ndzvupFS3HJwAIekHZ1kgqlf9xzy6Vg
3jYValpWs4C8hRlHJw/LIn5owYi/mavfHyY5EQlx0unwurnulF7BdvKjGhk=
-----END CERTIFICATE-----