$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS198963.roa File: AS198963.roa (raw, json) Hash identifier: zRhv6t16wDy3E4ik8xhP0tWMhxkonwUqcRY2EQYVOMk= Subject key identifier: E7:2B:89:97:3D:4B:92:44:4B:06:34:74:39:E5:34:FE:25:36:AC:92 Certificate issuer: /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Certificate serial: 30527D1790B8979BBACDE5DDAB5CFD0EEFE7AEF9 Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS198963.roa Signing time: Thu 06 Feb 2025 13:45:50 +0000 ROA not before: Thu 06 Feb 2025 13:40:50 +0000 ROA not after: Thu 05 Feb 2026 13:45:50 +0000 asID: 198963 IP address blocks: 2a05:dfc1:1300::/40 maxlen: 48 Validation: OK Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Apr 2025 02:10:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:52:7d:17:90:b8:97:9b:ba:cd:e5:dd:ab:5c:fd:0e:ef:e7:ae:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Validity Not Before: Feb 6 13:40:50 2025 GMT Not After : Feb 5 13:45:50 2026 GMT Subject: CN=E72B89973D4B92444B06347439E534FE2536AC92 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fb:7c:08:80:8a:77:e5:d5:41:22:9b:7c:80:3c: ec:54:8c:e1:8a:b7:d7:a1:a2:98:7e:96:c7:73:ac: d8:24:64:50:28:3b:bd:12:6b:4e:9b:d5:b1:b6:5f: 1d:4c:7d:fa:31:39:1a:d2:7b:80:88:18:0a:da:f2: 0b:87:1e:ca:40:b0:da:af:30:04:7f:6c:d7:b1:2a: 60:da:7d:4f:29:09:49:b2:bf:f2:b6:f4:c5:7a:1e: be:7e:66:08:da:1e:db:bc:70:fa:d0:1f:6b:5c:78: 64:e8:cf:de:0a:ea:38:e5:ce:0f:7e:a1:e3:2d:a2: a2:f6:f4:22:d8:e7:2d:72:a4:49:69:ce:f7:b7:b3: 60:d9:f5:82:75:4a:4a:eb:14:ee:44:b7:d6:21:3f: 16:0e:36:c8:7e:3b:bb:f3:62:b9:5d:67:ae:ae:ca: 89:e2:f4:5d:50:cd:ba:fe:e9:28:89:9a:09:5b:10: 4e:80:fa:fa:53:f1:b6:25:95:1c:4a:da:4b:7c:3c: b1:d9:b5:d5:72:ee:24:46:89:0b:3f:42:f4:88:0d: b3:cd:c8:f9:c5:08:53:5a:34:a4:5a:03:59:d6:38: be:aa:1d:63:f0:2b:cf:9b:a0:2e:71:92:4e:50:42: 8d:e7:4a:c1:18:cc:67:e9:be:f4:de:d1:ba:14:29: d1:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:2B:89:97:3D:4B:92:44:4B:06:34:74:39:E5:34:FE:25:36:AC:92 X509v3 Authority Key Identifier: keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject Information Access: Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS198963.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc1:1300::/40 Signature Algorithm: sha256WithRSAEncryption 41:c3:d3:ae:2c:4e:55:11:e1:eb:36:ae:a2:86:c2:d9:3b:1a: bc:4f:17:80:aa:8d:aa:85:24:13:d3:25:2d:e0:81:76:1a:3c: 49:40:87:92:3f:aa:ce:2d:47:8c:fa:c1:26:fc:8a:11:20:92: 54:73:fc:43:f0:b4:a5:f4:89:af:de:55:ad:4e:2c:90:bf:9d: 32:98:08:14:75:3d:27:2e:43:6a:f8:93:b6:b0:a1:5b:22:a6: 6b:6c:f3:41:1c:99:77:16:e4:dc:c4:67:d0:36:b7:b4:8f:48: bd:c1:1c:02:38:5c:24:e2:c8:b9:1c:59:e1:cb:46:3a:16:41: 4f:e6:f9:d4:cd:15:ac:27:2a:c5:40:81:8b:74:b1:ff:ae:af: 4a:84:14:c5:76:35:95:eb:f1:ee:9a:b9:3a:01:85:ea:f3:8b: 91:34:02:4c:da:74:f0:5e:6a:80:3e:68:a0:f2:fb:69:5a:d5: 1e:fc:3e:d6:9d:3d:6e:e5:cb:7b:f0:12:71:ad:91:df:27:11: 2b:aa:79:f6:e9:eb:85:72:b1:4e:f9:9c:54:7e:f1:a3:89:d2: bc:11:13:42:51:38:9c:ba:1f:45:0d:59:06:53:27:d7:34:4b: a4:5b:b5:bb:37:c2:e5:1a:c1:57:11:75:a4:49:e7:ca:a0:bc: 2c:47:63:ce -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUMFJ9F5C4l5u6zeXdq1z9Du/nrvkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOTAeFw0yNTAyMDYxMzQwNTBaFw0yNjAyMDUxMzQ1NTBaMDMxMTAvBgNV BAMTKEU3MkI4OTk3M0Q0QjkyNDQ0QjA2MzQ3NDM5RTUzNEZFMjUzNkFDOTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD7fAiAinfl1UEim3yAPOxUjOGK t9ehoph+lsdzrNgkZFAoO70Sa06b1bG2Xx1MffoxORrSe4CIGAra8guHHspAsNqv MAR/bNexKmDafU8pCUmyv/K29MV6Hr5+ZgjaHtu8cPrQH2tceGToz94K6jjlzg9+ oeMtoqL29CLY5y1ypElpzve3s2DZ9YJ1SkrrFO5Et9YhPxYONsh+O7vzYrldZ66u yoni9F1Qzbr+6SiJmglbEE6A+vpT8bYllRxK2kt8PLHZtdVy7iRGiQs/QvSIDbPN yPnFCFNaNKRaA1nWOL6qHWPwK8+boC5xkk5QQo3nSsEYzGfpvvTe0boUKdFDAgMB AAGjggH0MIIB8DAdBgNVHQ4EFgQU5yuJlz1LkkRLBjR0OeU0/iU2rJIwHwYDVR0j BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5 bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2 M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD MjQzOUI3NkQ4NUFGOS5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w L0FTMTk4OTYzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXfwRMwDQYJKoZIhvcNAQELBQADggEBAEHD 064sTlUR4es2rqKGwtk7GrxPF4CqjaqFJBPTJS3ggXYaPElAh5I/qs4tR4z6wSb8 ihEgklRz/EPwtKX0ia/eVa1OLJC/nTKYCBR1PScuQ2r4k7awoVsipmts80EcmXcW 5NzEZ9A2t7SPSL3BHAI4XCTiyLkcWeHLRjoWQU/m+dTNFawnKsVAgYt0sf+ur0qE FMV2NZXr8e6auToBherzi5E0AkzadPBeaoA+aKDy+2la1R78PtadPW7ly3vwEnGt kd8nESuqefbp64VysU75nFR+8aOJ0rwRE0JROJy6H0UNWQZTJ9c0S6Rbtbs3wuUa wVcRdaRJ58qgvCxHY84= -----END CERTIFICATE-----Generated at Fri Apr 4 17:03:24 2025 by rpki-client