This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9057571d-fc5a-46a1-8c20-bb70e822a20e.roa
File:                     9057571d-fc5a-46a1-8c20-bb70e822a20e.roa (raw, json)
Hash identifier:          sZghFXErfcC4PZ52n4lZN/hOoM0FC0FS8zV4oG2mBtk=
Subject key identifier:   8C:CD:BC:02:FA:C0:2A:34:4C:B9:09:8C:4F:E7:CA:F7:19:38:3F:A4
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       3C1082AA4EFEB7F54BF9C35C59D746B5910399D2
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9057571d-fc5a-46a1-8c20-bb70e822a20e.roa
Signing time:             Wed 10 Dec 2025 01:40:56 +0000
ROA not before:           Wed 10 Dec 2025 01:40:56 +0000
ROA not after:            Tue 10 Mar 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        138.111.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 18 Dec 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:10:82:aa:4e:fe:b7:f5:4b:f9:c3:5c:59:d7:46:b5:91:03:99:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Dec 10 01:40:56 2025 GMT
            Not After : Mar 10 23:59:59 2026 GMT
        Subject: serialNumber=11e538dc37d592097e054bff23d971896e01dcac1049d2aa520e03fc0e0a7fa8, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:22:ce:9b:7f:cf:60:77:a1:04:dd:03:74:e9:
                    3e:52:45:e6:2e:ef:df:24:44:b2:6b:78:88:98:fa:
                    c5:b6:4b:a3:a0:f5:de:d6:cb:14:89:62:b1:5a:f3:
                    ab:2f:5e:53:10:16:4b:20:6f:91:2a:55:42:5d:c8:
                    d7:65:e8:24:05:53:06:c8:ac:44:4f:92:f6:06:39:
                    2e:ac:70:d9:d4:10:66:c3:c6:f1:3b:18:ac:8e:5b:
                    81:bc:14:f9:62:55:a9:16:90:e5:cb:95:13:b1:82:
                    30:59:f4:ef:88:b1:f3:82:f3:52:4d:f9:5e:a4:44:
                    ec:82:65:f6:da:bc:17:76:81:d7:90:e2:84:9d:3f:
                    70:87:02:36:89:78:14:f5:31:cc:83:7d:0a:8f:bf:
                    85:26:f7:26:fb:78:dd:b3:34:b3:e7:3b:f5:4b:70:
                    63:c2:e7:8d:71:ba:d9:8a:66:66:6f:ea:b9:4b:01:
                    09:bf:05:d6:32:77:4d:d2:36:b2:ad:fc:af:a0:78:
                    9b:38:92:77:aa:92:c9:70:d9:43:49:6a:cd:39:c1:
                    54:1f:fa:33:aa:7c:3c:25:66:1b:29:de:0a:51:e0:
                    cf:80:e3:8f:18:09:d4:06:f2:47:7f:39:94:63:b0:
                    93:9d:72:cf:5b:e6:87:48:73:c3:94:d9:7e:e4:17:
                    e5:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:CD:BC:02:FA:C0:2A:34:4C:B9:09:8C:4F:E7:CA:F7:19:38:3F:A4
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9057571d-fc5a-46a1-8c20-bb70e822a20e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.111.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         46:74:57:4c:a2:03:a1:88:c7:0f:60:10:99:eb:5c:7c:d1:5d:
         7a:11:b6:6f:95:63:b9:7b:2d:0d:e4:c7:b5:d1:d4:1c:36:ea:
         d3:00:05:ae:2e:9a:19:ca:5e:67:43:75:ff:cc:3d:15:ae:08:
         f1:09:c3:b0:8b:bd:42:1f:a2:aa:d5:c4:8c:9a:9e:6e:07:b2:
         ff:e7:ba:a6:54:da:6f:ad:d4:dc:8f:62:ca:43:ee:55:9b:d4:
         f2:41:a3:62:5e:f7:48:55:06:bd:9a:07:c9:29:aa:18:66:11:
         05:f5:71:28:f1:8c:12:52:d0:c2:b2:43:89:48:33:5a:a1:a9:
         ea:7c:f6:47:b5:f9:44:77:fa:2b:cb:70:de:83:4a:3b:99:ea:
         b9:1d:47:25:80:9f:c9:d5:0d:e7:e0:d9:5b:ba:55:0f:3f:84:
         b8:8c:b6:b3:78:fb:ba:f3:a9:98:30:e2:c6:61:0e:4d:6c:93:
         5a:c5:e6:63:27:89:55:ce:b0:e3:44:08:56:ca:3d:9c:3b:8a:
         bc:ae:62:98:dd:2d:68:99:a9:67:66:3e:16:fd:9b:c0:d0:65:
         df:42:b2:41:ac:f9:10:d5:f1:a2:33:9c:bc:01:dc:cd:5e:a6:
         44:dd:fb:f0:7c:2a:8e:f7:2c:79:c4:23:0f:9f:c1:22:52:07:
         34:a2:ac:54
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUPBCCqk7+t/VL+cNcWddGtZEDmdIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMjEwMDE0MDU2WhcNMjYwMzEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AxMWU1MzhkYzM3ZDU5MjA5N2UwNTRiZmYyM2Q5NzE4OTZl
MDFkY2FjMTA0OWQyYWE1MjBlMDNmYzBlMGE3ZmE4MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCbIs6bf89gd6EE3QN06T5SReYu798kRLJreIiY+sW2S6Og
9d7WyxSJYrFa86svXlMQFksgb5EqVUJdyNdl6CQFUwbIrERPkvYGOS6scNnUEGbD
xvE7GKyOW4G8FPliVakWkOXLlROxgjBZ9O+IsfOC81JN+V6kROyCZfbavBd2gdeQ
4oSdP3CHAjaJeBT1McyDfQqPv4Um9yb7eN2zNLPnO/VLcGPC541xutmKZmZv6rlL
AQm/BdYyd03SNrKt/K+geJs4kneqkslw2UNJas05wVQf+jOqfDwlZhsp3gpR4M+A
448YCdQG8kd/OZRjsJOdcs9b5odIc8OU2X7kF+W3AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUjM28AvrAKjRMuQmMT+fK9xk4P6QwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzkwNTc1NzFkLWZjNWEtNDZhMS04YzIwLWJiNzBlODIyYTIwZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCKbzANBgkqhkiG9w0BAQsFAAOCAQEARnRXTKIDoYjHD2AQmetcfNFdehG2
b5VjuXstDeTHtdHUHDbq0wAFri6aGcpeZ0N1/8w9Fa4I8QnDsIu9Qh+iqtXEjJqe
bgey/+e6plTab63U3I9iykPuVZvU8kGjYl73SFUGvZoHySmqGGYRBfVxKPGMElLQ
wrJDiUgzWqGp6nz2R7X5RHf6K8tw3oNKO5nquR1HJYCfydUN5+DZW7pVDz+EuIy2
s3j7uvOpmDDixmEOTWyTWsXmYyeJVc6w40QIVso9nDuKvK5imN0taJmpZ2Y+Fv2b
wNBl30KyQaz5ENXxojOcvAHczV6mRN378HwqjvcsecQjD5/BIlIHNKKsVA==
-----END CERTIFICATE-----