This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f185f8bb-54a6-4a09-8db9-eecdc9cec451.roa
File:                     f185f8bb-54a6-4a09-8db9-eecdc9cec451.roa (raw, json)
Hash identifier:          6Fk84ICQALA+5SfFKa3aSWTehb4u3V6zvEIMPEHjvTs=
Subject key identifier:   AA:38:16:CF:E2:96:08:47:E4:88:00:92:83:1F:5F:E5:93:64:BA:4D
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       33B0795496465CE14DDB716A597C371F153CEF00
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f185f8bb-54a6-4a09-8db9-eecdc9cec451.roa
Signing time:             Wed 10 Dec 2025 04:00:34 +0000
ROA not before:           Wed 10 Dec 2025 04:00:34 +0000
ROA not after:            Tue 10 Mar 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        52.95.112.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 22 Dec 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            33:b0:79:54:96:46:5c:e1:4d:db:71:6a:59:7c:37:1f:15:3c:ef:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Dec 10 04:00:34 2025 GMT
            Not After : Mar 10 23:59:59 2026 GMT
        Subject: serialNumber=95dabb162cd78f6c640d20a3bcf38f227a59eab0e949a1903df19ec647c49219, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:0c:af:73:f7:40:17:1f:8a:eb:c5:f4:b3:db:
                    5f:cc:76:9a:d2:0c:53:81:a3:be:1f:7f:4d:9b:0a:
                    b6:9d:10:54:c2:19:bb:42:26:e2:e8:7b:7f:6f:43:
                    e3:58:95:2e:9d:74:b4:47:a8:d7:6b:e3:d7:fe:c9:
                    e3:5e:13:1d:d2:44:13:8a:32:15:21:4e:01:05:01:
                    4c:50:ce:43:31:1a:5f:3b:42:70:0f:4a:bd:56:96:
                    d5:7d:39:2b:5f:8b:43:97:10:6a:d4:a4:34:86:b1:
                    32:d5:d8:7a:c4:15:5c:34:72:b4:5e:35:28:fe:50:
                    bd:31:0d:e7:cb:c9:a8:6a:ff:87:5d:13:19:97:2e:
                    63:c2:1c:31:03:02:90:13:b8:fe:4e:d6:fc:61:00:
                    c1:a6:fc:b8:75:6c:d8:10:b9:58:b5:1d:10:89:b9:
                    c5:7e:a1:68:cc:b8:be:cb:16:d8:17:b1:c4:f7:88:
                    08:6a:3e:c5:ea:60:d3:d6:91:33:6e:02:4a:e8:47:
                    5c:12:16:7d:92:0e:bf:b6:99:47:04:81:8e:dd:67:
                    22:60:bb:86:a8:0d:ce:50:4e:b2:2a:da:4e:cf:67:
                    c5:4e:bc:4e:9a:8c:cb:c4:af:ba:da:96:72:2c:7f:
                    ea:fa:39:1a:f7:20:b3:65:f6:2a:41:ae:26:ea:2d:
                    c5:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:38:16:CF:E2:96:08:47:E4:88:00:92:83:1F:5F:E5:93:64:BA:4D
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f185f8bb-54a6-4a09-8db9-eecdc9cec451.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.95.112.0/20

    Signature Algorithm: sha256WithRSAEncryption
         43:6e:36:64:7b:48:b5:0e:56:0a:63:aa:0d:41:01:a8:2e:62:
         10:0e:8b:89:4f:f0:5c:bb:26:8f:31:76:77:54:41:44:7d:f8:
         da:2f:39:69:18:b6:8c:eb:1f:ef:d9:2a:10:8b:55:8d:33:18:
         98:42:53:e1:ff:d8:89:9f:60:9e:18:51:c3:5d:0d:e3:fd:34:
         94:64:fe:6c:ae:13:83:76:74:fa:26:55:5e:b7:b0:8d:30:f0:
         f1:fe:e9:48:be:a8:5c:fc:a3:1e:5f:b2:4a:44:64:05:3f:7e:
         02:fc:cc:1e:18:1e:a2:0f:83:3b:1b:1c:f8:6d:dd:6c:65:84:
         d6:cb:c2:c3:9e:0e:c5:54:3a:cd:c7:13:9b:8d:57:7c:bb:3d:
         6c:e2:1c:0a:4f:ff:f5:0e:13:7d:54:31:2f:c8:8a:e7:88:11:
         d8:a6:1c:c2:40:66:44:ba:62:70:75:67:51:55:68:44:7a:b2:
         12:e4:84:14:f4:0d:7c:19:08:8f:03:0b:c7:a3:bc:4f:61:16:
         14:6e:ca:b0:7b:98:1d:16:38:08:a0:17:e9:e2:23:80:71:5b:
         b0:99:ee:72:9c:59:2a:9c:35:09:5f:a2:2b:68:13:6f:1b:f6:
         0e:3c:bf:3e:26:97:04:b8:4b:7d:2a:6d:22:a1:15:08:ae:e1:
         7e:48:6f:ed
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUM7B5VJZGXOFN23FqWXw3HxU87wAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMjEwMDQwMDM0WhcNMjYwMzEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A5NWRhYmIxNjJjZDc4ZjZjNjQwZDIwYTNiY2YzOGYyMjdh
NTllYWIwZTk0OWExOTAzZGYxOWVjNjQ3YzQ5MjE5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCiDK9z90AXH4rrxfSz21/MdprSDFOBo74ff02bCradEFTC
GbtCJuLoe39vQ+NYlS6ddLRHqNdr49f+yeNeEx3SRBOKMhUhTgEFAUxQzkMxGl87
QnAPSr1WltV9OStfi0OXEGrUpDSGsTLV2HrEFVw0crReNSj+UL0xDefLyahq/4dd
ExmXLmPCHDEDApATuP5O1vxhAMGm/Lh1bNgQuVi1HRCJucV+oWjMuL7LFtgXscT3
iAhqPsXqYNPWkTNuAkroR1wSFn2SDr+2mUcEgY7dZyJgu4aoDc5QTrIq2k7PZ8VO
vE6ajMvEr7ralnIsf+r6ORr3ILNl9ipBribqLcU/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUqjgWz+KWCEfkiACSgx9f5ZNkuk0wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2YxODVmOGJiLTU0YTYtNGEwOS04ZGI5LWVlY2RjOWNlYzQ1MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQ0X3AwDQYJKoZIhvcNAQELBQADggEBAENuNmR7SLUOVgpjqg1BAaguYhAO
i4lP8Fy7Jo8xdndUQUR9+NovOWkYtozrH+/ZKhCLVY0zGJhCU+H/2ImfYJ4YUcNd
DeP9NJRk/myuE4N2dPomVV63sI0w8PH+6Ui+qFz8ox5fskpEZAU/fgL8zB4YHqIP
gzsbHPht3WxlhNbLwsOeDsVUOs3HE5uNV3y7PWziHApP//UOE31UMS/IiueIEdim
HMJAZkS6YnB1Z1FVaER6shLkhBT0DXwZCI8DC8ejvE9hFhRuyrB7mB0WOAigF+ni
I4BxW7CZ7nKcWSqcNQlfoitoE28b9g48vz4mlwS4S30qbSKhFQiu4X5Ib+0=
-----END CERTIFICATE-----