$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS199514.roa File: AS199514.roa (raw, json) Hash identifier: He+ZDJPCmJdNTiyA50Rrt08Xau8NmhVTLnIzVJxkQ0o= Subject key identifier: 09:86:59:4F:BE:8E:EC:8B:E9:5C:A8:CF:F8:54:23:68:69:96:86:03 Certificate issuer: /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Certificate serial: 65AE1914673D160C75E65011534F7CE2966037FC Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS199514.roa Signing time: Sun 05 Nov 2023 04:07:19 +0000 ROA not before: Sun 05 Nov 2023 04:02:19 +0000 ROA not after: Sun 03 Nov 2024 04:07:19 +0000 asID: 199514 IP address blocks: 2a0a:6040:dd00::/40 maxlen: 48 Validation: OK Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 04 May 2024 11:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:ae:19:14:67:3d:16:0c:75:e6:50:11:53:4f:7c:e2:96:60:37:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Validity Not Before: Nov 5 04:02:19 2023 GMT Not After : Nov 3 04:07:19 2024 GMT Subject: CN=0986594FBE8EEC8BE95CA8CFF854236869968603 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:84:db:61:ca:9b:a6:87:88:ef:ea:3f:4e:2d: 6b:1a:d7:cc:e2:4b:3a:62:5d:a6:2d:78:4c:e1:3a: 2d:0e:68:26:43:54:4b:4c:9a:3f:87:02:36:d6:97: 1f:11:8b:f3:64:ef:16:25:60:b8:fc:35:2c:9d:50: 9a:f5:fa:40:03:ab:f0:4a:f9:44:27:48:79:96:8a: 57:79:9b:79:8a:f3:34:e5:4b:85:65:a5:98:06:14: 4d:ec:ce:6a:ea:96:40:12:c6:40:82:7a:44:d9:80: 1d:9f:bd:4a:3f:18:0b:00:56:7f:06:f7:e7:d4:65: 72:f0:71:0e:bb:e4:06:7b:8a:7e:aa:87:d0:54:89: 4b:53:c3:de:77:25:a5:23:0d:a8:6d:53:75:f5:38: b5:b8:9d:03:ea:d1:57:79:00:f4:6d:37:ea:25:0b: 90:99:ce:b2:31:c9:e6:13:0d:38:ce:09:1f:34:9f: 5d:cb:cc:41:08:dc:7c:04:e6:39:2e:44:3d:2c:aa: 8a:bc:d8:bb:85:75:45:2c:82:e2:38:fa:59:34:73: 57:ac:c8:d5:b2:73:84:7a:fd:d6:7c:eb:e9:f6:21: 8e:a0:c1:ac:5b:e0:5c:f3:54:5a:41:ae:67:4f:bc: cb:3a:d6:85:d1:91:5d:0a:dd:8c:df:d8:11:bf:98: a9:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:86:59:4F:BE:8E:EC:8B:E9:5C:A8:CF:F8:54:23:68:69:96:86:03 X509v3 Authority Key Identifier: keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject Information Access: Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS199514.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0a:6040:dd00::/40 Signature Algorithm: sha256WithRSAEncryption 2b:c5:3a:f2:32:16:6d:65:b5:1e:99:39:88:f0:ad:dd:d3:38: c2:88:40:ae:50:46:d3:02:d3:48:5f:bb:df:f4:d9:c8:fa:c9: 63:d2:89:5f:52:6d:25:8d:8d:92:d9:54:95:8d:2c:c7:be:1c: 7a:f0:1a:7c:22:03:77:e9:10:0d:a5:e5:bb:73:ce:d6:2b:b5: a3:97:5a:69:37:4a:ec:12:4b:e3:50:59:c9:ce:1d:38:09:54: c4:35:52:49:cd:8e:85:32:4e:7d:56:a1:a1:5f:ae:c5:ee:3a: ad:85:69:c6:33:ea:a3:eb:6d:ad:62:ef:5f:39:cc:5b:95:67: 20:38:62:fd:3f:4b:fc:ce:5f:46:df:2e:dd:29:e8:48:46:ef: 77:2f:09:6f:c8:b6:fc:7c:90:4f:70:d4:b6:68:95:13:e6:5e: 66:28:f7:95:8c:e4:ec:87:58:1d:a1:6f:1b:4f:77:f1:ca:7d: 37:67:96:c5:99:b7:3e:19:50:34:fb:e9:ea:52:aa:e1:b4:88: 9c:d4:70:90:2f:46:2f:7c:d5:07:4b:cc:17:d9:72:11:e4:42: e3:4e:3a:c6:5a:71:99:9b:07:57:5e:a6:1f:f8:09:ec:cb:66: b0:bd:0a:8c:75:64:f8:0e:5f:34:48:32:9a:6f:b6:c1:61:91: 40:55:72:c9 -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUZa4ZFGc9Fgx15lARU0984pZgN/wwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOTAeFw0yMzExMDUwNDAyMTlaFw0yNDExMDMwNDA3MTlaMDMxMTAvBgNV BAMTKDA5ODY1OTRGQkU4RUVDOEJFOTVDQThDRkY4NTQyMzY4Njk5Njg2MDMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrhNthypumh4jv6j9OLWsa18zi SzpiXaYteEzhOi0OaCZDVEtMmj+HAjbWlx8Ri/Nk7xYlYLj8NSydUJr1+kADq/BK +UQnSHmWild5m3mK8zTlS4VlpZgGFE3szmrqlkASxkCCekTZgB2fvUo/GAsAVn8G 9+fUZXLwcQ675AZ7in6qh9BUiUtTw953JaUjDahtU3X1OLW4nQPq0Vd5APRtN+ol C5CZzrIxyeYTDTjOCR80n13LzEEI3HwE5jkuRD0sqoq82LuFdUUsguI4+lk0c1es yNWyc4R6/dZ86+n2IY6gwaxb4FzzVFpBrmdPvMs61oXRkV0K3Yzf2BG/mKmxAgMB AAGjggH0MIIB8DAdBgNVHQ4EFgQUCYZZT76O7IvpXKjP+FQjaGmWhgMwHwYDVR0j BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5 bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2 M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD MjQzOUI3NkQ4NUFGOS5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w L0FTMTk5NTE0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgpgQN0wDQYJKoZIhvcNAQELBQADggEBACvF OvIyFm1ltR6ZOYjwrd3TOMKIQK5QRtMC00hfu9/02cj6yWPSiV9SbSWNjZLZVJWN LMe+HHrwGnwiA3fpEA2l5btzztYrtaOXWmk3SuwSS+NQWcnOHTgJVMQ1UknNjoUy Tn1WoaFfrsXuOq2FacYz6qPrba1i7185zFuVZyA4Yv0/S/zOX0bfLt0p6EhG73cv CW/Itvx8kE9w1LZolRPmXmYo95WM5OyHWB2hbxtPd/HKfTdnlsWZtz4ZUDT76epS quG0iJzUcJAvRi981QdLzBfZchHkQuNOOsZacZmbB1deph/4CezLZrC9Cox1ZPgO XzRIMppvtsFhkUBVcsk= -----END CERTIFICATE-----Generated at Fri May 3 17:52:28 2024 by rpki-client on console-fra.rpki-client.org