This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ebcf296f-7234-4ee5-a160-45fcad4b7895.roa
File:                     ebcf296f-7234-4ee5-a160-45fcad4b7895.roa (raw, json)
Hash identifier:          OueV7zJwot7hGixkEO9dud49oapSPHWN3kjb4NaGfh0=
Subject key identifier:   8B:D1:4D:34:81:46:7E:F1:5F:FB:84:58:03:07:0B:04:79:41:20:51
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       18CA77F8E50DF9F3813266AFDA603BCB5987FB67
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ebcf296f-7234-4ee5-a160-45fcad4b7895.roa
Signing time:             Sun 07 Dec 2025 02:50:39 +0000
ROA not before:           Sun 07 Dec 2025 02:50:39 +0000
ROA not after:            Sat 07 Mar 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.246.96.0/19 maxlen: 19
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 20 Dec 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:ca:77:f8:e5:0d:f9:f3:81:32:66:af:da:60:3b:cb:59:87:fb:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Dec  7 02:50:39 2025 GMT
            Not After : Mar  7 23:59:59 2026 GMT
        Subject: serialNumber=54497d0896034f5acdcfa3905ccd848bc27cbfaf2c6bfe6fe7f35b7787016410, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:14:58:a8:52:57:5a:28:cf:f2:a4:64:30:d6:
                    44:e1:de:2c:8d:9d:5f:b1:cd:b5:93:69:ec:78:95:
                    de:c1:83:55:a7:d1:2b:1a:64:15:8c:e8:9c:63:22:
                    8d:b2:43:44:e5:52:3b:44:f1:ad:2c:19:1b:62:d0:
                    c1:c1:c0:e6:fb:52:f7:cc:f0:d4:19:99:83:98:d2:
                    f9:de:63:94:44:da:08:d6:a8:d4:6c:79:90:d0:59:
                    f2:9d:4f:1a:f9:d7:41:9e:26:94:8f:f2:7d:44:7f:
                    4d:d1:08:ad:28:70:25:86:d7:f1:8f:c8:f1:ca:b6:
                    9c:99:83:50:31:90:9c:3e:a3:82:7b:f2:80:a7:1f:
                    81:27:c6:b1:e0:e6:da:74:73:8f:87:2c:ce:56:12:
                    da:c9:70:71:78:ab:d6:2c:46:26:f7:6d:58:cc:89:
                    2e:83:92:6d:86:51:c1:f7:96:4d:0a:be:bc:0d:04:
                    60:7d:72:85:e1:7c:26:09:fa:f0:a4:13:fa:34:6d:
                    bb:b7:7c:1a:a4:b6:ce:23:b7:49:f6:03:f3:bd:b1:
                    87:51:29:ac:4d:0c:ce:a6:eb:63:70:9b:68:95:df:
                    9d:5e:5d:1e:a2:be:3f:b5:e4:35:74:ff:0a:98:21:
                    3d:ea:33:7c:a1:ee:48:53:7a:25:b6:b1:59:71:49:
                    9c:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:D1:4D:34:81:46:7E:F1:5F:FB:84:58:03:07:0B:04:79:41:20:51
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ebcf296f-7234-4ee5-a160-45fcad4b7895.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.246.96.0/19

    Signature Algorithm: sha256WithRSAEncryption
         4b:b2:e8:bf:e0:d6:32:a3:a9:fb:6d:b3:58:9a:60:e6:0e:36:
         ff:e9:0f:c3:c6:57:d9:bf:07:e8:ac:3c:da:ed:9d:bd:08:61:
         b7:6c:64:e1:cc:99:f1:0a:7f:a7:67:9f:62:27:a2:30:6b:48:
         e1:26:40:05:8c:e8:4a:98:98:d8:e3:2c:25:21:b2:d0:48:e6:
         7b:03:8b:ea:94:82:74:02:66:cd:cf:ee:1d:57:ab:ef:2d:23:
         33:23:20:8f:7a:f7:bc:a9:59:ca:4a:87:c4:7b:3d:46:df:3d:
         db:78:d2:32:06:69:8b:d9:dd:5b:24:4f:18:26:1d:bc:80:75:
         44:7c:7c:3c:85:d6:b1:4e:48:f6:ad:a0:a9:ff:ee:bb:92:da:
         4f:d5:b3:99:eb:15:44:63:5a:04:23:24:77:f6:d0:81:11:61:
         67:89:bf:d5:95:97:2d:f5:83:4f:37:10:4d:ce:8b:2a:7f:fb:
         a6:54:5e:82:e8:3a:86:11:88:5f:7f:c0:10:37:82:26:83:da:
         57:ba:7b:6f:5d:fc:9f:a8:28:4d:0d:90:46:ff:09:c1:42:bd:
         a2:6a:4a:e2:b0:e6:8a:7c:e5:66:fc:d8:2c:62:c6:e9:31:6f:
         e6:72:14:07:ee:8e:6a:4c:60:33:40:d0:f7:1c:5b:dd:49:47:
         57:46:4e:44
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUGMp3+OUN+fOBMmav2mA7y1mH+2cwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMjA3MDI1MDM5WhcNMjYwMzA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A1NDQ5N2QwODk2MDM0ZjVhY2RjZmEzOTA1Y2NkODQ4YmMy
N2NiZmFmMmM2YmZlNmZlN2YzNWI3Nzg3MDE2NDEwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+FFioUldaKM/ypGQw1kTh3iyNnV+xzbWTaex4ld7Bg1Wn
0SsaZBWM6JxjIo2yQ0TlUjtE8a0sGRti0MHBwOb7UvfM8NQZmYOY0vneY5RE2gjW
qNRseZDQWfKdTxr510GeJpSP8n1Ef03RCK0ocCWG1/GPyPHKtpyZg1AxkJw+o4J7
8oCnH4EnxrHg5tp0c4+HLM5WEtrJcHF4q9YsRib3bVjMiS6Dkm2GUcH3lk0KvrwN
BGB9coXhfCYJ+vCkE/o0bbu3fBqkts4jt0n2A/O9sYdRKaxNDM6m62Nwm2iV351e
XR6ivj+15DV0/wqYIT3qM3yh7khTeiW2sVlxSZybAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUi9FNNIFGfvFf+4RYAwcLBHlBIFEwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2ViY2YyOTZmLTcyMzQtNGVlNS1hMTYwLTQ1ZmNhZDRiNzg5NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAU29mAwDQYJKoZIhvcNAQELBQADggEBAEuy6L/g1jKjqftts1iaYOYONv/p
D8PGV9m/B+isPNrtnb0IYbdsZOHMmfEKf6dnn2InojBrSOEmQAWM6EqYmNjjLCUh
stBI5nsDi+qUgnQCZs3P7h1Xq+8tIzMjII9697ypWcpKh8R7PUbfPdt40jIGaYvZ
3VskTxgmHbyAdUR8fDyF1rFOSPatoKn/7ruS2k/Vs5nrFURjWgQjJHf20IERYWeJ
v9WVly31g083EE3Oiyp/+6ZUXoLoOoYRiF9/wBA3giaD2le6e29d/J+oKE0NkEb/
CcFCvaJqSuKw5op85Wb82Cxixukxb+ZyFAfujmpMYDNA0PccW91JR1dGTkQ=
-----END CERTIFICATE-----