This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9b297106-5adb-42a3-be39-8d4eb4ec1873.roa
File:                     9b297106-5adb-42a3-be39-8d4eb4ec1873.roa (raw, json)
Hash identifier:          BrHe7DuLPDJt+tbVuY9CV6K8nkrzrCH2I22KQvn0Yco=
Subject key identifier:   0A:22:B3:E2:B3:97:AD:69:99:CC:FF:14:0C:AA:7B:7D:F1:9F:DA:B9
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       258C47EA3DC3902E64C21926D0D9CB62B5978EC5
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9b297106-5adb-42a3-be39-8d4eb4ec1873.roa
Signing time:             Wed 10 Dec 2025 01:41:20 +0000
ROA not before:           Wed 10 Dec 2025 01:41:20 +0000
ROA not after:            Tue 10 Mar 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        54.88.0.0/14 maxlen: 14
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 22 Dec 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:8c:47:ea:3d:c3:90:2e:64:c2:19:26:d0:d9:cb:62:b5:97:8e:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Dec 10 01:41:20 2025 GMT
            Not After : Mar 10 23:59:59 2026 GMT
        Subject: serialNumber=721505e3c064a1ad3317e5b483c446d5109ab6fdf55ece23f071f06af4aec63f, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:7d:d8:56:88:4c:30:58:93:a3:6c:4d:08:70:
                    a8:8d:6f:e5:17:33:77:87:77:d6:d8:09:04:93:e0:
                    ab:3c:56:49:7f:95:5e:25:38:2d:f1:8c:26:c5:7b:
                    3e:9e:71:51:c3:64:53:3c:34:75:8a:d2:f7:d8:b8:
                    55:70:7c:93:ab:f5:ef:65:4a:5f:f9:35:99:87:86:
                    af:ec:c4:43:a9:3e:ed:5c:71:86:cb:27:56:e8:4b:
                    63:aa:51:d9:41:88:d2:7b:36:1a:27:0d:ff:ef:6f:
                    60:9e:64:fc:63:82:48:09:5d:ca:ea:01:d1:64:2b:
                    7f:56:8d:cd:f4:10:b0:54:1c:62:58:f4:21:fb:dc:
                    ef:e7:2e:f5:2e:a9:dc:14:54:07:25:a2:d7:58:67:
                    77:44:38:4a:b3:ad:d4:64:e5:3a:f8:60:a5:36:1f:
                    b9:5e:40:8c:a6:4f:e9:f8:93:a8:3d:26:2e:8a:c7:
                    72:44:11:aa:5d:c8:3a:68:3d:42:23:48:1d:17:bf:
                    b1:64:2a:08:4c:3f:e5:c6:f4:fd:04:5d:3b:42:be:
                    fd:8a:62:6a:b1:f9:f3:64:ac:89:39:e0:ca:03:23:
                    65:3f:8a:95:d5:6c:b0:52:5d:43:72:4f:37:de:d1:
                    3a:b0:32:f4:c3:75:68:5a:43:4b:d3:1a:5f:f9:92:
                    27:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:22:B3:E2:B3:97:AD:69:99:CC:FF:14:0C:AA:7B:7D:F1:9F:DA:B9
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9b297106-5adb-42a3-be39-8d4eb4ec1873.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.88.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         5e:45:1c:d7:c5:61:a5:5e:11:93:9b:1d:a8:aa:66:8d:25:73:
         e6:5f:5f:de:d5:b1:45:98:43:b4:41:31:dc:ad:1f:cf:27:d7:
         19:ea:9a:39:c0:20:05:3b:8c:b1:ce:2d:ed:11:6a:f4:f3:2c:
         63:08:d3:ab:78:0d:2c:f4:cc:30:ab:8a:8b:91:1e:d7:e9:cb:
         eb:06:cc:c9:18:08:8e:12:82:be:11:d1:84:6c:4b:4c:e9:c0:
         23:47:fc:f8:4d:35:cf:7e:2f:ce:c3:16:6d:45:63:4f:f5:60:
         93:42:44:7c:4c:f4:f4:32:69:0a:d0:68:9f:87:d7:55:6d:86:
         f9:29:e9:dd:ae:74:2e:6b:ed:b2:16:d9:76:72:27:a9:93:a5:
         70:63:b7:9f:19:83:63:9d:9d:da:d1:f8:c0:df:d2:85:a4:f3:
         b5:96:dc:c9:24:71:87:c3:6c:d9:0e:eb:b7:cc:18:e3:00:39:
         11:61:f5:d7:22:3a:49:bd:8e:66:e3:2c:c8:80:a9:12:96:9f:
         fd:ad:be:13:5b:7a:e1:af:90:9a:f7:38:ce:87:79:bd:e5:26:
         1e:6d:f7:1e:3d:f5:73:ed:a0:37:b9:bb:b4:c9:24:68:5d:66:
         e3:a9:0b:a2:3b:94:00:e8:7f:ae:cb:da:52:44:30:e8:1a:36:
         d1:9e:5d:2f
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUJYxH6j3DkC5kwhkm0NnLYrWXjsUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMjEwMDE0MTIwWhcNMjYwMzEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A3MjE1MDVlM2MwNjRhMWFkMzMxN2U1YjQ4M2M0NDZkNTEw
OWFiNmZkZjU1ZWNlMjNmMDcxZjA2YWY0YWVjNjNmMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7fdhWiEwwWJOjbE0IcKiNb+UXM3eHd9bYCQST4Ks8Vkl/
lV4lOC3xjCbFez6ecVHDZFM8NHWK0vfYuFVwfJOr9e9lSl/5NZmHhq/sxEOpPu1c
cYbLJ1boS2OqUdlBiNJ7NhonDf/vb2CeZPxjgkgJXcrqAdFkK39Wjc30ELBUHGJY
9CH73O/nLvUuqdwUVAclotdYZ3dEOEqzrdRk5Tr4YKU2H7leQIymT+n4k6g9Ji6K
x3JEEapdyDpoPUIjSB0Xv7FkKghMP+XG9P0EXTtCvv2KYmqx+fNkrIk54MoDI2U/
ipXVbLBSXUNyTzfe0TqwMvTDdWhaQ0vTGl/5kie5AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUCiKz4rOXrWmZzP8UDKp7ffGf2rkwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzliMjk3MTA2LTVhZGItNDJhMy1iZTM5LThkNGViNGVjMTg3My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwI2WDANBgkqhkiG9w0BAQsFAAOCAQEAXkUc18VhpV4Rk5sdqKpmjSVz5l9f
3tWxRZhDtEEx3K0fzyfXGeqaOcAgBTuMsc4t7RFq9PMsYwjTq3gNLPTMMKuKi5Ee
1+nL6wbMyRgIjhKCvhHRhGxLTOnAI0f8+E01z34vzsMWbUVjT/Vgk0JEfEz09DJp
CtBon4fXVW2G+Snp3a50LmvtshbZdnInqZOlcGO3nxmDY52d2tH4wN/ShaTztZbc
ySRxh8Ns2Q7rt8wY4wA5EWH11yI6Sb2OZuMsyICpEpaf/a2+E1t64a+Qmvc4zod5
veUmHm33Hj31c+2gN7m7tMkkaF1m46kLojuUAOh/rsvaUkQw6Bo20Z5dLw==
-----END CERTIFICATE-----