This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f525a0b2-7ca2-43f1-951c-7eff24265dc3.roa
File:                     f525a0b2-7ca2-43f1-951c-7eff24265dc3.roa (raw, json)
Hash identifier:          FupZuwg0mfr7GKxCS+oJejomFwguI7zLw4+Z9DzlGgo=
Subject key identifier:   B6:4C:D8:9D:38:40:AF:B6:B7:D5:22:DD:7C:1D:0E:9E:81:A2:6C:56
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       10429DA27C8936AF6BF21C68A7D5A428AA349E70
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f525a0b2-7ca2-43f1-951c-7eff24265dc3.roa
Signing time:             Wed 10 Dec 2025 02:30:46 +0000
ROA not before:           Wed 10 Dec 2025 02:30:46 +0000
ROA not after:            Tue 10 Mar 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        18.45.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 22 Dec 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:42:9d:a2:7c:89:36:af:6b:f2:1c:68:a7:d5:a4:28:aa:34:9e:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Dec 10 02:30:46 2025 GMT
            Not After : Mar 10 23:59:59 2026 GMT
        Subject: serialNumber=d050c0c65f186a08f3051edb1cbd3ffc53a9aab8d37a0e3f2e40a5dd184f937d, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:9b:a4:1c:d1:97:2c:04:fa:65:5e:99:df:ac:
                    b4:d5:bc:f2:9e:8a:ef:fe:59:45:54:8e:20:81:ce:
                    33:d3:4f:5c:9d:3e:ac:35:a4:7d:a6:30:e9:e3:ea:
                    52:9f:72:08:bf:1e:d6:5f:5f:42:61:2e:c8:23:b9:
                    b7:fb:91:ea:8b:e0:65:91:c1:b7:8d:f4:8a:e9:ee:
                    8c:c2:78:68:54:47:53:9e:22:4e:1b:b2:76:cc:4c:
                    99:cd:6b:19:6b:3b:cf:f7:07:7e:89:a6:13:56:86:
                    0b:b6:0c:83:4e:c9:a1:48:95:0d:ab:3c:1a:3b:7c:
                    b8:85:d0:6f:ba:68:a5:57:b3:18:35:20:21:26:04:
                    73:cb:97:3d:95:6b:fe:c5:8f:74:7d:2c:4b:fd:16:
                    d8:2c:59:0c:b4:7b:3c:10:27:87:d1:ef:82:bc:14:
                    5d:99:f6:cd:48:ab:b6:1d:ff:cf:1b:46:04:e1:ce:
                    da:af:b0:21:3f:bf:e8:50:e2:ed:a5:f3:ac:aa:f8:
                    43:96:ee:a4:f2:3f:4a:1d:dc:56:c5:5f:ed:5a:65:
                    e2:db:92:d2:c3:9e:a9:30:2f:e3:47:90:f3:04:d6:
                    aa:cc:3d:6d:f9:cf:11:84:ef:86:eb:17:a9:56:a2:
                    82:69:c7:b2:f0:ab:c7:42:a8:c1:9e:ba:16:34:b0:
                    a2:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:4C:D8:9D:38:40:AF:B6:B7:D5:22:DD:7C:1D:0E:9E:81:A2:6C:56
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f525a0b2-7ca2-43f1-951c-7eff24265dc3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.45.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         1b:ed:38:a0:4c:9a:41:13:59:ff:ff:fb:80:37:3e:da:e8:26:
         fe:b7:70:bb:ea:a5:37:5b:42:ad:12:e6:cf:0d:2c:d3:49:20:
         18:5b:55:48:16:d3:1a:2a:09:e2:a2:71:e6:9f:3c:d8:48:87:
         15:97:17:0c:70:2a:86:34:75:bd:a3:37:1e:36:67:a8:b5:50:
         43:ef:25:cb:a5:0c:b2:09:54:a8:be:a2:3d:5a:24:77:38:f9:
         cf:eb:fa:33:b7:b3:79:80:cf:1c:98:fd:39:09:8d:2c:48:ae:
         96:17:5c:89:8f:9c:fd:ec:81:51:da:b1:0d:41:b2:f2:0d:b8:
         29:f1:7a:6a:a3:70:6b:c2:df:62:03:ff:e3:af:77:8c:27:94:
         58:89:07:e3:b8:2d:71:7c:1b:ef:3d:7b:8f:cb:ba:7b:b5:a1:
         ea:f6:ad:7a:26:ea:15:7e:f0:d5:13:98:b2:22:28:58:35:64:
         c6:d8:d3:c5:b6:67:7d:05:0a:2e:82:a1:96:f4:34:76:32:6b:
         3f:06:77:30:d9:82:50:7c:0b:ce:e9:0f:d1:55:28:cc:68:5b:
         80:7a:41:df:8a:2b:84:d3:d6:a9:54:67:39:39:a5:19:82:6e:
         49:49:97:b2:ad:39:ed:31:9b:42:c6:f3:4e:f5:1c:be:7e:9b:
         18:6d:17:7f
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUEEKdonyJNq9r8hxop9WkKKo0nnAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMjEwMDIzMDQ2WhcNMjYwMzEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BkMDUwYzBjNjVmMTg2YTA4ZjMwNTFlZGIxY2JkM2ZmYzUz
YTlhYWI4ZDM3YTBlM2YyZTQwYTVkZDE4NGY5MzdkMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2m6Qc0ZcsBPplXpnfrLTVvPKeiu/+WUVUjiCBzjPTT1yd
Pqw1pH2mMOnj6lKfcgi/HtZfX0JhLsgjubf7keqL4GWRwbeN9Irp7ozCeGhUR1Oe
Ik4bsnbMTJnNaxlrO8/3B36JphNWhgu2DINOyaFIlQ2rPBo7fLiF0G+6aKVXsxg1
ICEmBHPLlz2Va/7Fj3R9LEv9FtgsWQy0ezwQJ4fR74K8FF2Z9s1Iq7Yd/88bRgTh
ztqvsCE/v+hQ4u2l86yq+EOW7qTyP0od3FbFX+1aZeLbktLDnqkwL+NHkPME1qrM
PW35zxGE74brF6lWooJpx7Lwq8dCqMGeuhY0sKKhAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUtkzYnThAr7a31SLdfB0OnoGibFYwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2Y1MjVhMGIyLTdjYTItNDNmMS05NTFjLTdlZmYyNDI2NWRjMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwASLTANBgkqhkiG9w0BAQsFAAOCAQEAG+04oEyaQRNZ///7gDc+2ugm/rdw
u+qlN1tCrRLmzw0s00kgGFtVSBbTGioJ4qJx5p882EiHFZcXDHAqhjR1vaM3HjZn
qLVQQ+8ly6UMsglUqL6iPVokdzj5z+v6M7ezeYDPHJj9OQmNLEiulhdciY+c/eyB
UdqxDUGy8g24KfF6aqNwa8LfYgP/4693jCeUWIkH47gtcXwb7z17j8u6e7Wh6vat
eibqFX7w1ROYsiIoWDVkxtjTxbZnfQUKLoKhlvQ0djJrPwZ3MNmCUHwLzukP0VUo
zGhbgHpB34orhNPWqVRnOTmlGYJuSUmXsq057TGbQsbzTvUcvn6bGG0Xfw==
-----END CERTIFICATE-----