$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS198786.roa File: AS198786.roa (raw, json) Hash identifier: nRwxmWYSY3zP8nARth+NjqHeumSQ6wgcKhDTPZ9H0No= Subject key identifier: CA:87:A4:E5:7D:21:65:EF:C7:8F:AB:4F:E4:0D:03:40:63:18:46:A2 Certificate issuer: /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Certificate serial: 0E9625C163E8089669133C99ABCEB0ED5A516215 Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS198786.roa Signing time: Fri 21 Feb 2025 12:45:53 +0000 ROA not before: Fri 21 Feb 2025 12:40:53 +0000 ROA not after: Fri 20 Feb 2026 12:45:53 +0000 asID: 198786 IP address blocks: 2a05:dfc1:3500::/40 maxlen: 48 Validation: OK Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Apr 2025 02:10:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:96:25:c1:63:e8:08:96:69:13:3c:99:ab:ce:b0:ed:5a:51:62:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Validity Not Before: Feb 21 12:40:53 2025 GMT Not After : Feb 20 12:45:53 2026 GMT Subject: CN=CA87A4E57D2165EFC78FAB4FE40D0340631846A2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:c0:2b:db:7a:6b:4f:e4:59:74:ed:2c:38:f6: 13:ea:fd:e7:4f:ff:5e:9a:26:11:eb:9f:23:15:a0: 65:26:91:32:fd:c3:fa:92:46:2f:3e:4d:be:bc:17: ff:46:6e:03:97:25:e5:56:74:53:d9:45:5b:2e:e7: b6:0f:03:61:30:95:1d:6f:76:92:20:ad:a7:95:a2: 46:7b:ed:75:75:8a:e3:e0:3c:2f:be:bd:7c:13:f4: e5:0c:26:47:b0:1f:e6:c4:84:bf:a9:4e:94:61:b3: a3:49:4f:d4:f2:de:17:b6:e1:15:eb:cb:3c:e4:d0: f6:e6:3d:5f:3d:22:a3:0c:07:6c:9d:8e:b8:b9:12: 83:43:aa:78:91:56:fa:40:a9:1a:96:5a:12:bc:ef: 3a:11:cc:a9:0a:ed:a3:f2:79:2c:46:ac:fc:d3:29: 48:54:28:6b:90:c6:9b:cf:63:74:bf:57:3b:bf:d5: 12:9b:37:36:b4:45:92:c6:9e:28:0d:0d:07:d7:00: b0:e7:cb:32:7c:33:3a:db:2a:3f:42:6a:a6:f2:54: db:c9:69:6b:ac:19:74:65:91:f3:29:5a:af:76:8a: 11:8a:7b:bc:b4:1b:6c:68:d3:11:8d:ce:b7:e7:92: ac:bc:79:9b:ac:62:2e:11:4d:b3:28:8e:eb:e1:9c: be:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:87:A4:E5:7D:21:65:EF:C7:8F:AB:4F:E4:0D:03:40:63:18:46:A2 X509v3 Authority Key Identifier: keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject Information Access: Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS198786.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc1:3500::/40 Signature Algorithm: sha256WithRSAEncryption 06:11:4c:ed:b1:89:77:4f:22:5c:ea:0a:bc:ee:cd:06:fe:a9: 14:fb:6b:7f:5f:ab:e1:d2:72:1f:d7:3c:f2:f8:36:30:c6:25: bf:ce:76:3a:c2:d7:c9:ad:f8:f3:b0:c6:2d:ec:36:08:da:c6: 9e:84:23:ed:8a:07:75:f5:9b:3e:25:5d:ce:bc:18:ba:5e:ba: 30:d5:b2:2b:65:20:42:ee:54:55:12:03:4c:23:a9:84:8d:6c: ad:81:b6:21:a2:41:72:43:be:c9:2f:c3:0e:75:3d:1b:18:22: 66:62:79:8c:b1:97:1b:8b:4e:28:db:3b:08:e1:53:46:19:1f: ea:a1:1b:14:ed:bc:86:74:63:dd:38:2d:03:e2:6b:e5:8f:3b: c6:51:e4:71:a9:40:f1:51:b5:70:e6:aa:2b:16:9f:b9:1d:c2: 40:43:25:7e:20:d0:cd:d0:e2:7a:a6:ae:b7:da:da:98:c7:8f: b9:4c:32:52:91:9f:94:1e:d5:88:d2:56:68:7d:ad:f4:60:c1: 52:b6:c8:5f:cf:81:f1:e6:83:67:7b:57:7f:d0:f0:18:d4:35: 86:15:72:6c:93:d2:ea:7c:ac:8b:ff:6b:c6:e2:5d:26:b7:28: 61:2d:4f:87:3a:aa:ff:b0:47:06:79:fc:b0:8f:07:04:1e:54: 6d:7a:e5:d8 -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUDpYlwWPoCJZpEzyZq86w7VpRYhUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOTAeFw0yNTAyMjExMjQwNTNaFw0yNjAyMjAxMjQ1NTNaMDMxMTAvBgNV BAMTKENBODdBNEU1N0QyMTY1RUZDNzhGQUI0RkU0MEQwMzQwNjMxODQ2QTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTwCvbemtP5Fl07Sw49hPq/edP /16aJhHrnyMVoGUmkTL9w/qSRi8+Tb68F/9GbgOXJeVWdFPZRVsu57YPA2EwlR1v dpIgraeVokZ77XV1iuPgPC++vXwT9OUMJkewH+bEhL+pTpRhs6NJT9Ty3he24RXr yzzk0PbmPV89IqMMB2ydjri5EoNDqniRVvpAqRqWWhK87zoRzKkK7aPyeSxGrPzT KUhUKGuQxpvPY3S/Vzu/1RKbNza0RZLGnigNDQfXALDnyzJ8MzrbKj9CaqbyVNvJ aWusGXRlkfMpWq92ihGKe7y0G2xo0xGNzrfnkqy8eZusYi4RTbMojuvhnL7fAgMB AAGjggH0MIIB8DAdBgNVHQ4EFgQUyoek5X0hZe/Hj6tP5A0DQGMYRqIwHwYDVR0j BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5 bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2 M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD MjQzOUI3NkQ4NUFGOS5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w L0FTMTk4Nzg2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXfwTUwDQYJKoZIhvcNAQELBQADggEBAAYR TO2xiXdPIlzqCrzuzQb+qRT7a39fq+HSch/XPPL4NjDGJb/OdjrC18mt+POwxi3s Ngjaxp6EI+2KB3X1mz4lXc68GLpeujDVsitlIELuVFUSA0wjqYSNbK2BtiGiQXJD vskvww51PRsYImZieYyxlxuLTijbOwjhU0YZH+qhGxTtvIZ0Y904LQPia+WPO8ZR 5HGpQPFRtXDmqisWn7kdwkBDJX4g0M3Q4nqmrrfa2pjHj7lMMlKRn5Qe1YjSVmh9 rfRgwVK2yF/PgfHmg2d7V3/Q8BjUNYYVcmyT0up8rIv/a8biXSa3KGEtT4c6qv+w RwZ5/LCPBwQeVG165dg= -----END CERTIFICATE-----Generated at Fri Apr 4 17:04:49 2025 by rpki-client