$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS199688.roa File: AS199688.roa (raw, json) Hash identifier: 4rTmkdBEwoGs6GSxgo0oY3VUJoQRpXXlmb6V7GuoRB8= Subject key identifier: 71:1F:3D:F6:B8:72:22:91:D5:62:1A:74:3D:F6:23:3C:92:64:1E:2F Certificate issuer: /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Certificate serial: 3A98CBB6EAD0EA7F2DD2D00102AE08F6B4F3C31E Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS199688.roa Signing time: Sun 06 Oct 2024 04:45:08 +0000 ROA not before: Sun 06 Oct 2024 04:40:08 +0000 ROA not after: Sun 05 Oct 2025 04:45:08 +0000 asID: 199688 IP address blocks: 2a0a:6040:7600::/40 maxlen: 48 Validation: OK Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 22 Nov 2024 04:12:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:98:cb:b6:ea:d0:ea:7f:2d:d2:d0:01:02:ae:08:f6:b4:f3:c3:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Validity Not Before: Oct 6 04:40:08 2024 GMT Not After : Oct 5 04:45:08 2025 GMT Subject: CN=711F3DF6B8722291D5621A743DF6233C92641E2F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:a9:c6:c3:c9:fe:b2:95:6a:56:87:75:d7:a6: fa:6c:74:a3:31:4b:c2:74:36:c1:85:d4:f9:33:f4: 7c:83:21:f4:3a:69:70:41:75:c4:53:39:03:33:b2: c7:7e:1a:a4:00:44:4d:9c:5d:74:bf:01:6d:01:67: 23:d9:82:b9:2c:3e:99:0a:5f:eb:98:ce:5d:13:5e: a4:51:cb:5d:c0:c6:84:32:12:ff:1b:41:7b:9e:da: 2c:dd:16:73:2f:23:8d:72:5d:96:cd:24:76:d0:b4: 0d:3a:ce:99:c7:0e:01:bd:d8:af:77:a0:2b:47:e4: 57:17:f0:bd:e0:fd:9d:ce:fc:1b:8d:90:08:05:ec: d3:d0:8e:ff:27:45:10:42:75:d9:0b:c4:26:73:60: 2c:35:7a:f3:fa:72:8c:cf:95:e8:5a:61:5f:44:67: 8b:a5:9b:9d:df:78:b1:97:0b:46:f2:cc:b4:42:4d: 69:67:14:c0:db:6d:f6:43:77:fd:05:a1:93:84:1e: aa:ae:23:cb:30:ac:90:53:7b:73:c6:e8:4f:f7:34: 51:45:4b:32:db:08:b4:4f:09:ee:dd:d7:79:52:bd: 8d:b1:84:c0:3e:28:ca:15:59:bb:96:ea:d2:c1:fd: 19:48:75:7c:08:63:e9:b4:28:c6:45:b9:5b:de:d4: b1:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:1F:3D:F6:B8:72:22:91:D5:62:1A:74:3D:F6:23:3C:92:64:1E:2F X509v3 Authority Key Identifier: keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject Information Access: Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS199688.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0a:6040:7600::/40 Signature Algorithm: sha256WithRSAEncryption c6:a9:a4:f6:71:de:4e:2d:ab:4b:0f:0b:87:b9:75:a6:65:01: e7:d2:c9:f3:d1:de:f0:80:4e:b4:93:9b:f9:04:0a:73:60:dd: 7e:3a:fd:2e:7e:4a:ca:73:f3:1e:a1:d1:37:b5:e2:87:c5:33: 69:39:56:ae:24:4f:9a:b3:12:cb:94:24:6d:3b:3a:22:81:4d: 41:64:e5:36:e6:e2:40:08:d9:89:fb:a4:06:08:02:fd:4e:0c: 2a:ef:a9:fb:31:7b:50:a9:7f:7a:36:d4:3e:70:f5:55:ad:1b: ad:5f:5b:bc:e8:a8:11:73:40:e4:fc:0e:e9:ed:15:f2:d7:b3: c5:bc:4a:66:1c:90:1b:89:82:f2:30:35:a2:de:07:52:39:2f: 0c:4f:66:3a:b0:b4:ab:3c:17:a0:6a:93:97:6b:b4:28:8a:af: 77:9c:c9:46:21:17:0a:36:b0:7d:f4:1e:2f:6b:e5:ff:20:16: a3:24:5a:d2:26:2a:95:55:be:a2:32:8e:4c:c8:67:fb:12:91: 9a:be:d4:76:fb:69:d1:1a:82:74:a9:9c:2c:d1:79:bc:24:9f: f8:e0:37:1f:31:8f:5a:61:0d:0b:44:5a:49:e6:36:6f:c5:f0: ca:00:b6:18:96:e1:08:f3:79:fc:6a:f0:d6:1e:93:31:32:4c: 2c:2f:33:ed -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUOpjLturQ6n8t0tABAq4I9rTzwx4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOTAeFw0yNDEwMDYwNDQwMDhaFw0yNTEwMDUwNDQ1MDhaMDMxMTAvBgNV BAMTKDcxMUYzREY2Qjg3MjIyOTFENTYyMUE3NDNERjYyMzNDOTI2NDFFMkYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqqcbDyf6ylWpWh3XXpvpsdKMx S8J0NsGF1Pkz9HyDIfQ6aXBBdcRTOQMzssd+GqQARE2cXXS/AW0BZyPZgrksPpkK X+uYzl0TXqRRy13AxoQyEv8bQXue2izdFnMvI41yXZbNJHbQtA06zpnHDgG92K93 oCtH5FcX8L3g/Z3O/BuNkAgF7NPQjv8nRRBCddkLxCZzYCw1evP6cozPlehaYV9E Z4ulm53feLGXC0byzLRCTWlnFMDbbfZDd/0FoZOEHqquI8swrJBTe3PG6E/3NFFF SzLbCLRPCe7d13lSvY2xhMA+KMoVWbuW6tLB/RlIdXwIY+m0KMZFuVve1LF9AgMB AAGjggH0MIIB8DAdBgNVHQ4EFgQUcR899rhyIpHVYhp0PfYjPJJkHi8wHwYDVR0j BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5 bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2 M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD MjQzOUI3NkQ4NUFGOS5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w L0FTMTk5Njg4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgpgQHYwDQYJKoZIhvcNAQELBQADggEBAMap pPZx3k4tq0sPC4e5daZlAefSyfPR3vCATrSTm/kECnNg3X46/S5+Sspz8x6h0Te1 4ofFM2k5Vq4kT5qzEsuUJG07OiKBTUFk5Tbm4kAI2Yn7pAYIAv1ODCrvqfsxe1Cp f3o21D5w9VWtG61fW7zoqBFzQOT8DuntFfLXs8W8SmYckBuJgvIwNaLeB1I5LwxP ZjqwtKs8F6Bqk5drtCiKr3ecyUYhFwo2sH30Hi9r5f8gFqMkWtImKpVVvqIyjkzI Z/sSkZq+1Hb7adEagnSpnCzRebwkn/jgNx8xj1phDQtEWknmNm/F8MoAthiW4Qjz efxq8NYekzEyTCwvM+0= -----END CERTIFICATE-----Generated at Thu Nov 21 18:46:54 2024 by rpki-client on console-ams.rpki-client.org