$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS198376.roa File: AS198376.roa (raw, json) Hash identifier: ijS4cAosPytfdWNc07HNlQSJU+VPEJ9MF4q6AkXORnI= Subject key identifier: CD:B8:8B:D4:C8:8C:7A:42:28:11:22:A0:ED:82:A2:80:63:DC:4C:39 Certificate issuer: /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Certificate serial: 0522DD36FA4500CD08A78344082D63F505271584 Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS198376.roa Signing time: Wed 02 Apr 2025 11:45:57 +0000 ROA not before: Wed 02 Apr 2025 11:40:57 +0000 ROA not after: Wed 01 Apr 2026 11:45:57 +0000 asID: 198376 IP address blocks: 2a05:dfc1:4a00::/40 maxlen: 48 Validation: OK Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Apr 2025 02:10:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:22:dd:36:fa:45:00:cd:08:a7:83:44:08:2d:63:f5:05:27:15:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Validity Not Before: Apr 2 11:40:57 2025 GMT Not After : Apr 1 11:45:57 2026 GMT Subject: CN=CDB88BD4C88C7A42281122A0ED82A28063DC4C39 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:5e:bc:f5:e3:2f:33:e6:41:35:e6:18:18:dc: 69:77:2b:45:42:9f:bd:d3:2a:40:ba:9a:45:56:ec: 9e:b4:aa:50:8c:a8:aa:a8:e9:23:5d:9c:ad:22:8e: 9b:42:3a:c3:9d:05:d8:94:f2:3e:19:6f:3a:7a:c2: 3f:48:a3:d5:ac:ae:41:94:a9:f6:0c:3c:98:25:7e: 39:3b:97:24:63:48:7b:1b:f3:a7:d0:81:02:35:df: 8c:14:e1:4c:08:8e:4b:07:d2:c6:d3:4b:1f:f3:71: 78:37:f0:46:45:00:54:a7:b7:0f:72:18:fe:6e:00: 91:68:e8:00:29:d0:5c:aa:be:ec:d2:ad:f5:79:40: 81:9f:ed:18:76:99:40:b4:86:be:5e:0b:66:1e:33: 54:3b:33:0c:c3:52:18:e1:82:18:6e:f1:97:21:e4: 3e:6c:ee:19:14:c0:2b:68:31:d9:98:dd:2b:49:7f: f5:a5:3b:3a:77:1d:07:61:51:6d:25:72:f0:d8:b4: 2b:65:8b:ee:f5:ff:64:26:da:3d:f0:17:a5:77:cf: 80:9a:3f:e5:41:af:b5:f9:b5:c5:f4:8c:09:e9:f5: ee:5a:af:56:1d:85:0c:9e:a9:d2:65:a8:dc:24:a7: f1:49:72:16:f6:5e:a2:31:44:6f:c9:99:de:14:56: 62:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:B8:8B:D4:C8:8C:7A:42:28:11:22:A0:ED:82:A2:80:63:DC:4C:39 X509v3 Authority Key Identifier: keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject Information Access: Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS198376.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc1:4a00::/40 Signature Algorithm: sha256WithRSAEncryption 41:9b:5a:21:61:b0:25:9d:cd:ed:50:8d:16:f4:9d:ca:cb:c9: 55:75:0d:95:65:07:f6:31:a4:59:da:8c:65:24:76:7d:5b:a9: 10:54:35:95:72:b7:8e:98:ed:63:3f:76:dd:81:11:54:fc:59: 8a:6e:dc:82:c0:9b:c8:d2:66:c0:b4:dc:5e:9e:62:af:df:fe: 48:08:10:7b:94:07:99:3a:69:d1:07:4d:2f:72:25:5c:78:a2: 30:64:21:81:3e:8d:63:2d:5b:de:f8:39:f0:78:d2:fe:13:9d: c0:e2:f4:80:76:99:d1:19:3e:ec:b5:fe:58:b7:24:2d:01:f4: 39:f6:15:b2:f3:fc:1d:de:4b:c5:1a:c9:0f:e5:60:f2:92:15: e9:59:84:2d:84:22:e5:c3:19:2a:d4:46:2a:39:c5:ec:f9:eb: f6:7a:13:76:c0:1f:40:2a:08:c8:87:ef:42:48:41:ba:f0:f5: 5a:58:1c:31:2b:9d:f1:5e:bd:74:09:a3:16:f0:94:8e:71:e9: 4f:e1:03:4d:8c:f3:07:c9:bd:fe:a6:7e:69:7a:58:c8:bf:ff: b1:3a:5c:f6:85:18:1e:22:f6:03:e4:e6:be:4b:9f:35:25:e1: 9e:f7:cd:6a:c5:74:eb:0f:89:98:c8:d0:82:cc:43:d0:ec:ef: 48:68:92:46 -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUBSLdNvpFAM0Ip4NECC1j9QUnFYQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOTAeFw0yNTA0MDIxMTQwNTdaFw0yNjA0MDExMTQ1NTdaMDMxMTAvBgNV BAMTKENEQjg4QkQ0Qzg4QzdBNDIyODExMjJBMEVEODJBMjgwNjNEQzRDMzkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWXrz14y8z5kE15hgY3Gl3K0VC n73TKkC6mkVW7J60qlCMqKqo6SNdnK0ijptCOsOdBdiU8j4Zbzp6wj9Io9WsrkGU qfYMPJglfjk7lyRjSHsb86fQgQI134wU4UwIjksH0sbTSx/zcXg38EZFAFSntw9y GP5uAJFo6AAp0FyqvuzSrfV5QIGf7Rh2mUC0hr5eC2YeM1Q7MwzDUhjhghhu8Zch 5D5s7hkUwCtoMdmY3StJf/WlOzp3HQdhUW0lcvDYtCtli+71/2Qm2j3wF6V3z4Ca P+VBr7X5tcX0jAnp9e5ar1YdhQyeqdJlqNwkp/FJchb2XqIxRG/Jmd4UVmJzAgMB AAGjggH0MIIB8DAdBgNVHQ4EFgQUzbiL1MiMekIoESKg7YKigGPcTDkwHwYDVR0j BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5 bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2 M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD MjQzOUI3NkQ4NUFGOS5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w L0FTMTk4Mzc2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXfwUowDQYJKoZIhvcNAQELBQADggEBAEGb WiFhsCWdze1QjRb0ncrLyVV1DZVlB/YxpFnajGUkdn1bqRBUNZVyt46Y7WM/dt2B EVT8WYpu3ILAm8jSZsC03F6eYq/f/kgIEHuUB5k6adEHTS9yJVx4ojBkIYE+jWMt W974OfB40v4TncDi9IB2mdEZPuy1/li3JC0B9Dn2FbLz/B3eS8UayQ/lYPKSFelZ hC2EIuXDGSrURio5xez56/Z6E3bAH0AqCMiH70JIQbrw9VpYHDErnfFevXQJoxbw lI5x6U/hA02M8wfJvf6mfml6WMi//7E6XPaFGB4i9gPk5r5LnzUl4Z73zWrFdOsP iZjI0ILMQ9Ds70hokkY= -----END CERTIFICATE-----Generated at Fri Apr 4 17:01:04 2025 by rpki-client