$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS199605.roa File: AS199605.roa (raw, json) Hash identifier: Ahpvbt8uKpUcz2gukeSk9I1+gJsaX3rL4zXYAC1uh/A= Subject key identifier: 9C:FB:18:54:F7:53:58:16:F6:C8:43:07:BF:CC:53:DC:B2:23:E7:53 Certificate issuer: /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Certificate serial: 15BEC439DDD4303985F0013D1EE89DCD953705B5 Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS199605.roa Signing time: Sun 06 Oct 2024 04:44:59 +0000 ROA not before: Sun 06 Oct 2024 04:39:59 +0000 ROA not after: Sun 05 Oct 2025 04:44:59 +0000 asID: 199605 IP address blocks: 2a0a:6040:7e00::/40 maxlen: 48 Validation: OK Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 22 Nov 2024 04:12:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:be:c4:39:dd:d4:30:39:85:f0:01:3d:1e:e8:9d:cd:95:37:05:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Validity Not Before: Oct 6 04:39:59 2024 GMT Not After : Oct 5 04:44:59 2025 GMT Subject: CN=9CFB1854F7535816F6C84307BFCC53DCB223E753 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:61:ae:cf:1b:95:06:61:55:b4:72:6a:ac:96: 05:36:2d:53:6f:dd:09:c3:e6:e8:27:e7:90:38:9d: e3:3b:d4:02:6a:c7:3b:c5:ee:bf:2d:0a:2d:f6:ba: af:6d:b1:38:cc:b6:12:2c:72:4b:f4:21:b9:a0:e3: 4a:c5:05:ff:83:05:f8:b3:99:7c:d2:57:75:57:59: ea:c8:7e:da:38:07:88:e1:78:30:8b:b7:b0:51:a9: 15:29:57:48:ee:b2:92:90:e0:e6:04:8e:c6:37:92: 82:70:d5:a5:7a:7f:cd:da:ab:01:f5:6c:d6:a8:9f: a0:c2:f1:57:40:7c:8f:41:45:36:ab:e8:78:de:4a: 49:ec:97:6a:51:41:a0:ad:2e:35:71:8e:e7:a8:01: 0e:5a:80:72:e4:1c:4a:fb:ce:0c:26:ce:35:b8:54: c6:aa:0a:43:df:6b:bb:b6:31:cf:ce:0e:dc:4d:e7: 45:30:c4:a3:e9:cb:ce:0e:70:1b:1c:3e:fa:44:aa: 2e:83:1a:90:e0:ee:a9:a8:a0:06:f3:1b:2e:75:24: 58:44:c2:f2:0a:f9:b0:b6:6b:ec:3f:b5:72:f9:9d: b0:8e:f9:60:e8:7d:3b:17:a4:92:60:24:d7:ce:1a: a0:42:bb:40:03:69:e0:78:c2:36:48:84:9b:2a:27: d8:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:FB:18:54:F7:53:58:16:F6:C8:43:07:BF:CC:53:DC:B2:23:E7:53 X509v3 Authority Key Identifier: keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject Information Access: Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS199605.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0a:6040:7e00::/40 Signature Algorithm: sha256WithRSAEncryption 34:68:e8:a0:d6:4f:8e:70:47:18:0d:61:ee:b7:7e:7b:af:59: 63:9e:3f:d6:0c:cb:4f:3f:72:67:64:cb:fa:0e:03:7d:e0:73: 6c:a6:76:7d:e8:5f:9f:ce:3b:78:d2:0f:5d:71:0a:77:c8:3a: d7:1b:ff:16:5e:1e:6e:69:54:9f:4c:16:0f:48:45:17:26:4c: 2c:50:19:14:dc:9f:28:7d:c8:13:3e:ce:a4:8e:d6:1e:15:14: 79:64:07:6e:c6:ca:a3:2e:4f:15:a6:fb:1e:85:cb:7a:f9:a2: d1:0f:eb:19:07:13:b2:52:06:a0:e0:8e:96:b5:61:8c:95:82: 25:73:7f:75:b8:8c:c8:eb:6b:34:bb:22:ef:75:2c:c7:f2:2c: a7:ad:58:8d:b9:63:76:b9:d4:a9:a8:0e:99:09:66:f9:c4:bc: 5d:a3:b6:45:45:cd:44:e0:96:3d:f1:90:bc:71:3f:23:a0:dd: 0d:69:98:9c:f8:ea:f3:02:4a:9c:56:b2:a7:18:56:30:fc:b4: 85:5e:83:f8:fe:c6:ac:67:cf:d9:49:df:1d:36:ae:77:17:b2: fa:83:3f:0c:ca:c5:3b:7a:65:85:c9:b0:50:d9:07:02:0f:12: d4:aa:b6:47:61:3f:e2:b1:67:01:81:c8:8e:00:92:bb:e7:15: 3c:c1:cc:0b -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUFb7EOd3UMDmF8AE9HuidzZU3BbUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOTAeFw0yNDEwMDYwNDM5NTlaFw0yNTEwMDUwNDQ0NTlaMDMxMTAvBgNV BAMTKDlDRkIxODU0Rjc1MzU4MTZGNkM4NDMwN0JGQ0M1M0RDQjIyM0U3NTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/Ya7PG5UGYVW0cmqslgU2LVNv 3QnD5ugn55A4neM71AJqxzvF7r8tCi32uq9tsTjMthIsckv0Ibmg40rFBf+DBfiz mXzSV3VXWerIfto4B4jheDCLt7BRqRUpV0juspKQ4OYEjsY3koJw1aV6f83aqwH1 bNaon6DC8VdAfI9BRTar6HjeSknsl2pRQaCtLjVxjueoAQ5agHLkHEr7zgwmzjW4 VMaqCkPfa7u2Mc/ODtxN50UwxKPpy84OcBscPvpEqi6DGpDg7qmooAbzGy51JFhE wvIK+bC2a+w/tXL5nbCO+WDofTsXpJJgJNfOGqBCu0ADaeB4wjZIhJsqJ9hPAgMB AAGjggH0MIIB8DAdBgNVHQ4EFgQUnPsYVPdTWBb2yEMHv8xT3LIj51MwHwYDVR0j BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5 bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2 M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD MjQzOUI3NkQ4NUFGOS5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w L0FTMTk5NjA1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgpgQH4wDQYJKoZIhvcNAQELBQADggEBADRo 6KDWT45wRxgNYe63fnuvWWOeP9YMy08/cmdky/oOA33gc2ymdn3oX5/OO3jSD11x CnfIOtcb/xZeHm5pVJ9MFg9IRRcmTCxQGRTcnyh9yBM+zqSO1h4VFHlkB27GyqMu TxWm+x6Fy3r5otEP6xkHE7JSBqDgjpa1YYyVgiVzf3W4jMjrazS7Iu91LMfyLKet WI25Y3a51KmoDpkJZvnEvF2jtkVFzUTglj3xkLxxPyOg3Q1pmJz46vMCSpxWsqcY VjD8tIVeg/j+xqxnz9lJ3x02rncXsvqDPwzKxTt6ZYXJsFDZBwIPEtSqtkdhP+Kx ZwGByI4AkrvnFTzBzAs= -----END CERTIFICATE-----Generated at Thu Nov 21 18:46:54 2024 by rpki-client on console-ams.rpki-client.org