$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS16509.roa File: AS16509.roa (raw, json) Hash identifier: vhmuK2KYGWZaMCuhyvaMkOU+uKiAulfweRe9n5Qr+0c= Subject key identifier: 4F:6D:98:74:FE:CB:18:F0:21:28:2F:B7:85:5E:D3:2A:F7:01:A0:19 Certificate issuer: /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Certificate serial: 4DFBDC6C200EC34771551A81D48B3987634EFE9A Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS16509.roa Signing time: Sun 01 Sep 2024 02:49:53 +0000 ROA not before: Sun 01 Sep 2024 02:44:53 +0000 ROA not after: Sun 31 Aug 2025 02:49:53 +0000 asID: 16509 IP address blocks: 2a05:dfc1:a400::/44 maxlen: 44 Validation: OK Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 22 Nov 2024 04:12:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:fb:dc:6c:20:0e:c3:47:71:55:1a:81:d4:8b:39:87:63:4e:fe:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Validity Not Before: Sep 1 02:44:53 2024 GMT Not After : Aug 31 02:49:53 2025 GMT Subject: CN=4F6D9874FECB18F021282FB7855ED32AF701A019 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:cb:80:73:5c:8c:f1:d8:4d:02:cb:a6:23:9c: b3:bb:69:5e:15:19:d7:a2:91:39:03:9d:ca:62:0d: 72:09:2b:af:12:f1:a9:a5:9f:39:51:f1:6b:02:9a: 5e:fe:bf:4e:72:ca:a9:b9:07:34:89:a5:ae:5d:57: e5:14:53:4a:37:e0:a7:8e:0f:db:c0:2c:6f:85:99: c8:4c:6f:09:20:a8:21:66:f1:61:b9:5a:94:c3:e2: c8:63:86:aa:d7:a4:a7:0c:92:cc:dc:f1:ac:10:fa: 6a:60:30:0a:b4:e3:67:d1:77:3d:27:e4:5a:46:db: a0:e5:d1:3a:2d:e0:8b:45:c2:2c:bc:88:b2:ec:05: 00:3f:4e:29:9b:75:78:77:b3:e2:0e:c9:ea:cd:50: 9b:70:d5:19:b4:46:09:f0:7b:ac:70:3a:23:7b:11: 24:53:fe:73:28:a6:20:b9:49:54:22:86:43:12:ab: a5:fb:b3:16:02:5a:d7:cf:98:1a:ce:b0:36:f6:4a: 17:34:d2:6e:b9:e1:b2:7c:d2:d4:6d:9c:fb:e2:d3: 2b:00:c2:fe:84:22:ea:1f:d2:98:47:33:55:09:e1: 6f:36:f9:72:94:3f:a2:3c:c9:34:79:61:cb:9f:ce: 00:18:75:86:fb:8f:16:28:6c:1c:f2:97:02:c3:37: e0:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:6D:98:74:FE:CB:18:F0:21:28:2F:B7:85:5E:D3:2A:F7:01:A0:19 X509v3 Authority Key Identifier: keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject Information Access: Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS16509.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc1:a400::/44 Signature Algorithm: sha256WithRSAEncryption 5e:ba:a0:ed:9a:48:44:a3:35:6e:f1:82:71:f3:e9:a6:35:45: fb:cf:67:9d:c8:23:67:39:86:ea:e2:c7:81:d7:ec:27:d9:f6: 73:e5:21:d7:90:d1:ea:ad:28:33:a9:2f:c3:2d:a2:2d:4c:73: ca:d9:6e:d4:4f:80:cb:e3:5f:ce:ce:24:6e:77:75:e3:e3:20: b5:15:29:94:43:71:7b:ca:4d:7f:70:b1:3b:90:54:6b:26:34: 26:ea:ce:3b:33:ad:ef:7d:37:af:80:8f:de:6e:53:ca:6c:4f: 62:4c:33:7e:82:20:06:ce:a0:b9:8b:e2:d9:85:2e:3d:84:53: dc:e2:c1:65:99:6e:d0:8c:6c:18:87:0a:66:66:a5:27:76:30: ab:96:67:3f:ee:bd:e4:de:39:b5:c0:6d:d8:db:0b:61:f4:be: 88:42:2c:17:32:0c:89:c6:ba:a5:c9:4f:5e:58:fb:7a:68:a8: 4a:03:13:8d:0a:0f:21:83:0a:36:f7:10:7d:a9:95:91:7e:c5: 15:da:7f:3a:f1:38:9d:fb:74:f6:e6:6f:c7:65:eb:0e:51:f0: f4:37:f6:d7:05:16:c9:83:52:ab:4a:a3:e2:20:a0:84:1d:cc: 23:56:26:81:7d:f1:0d:eb:52:16:84:34:8a:a0:b8:70:24:82: e9:3d:31:10 -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUTfvcbCAOw0dxVRqB1Is5h2NO/powDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOTAeFw0yNDA5MDEwMjQ0NTNaFw0yNTA4MzEwMjQ5NTNaMDMxMTAvBgNV BAMTKDRGNkQ5ODc0RkVDQjE4RjAyMTI4MkZCNzg1NUVEMzJBRjcwMUEwMTkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSy4BzXIzx2E0Cy6YjnLO7aV4V GdeikTkDncpiDXIJK68S8amlnzlR8WsCml7+v05yyqm5BzSJpa5dV+UUU0o34KeO D9vALG+FmchMbwkgqCFm8WG5WpTD4shjhqrXpKcMkszc8awQ+mpgMAq042fRdz0n 5FpG26Dl0Tot4ItFwiy8iLLsBQA/TimbdXh3s+IOyerNUJtw1Rm0Rgnwe6xwOiN7 ESRT/nMopiC5SVQihkMSq6X7sxYCWtfPmBrOsDb2Shc00m654bJ80tRtnPvi0ysA wv6EIuof0phHM1UJ4W82+XKUP6I8yTR5YcufzgAYdYb7jxYobBzylwLDN+ABAgMB AAGjggH0MIIB8DAdBgNVHQ4EFgQUT22YdP7LGPAhKC+3hV7TKvcBoBkwHwYDVR0j BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5 bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2 M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD MjQzOUI3NkQ4NUFGOS5jZXIwWQYIKwYBBQUHAQsETTBLMEkGCCsGAQUFBzALhj1y c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w L0FTMTY1MDkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUH AQcBAf8EEzARMA8EAgACMAkDBwQqBd/BpAAwDQYJKoZIhvcNAQELBQADggEBAF66 oO2aSESjNW7xgnHz6aY1RfvPZ53II2c5hurix4HX7CfZ9nPlIdeQ0eqtKDOpL8Mt oi1Mc8rZbtRPgMvjX87OJG53dePjILUVKZRDcXvKTX9wsTuQVGsmNCbqzjszre99 N6+Aj95uU8psT2JMM36CIAbOoLmL4tmFLj2EU9ziwWWZbtCMbBiHCmZmpSd2MKuW Zz/uveTeObXAbdjbC2H0vohCLBcyDInGuqXJT15Y+3poqEoDE40KDyGDCjb3EH2p lZF+xRXafzrxOJ37dPbmb8dl6w5R8PQ39tcFFsmDUqtKo+IgoIQdzCNWJoF98Q3r UhaENIqguHAkguk9MRA= -----END CERTIFICATE-----Generated at Thu Nov 21 17:25:45 2024 by rpki-client on console-fra.rpki-client.org