$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS198981.roa File: AS198981.roa (raw, json) Hash identifier: 2uSaJPZKXHo8jcwkAQZqODIWkQOOHOuWsQ5VsiwkAk4= Subject key identifier: A8:FF:0B:B8:91:DA:34:3F:3D:05:63:AB:F6:89:0C:96:95:AB:8E:83 Certificate issuer: /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Certificate serial: 22D18E07E992E57583DC603CDA63581F42415A9F Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS198981.roa Signing time: Thu 06 Feb 2025 12:45:50 +0000 ROA not before: Thu 06 Feb 2025 12:40:50 +0000 ROA not after: Thu 05 Feb 2026 12:45:50 +0000 asID: 198981 IP address blocks: 2a05:dfc1:2b00::/40 maxlen: 48 Validation: OK Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Apr 2025 02:10:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:d1:8e:07:e9:92:e5:75:83:dc:60:3c:da:63:58:1f:42:41:5a:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Validity Not Before: Feb 6 12:40:50 2025 GMT Not After : Feb 5 12:45:50 2026 GMT Subject: CN=A8FF0BB891DA343F3D0563ABF6890C9695AB8E83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:17:79:cb:21:d8:99:44:05:5e:b2:1d:78:7c: 9f:7b:c2:2e:6f:5f:ce:16:4e:21:56:29:6d:2e:f8: ee:9e:68:91:11:65:7c:a8:c1:1a:f4:40:f6:07:c0: df:8b:d9:cd:bd:66:37:a3:19:1d:b6:36:94:94:82: d7:d8:fe:11:ce:d5:c8:f1:50:42:82:99:2a:bc:f3: 8c:2f:6a:c7:d5:89:c4:58:57:6a:39:f5:b6:04:28: 7e:da:d0:e9:5c:f4:38:1b:17:f0:ce:dc:64:9b:2a: d2:00:86:5a:b7:60:d6:52:a0:44:ac:ad:3f:8b:61: 8d:6d:ed:9c:57:a2:e4:6e:bb:80:23:ae:52:87:37: 78:9a:4a:9e:63:7a:90:6a:70:da:e7:bc:c5:c9:80: 11:7d:70:af:cc:0c:cb:b5:6b:92:3b:4d:b9:58:6c: 1c:f9:17:b8:86:15:30:1e:9d:87:88:9e:16:70:fe: 15:d9:bc:56:c1:3c:f9:12:85:2b:b6:0b:1f:2d:8d: 7a:54:7f:ae:a6:76:f4:16:74:bb:97:05:4f:83:bd: a0:b5:47:e9:61:25:4c:f7:3b:18:a4:c1:2e:14:f8: fc:06:ff:18:ca:9a:40:e8:bd:54:e6:d2:91:21:40: b0:0d:00:1c:46:61:29:76:63:9c:0b:0e:bd:0c:4c: 61:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:FF:0B:B8:91:DA:34:3F:3D:05:63:AB:F6:89:0C:96:95:AB:8E:83 X509v3 Authority Key Identifier: keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject Information Access: Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS198981.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc1:2b00::/40 Signature Algorithm: sha256WithRSAEncryption 84:6d:68:ce:bd:b2:56:63:f8:6f:35:c5:c4:0c:0b:ad:0e:c6: 10:99:ee:7c:b2:fc:21:3d:3b:4d:7c:6d:51:a9:5c:9a:31:32: ce:58:04:90:b7:31:0b:47:1b:7c:35:7e:39:01:e0:b2:60:cc: d6:7b:c1:20:88:dd:86:ee:d4:4b:69:12:1e:79:35:c3:e5:81: 9c:5b:5f:f2:e7:ad:ae:6c:8d:f3:26:4a:0d:2c:e3:91:bc:f3: 5d:2e:cb:e8:d4:54:ba:18:56:de:e5:15:b8:37:f3:79:b0:66: 21:93:ff:1e:b5:e2:59:53:2b:3c:03:9f:b9:6a:9e:b1:c5:a9: 5c:95:2f:5f:02:35:7e:20:b4:a5:20:07:53:42:2f:46:39:ec: 11:9d:52:57:bd:da:33:fc:fa:94:b5:04:7e:09:de:98:13:5c: a6:5d:fc:67:f8:01:f9:c1:f0:ae:0c:5a:8e:de:c7:ef:3b:9c: 6f:67:85:b6:63:89:d3:6a:d0:82:63:55:46:d6:74:2c:09:2a: 06:9f:51:33:9b:9c:42:d9:e6:e8:a6:74:55:6d:03:ff:95:19: 40:b5:3e:bd:f6:d5:33:a8:31:34:83:8a:c4:2f:97:5d:08:e6: 3b:9f:2a:08:21:3e:bd:df:47:dd:a0:81:46:96:b9:24:20:6c: 5b:80:bc:7b -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUItGOB+mS5XWD3GA82mNYH0JBWp8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOTAeFw0yNTAyMDYxMjQwNTBaFw0yNjAyMDUxMjQ1NTBaMDMxMTAvBgNV BAMTKEE4RkYwQkI4OTFEQTM0M0YzRDA1NjNBQkY2ODkwQzk2OTVBQjhFODMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoF3nLIdiZRAVesh14fJ97wi5v X84WTiFWKW0u+O6eaJERZXyowRr0QPYHwN+L2c29ZjejGR22NpSUgtfY/hHO1cjx UEKCmSq884wvasfVicRYV2o59bYEKH7a0Olc9DgbF/DO3GSbKtIAhlq3YNZSoESs rT+LYY1t7ZxXouRuu4AjrlKHN3iaSp5jepBqcNrnvMXJgBF9cK/MDMu1a5I7TblY bBz5F7iGFTAenYeInhZw/hXZvFbBPPkShSu2Cx8tjXpUf66mdvQWdLuXBU+DvaC1 R+lhJUz3OxikwS4U+PwG/xjKmkDovVTm0pEhQLANABxGYSl2Y5wLDr0MTGHdAgMB AAGjggH0MIIB8DAdBgNVHQ4EFgQUqP8LuJHaND89BWOr9okMlpWrjoMwHwYDVR0j BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5 bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2 M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD MjQzOUI3NkQ4NUFGOS5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w L0FTMTk4OTgxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXfwSswDQYJKoZIhvcNAQELBQADggEBAIRt aM69slZj+G81xcQMC60OxhCZ7nyy/CE9O018bVGpXJoxMs5YBJC3MQtHG3w1fjkB 4LJgzNZ7wSCI3Ybu1EtpEh55NcPlgZxbX/Lnra5sjfMmSg0s45G8810uy+jUVLoY Vt7lFbg383mwZiGT/x614llTKzwDn7lqnrHFqVyVL18CNX4gtKUgB1NCL0Y57BGd Ule92jP8+pS1BH4J3pgTXKZd/Gf4AfnB8K4MWo7ex+87nG9nhbZjidNq0IJjVUbW dCwJKgafUTObnELZ5uimdFVtA/+VGUC1Pr321TOoMTSDisQvl10I5jufKgghPr3f R92ggUaWuSQgbFuAvHs= -----END CERTIFICATE-----Generated at Fri Apr 4 17:01:04 2025 by rpki-client