$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS199097.roa File: AS199097.roa (raw, json) Hash identifier: dkzIhMQBkKDT0FcRK9w8QuRmWC2N+MQ3dtZYD8j27PA= Subject key identifier: 58:69:58:41:DC:CA:A7:A3:5C:9B:7D:FA:BB:6B:82:C6:61:8A:55:CE Certificate issuer: /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Certificate serial: 29947375190F9FAC07E9A3350295C7F2523F1974 Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS199097.roa Signing time: Wed 29 Jan 2025 14:45:44 +0000 ROA not before: Wed 29 Jan 2025 14:40:44 +0000 ROA not after: Wed 28 Jan 2026 14:45:44 +0000 asID: 199097 IP address blocks: 2a05:dfc1:1100::/40 maxlen: 48 Validation: OK Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Apr 2025 02:10:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:94:73:75:19:0f:9f:ac:07:e9:a3:35:02:95:c7:f2:52:3f:19:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Validity Not Before: Jan 29 14:40:44 2025 GMT Not After : Jan 28 14:45:44 2026 GMT Subject: CN=58695841DCCAA7A35C9B7DFABB6B82C6618A55CE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:ae:53:f9:52:1a:af:3f:7f:e7:84:17:03:02: fd:0d:0e:37:0f:a1:b0:50:05:f3:dd:af:b4:12:65: af:38:e4:d9:59:14:b6:1e:01:d8:0f:7f:5b:eb:ea: b8:9d:8e:e1:ff:a2:66:b1:ae:43:43:59:d5:16:64: 6d:62:a1:fd:a0:62:c3:41:bd:01:22:4a:30:7f:e9: 0f:0a:6f:f5:05:48:f3:d2:91:51:30:58:29:43:b0: 1f:29:45:eb:b1:f6:8f:dc:02:04:2d:55:af:21:4b: 7e:d8:df:e2:08:fd:ae:8a:8a:bc:a0:f0:f1:c9:8c: b3:6e:37:b3:80:8a:fc:e4:e9:70:cf:a0:f1:e3:cf: 27:22:d5:fb:cb:21:ad:87:fe:c4:aa:e5:da:e2:fd: 6e:bb:9f:07:cf:89:b0:64:c0:61:c0:4b:f2:ce:5c: b8:91:92:4f:8a:5a:49:98:ba:f1:d0:e0:53:05:36: 4e:db:e9:ff:69:83:9a:f2:74:f0:be:d4:2e:e6:21: e5:4c:29:44:d7:18:4b:2b:ef:d2:fd:82:84:d7:3e: c5:96:44:82:dd:82:35:52:1b:bf:63:b3:0e:d3:35: ae:50:bc:3e:7a:fb:df:70:94:78:a8:44:7a:f8:c1: 78:11:5c:67:d7:d8:36:55:cc:ab:98:75:73:60:0d: 03:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:69:58:41:DC:CA:A7:A3:5C:9B:7D:FA:BB:6B:82:C6:61:8A:55:CE X509v3 Authority Key Identifier: keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject Information Access: Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS199097.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc1:1100::/40 Signature Algorithm: sha256WithRSAEncryption a0:a2:e2:04:f6:92:c5:43:6e:5a:21:b4:3e:f2:99:9e:19:bc: d1:54:f7:54:81:51:17:bb:c1:4d:cb:3f:fc:6e:8c:27:91:b5: 5e:8b:30:52:c6:b1:e5:b1:dc:83:26:93:db:c4:0a:e8:4c:31: 2f:cb:29:b2:64:42:91:fc:04:15:53:ff:ed:e1:ce:c7:35:97: b5:78:70:67:7e:1a:7a:e2:fa:d6:4d:a8:2c:02:68:6c:68:a1: bb:7f:0e:7f:4a:5f:52:f2:7b:83:ce:c6:dc:d5:11:c2:5a:65: a8:af:67:00:e8:2d:80:97:f9:35:d1:eb:b9:c6:04:ac:73:12: a6:aa:69:11:8b:21:78:6a:69:17:e6:2b:a1:bd:57:f9:af:80: e6:1d:ec:cf:d7:83:cb:d1:4c:de:2a:fe:38:bd:9f:88:8f:8d: 5e:b4:ff:8f:c4:18:34:47:60:41:9e:ac:22:ce:60:f7:d1:12: 95:9c:e9:c5:7a:5f:0d:02:b6:b0:61:25:c6:68:66:1d:d6:84: 2c:15:e5:9e:72:51:4d:43:04:bd:3b:2d:43:6a:6e:b6:c1:28: 8f:d3:21:42:27:59:74:44:da:c8:fe:4c:47:14:ce:bf:96:a6: b3:6f:3b:92:51:83:32:7b:6e:29:12:85:6a:3b:31:d6:36:3d: 17:20:76:c6 -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUKZRzdRkPn6wH6aM1ApXH8lI/GXQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOTAeFw0yNTAxMjkxNDQwNDRaFw0yNjAxMjgxNDQ1NDRaMDMxMTAvBgNV BAMTKDU4Njk1ODQxRENDQUE3QTM1QzlCN0RGQUJCNkI4MkM2NjE4QTU1Q0UwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDErlP5UhqvP3/nhBcDAv0NDjcP obBQBfPdr7QSZa845NlZFLYeAdgPf1vr6ridjuH/omaxrkNDWdUWZG1iof2gYsNB vQEiSjB/6Q8Kb/UFSPPSkVEwWClDsB8pReux9o/cAgQtVa8hS37Y3+II/a6Kiryg 8PHJjLNuN7OAivzk6XDPoPHjzyci1fvLIa2H/sSq5dri/W67nwfPibBkwGHAS/LO XLiRkk+KWkmYuvHQ4FMFNk7b6f9pg5rydPC+1C7mIeVMKUTXGEsr79L9goTXPsWW RILdgjVSG79jsw7TNa5QvD56+99wlHioRHr4wXgRXGfX2DZVzKuYdXNgDQNlAgMB AAGjggH0MIIB8DAdBgNVHQ4EFgQUWGlYQdzKp6Ncm336u2uCxmGKVc4wHwYDVR0j BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5 bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2 M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD MjQzOUI3NkQ4NUFGOS5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w L0FTMTk5MDk3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXfwREwDQYJKoZIhvcNAQELBQADggEBAKCi 4gT2ksVDblohtD7ymZ4ZvNFU91SBURe7wU3LP/xujCeRtV6LMFLGseWx3IMmk9vE CuhMMS/LKbJkQpH8BBVT/+3hzsc1l7V4cGd+Gnri+tZNqCwCaGxoobt/Dn9KX1Ly e4POxtzVEcJaZaivZwDoLYCX+TXR67nGBKxzEqaqaRGLIXhqaRfmK6G9V/mvgOYd 7M/Xg8vRTN4q/ji9n4iPjV60/4/EGDRHYEGerCLOYPfREpWc6cV6Xw0CtrBhJcZo Zh3WhCwV5Z5yUU1DBL07LUNqbrbBKI/TIUInWXRE2sj+TEcUzr+WprNvO5JRgzJ7 bikShWo7MdY2PRcgdsY= -----END CERTIFICATE-----Generated at Fri Apr 4 16:59:04 2025 by rpki-client