$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS199929.roa File: AS199929.roa (raw, json) Hash identifier: g2CyO7aOuxYGds4P7apTavWR1rSmN1ltcx4q5RLlWYM= Subject key identifier: 7E:03:08:39:F4:8F:51:DD:E1:BE:13:29:57:BD:36:89:75:78:3D:70 Certificate issuer: /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Certificate serial: 725D9FEAE302D181A6DF465F9DA1557638751C09 Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS199929.roa Signing time: Sun 06 Oct 2024 04:45:13 +0000 ROA not before: Sun 06 Oct 2024 04:40:13 +0000 ROA not after: Sun 05 Oct 2025 04:45:13 +0000 asID: 199929 IP address blocks: 2a0a:6040:5c00::/40 maxlen: 48 Validation: OK Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 22 Nov 2024 04:12:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:5d:9f:ea:e3:02:d1:81:a6:df:46:5f:9d:a1:55:76:38:75:1c:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Validity Not Before: Oct 6 04:40:13 2024 GMT Not After : Oct 5 04:45:13 2025 GMT Subject: CN=7E030839F48F51DDE1BE132957BD368975783D70 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:e0:01:9d:5d:bb:9b:cc:62:7c:0e:fc:35:d0: ec:e2:cf:62:5e:11:0c:e1:a5:74:b5:33:a5:dc:2c: f3:8d:79:87:94:72:4f:d1:c5:bb:55:84:55:76:b1: bd:ec:05:6d:4a:7a:5d:58:94:26:5f:79:84:8a:6d: 2c:14:0c:dd:eb:45:c4:a9:5e:4c:e5:3a:09:e5:be: 9f:0f:d1:c5:d0:fb:98:3a:18:1c:79:ec:85:c5:29: c1:44:da:44:35:d1:bb:58:0d:c8:c9:07:5f:60:77: d2:51:0d:c3:d6:0a:97:bd:e3:d1:24:3b:ff:ee:a0: 5b:5a:56:5c:30:18:84:a0:df:a4:61:ee:f4:b9:de: 53:ff:6c:b7:33:8a:76:38:df:46:24:80:cc:37:ea: 49:39:ff:ba:69:a1:8a:dc:fe:ce:fd:bc:aa:e3:43: a0:d6:da:39:32:9c:be:ee:1b:6b:55:11:d9:92:15: ca:ea:15:40:59:bf:7e:7b:fa:dc:30:cf:00:99:cf: 30:d7:0a:8c:ae:bd:bd:6f:d1:0e:f4:1d:ab:d5:a7: e0:b5:ae:38:3e:f1:8a:f6:d4:2b:9e:9e:58:d3:d2: e9:42:f1:8d:82:e2:d2:e1:87:a0:6c:b1:2f:da:92: fd:42:00:67:01:9b:62:fd:90:e2:5f:e1:b7:28:ed: 01:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:03:08:39:F4:8F:51:DD:E1:BE:13:29:57:BD:36:89:75:78:3D:70 X509v3 Authority Key Identifier: keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject Information Access: Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS199929.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0a:6040:5c00::/40 Signature Algorithm: sha256WithRSAEncryption 06:5f:5e:50:38:6f:6c:c8:15:ac:a8:4c:3d:c6:49:31:c7:7c: 27:a8:14:80:1b:83:12:51:ab:28:af:c4:c0:47:f8:58:f6:c4: aa:e5:ea:34:db:24:b4:f2:5d:13:84:94:f2:2c:4c:4e:94:24: 82:b2:cb:25:71:f1:b4:2d:16:34:7b:d4:d2:be:46:d5:05:4f: b0:bb:15:7b:e3:6d:7c:bb:2a:72:f9:23:b7:be:b0:38:12:98: b3:f8:c8:30:07:3b:82:81:45:21:ac:83:d9:34:e4:ce:d4:cb: 2e:1d:08:4e:bc:d4:da:34:52:6d:6d:84:53:19:3c:dc:dd:b0: c5:7d:60:2c:c9:84:e3:6e:1a:e4:51:6e:b2:19:87:1f:2d:39: 78:63:06:6b:70:c0:81:64:3b:96:7a:b5:49:49:fc:30:15:4b: 43:55:22:27:32:b8:c0:6e:28:cb:b3:de:ad:c4:12:36:5f:0e: e9:92:2b:a1:c6:33:42:a2:92:00:e8:7a:4b:95:48:a1:fa:0a: 86:af:ed:0e:e5:cf:cd:53:3c:a1:e3:07:8e:80:93:72:9a:c2: 11:19:b2:d0:11:e6:49:04:68:b5:d1:53:fc:d6:ef:ef:cb:98: 47:6f:4a:0a:6d:0b:08:22:51:b2:c4:f5:bd:86:97:5b:3e:6d: 43:19:6a:8e -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUcl2f6uMC0YGm30ZfnaFVdjh1HAkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOTAeFw0yNDEwMDYwNDQwMTNaFw0yNTEwMDUwNDQ1MTNaMDMxMTAvBgNV BAMTKDdFMDMwODM5RjQ4RjUxRERFMUJFMTMyOTU3QkQzNjg5NzU3ODNENzAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCe4AGdXbubzGJ8Dvw10Oziz2Je EQzhpXS1M6XcLPONeYeUck/RxbtVhFV2sb3sBW1Kel1YlCZfeYSKbSwUDN3rRcSp XkzlOgnlvp8P0cXQ+5g6GBx57IXFKcFE2kQ10btYDcjJB19gd9JRDcPWCpe949Ek O//uoFtaVlwwGISg36Rh7vS53lP/bLczinY430YkgMw36kk5/7ppoYrc/s79vKrj Q6DW2jkynL7uG2tVEdmSFcrqFUBZv357+twwzwCZzzDXCoyuvb1v0Q70HavVp+C1 rjg+8Yr21CuenljT0ulC8Y2C4tLhh6BssS/akv1CAGcBm2L9kOJf4bco7QFNAgMB AAGjggH0MIIB8DAdBgNVHQ4EFgQUfgMIOfSPUd3hvhMpV702iXV4PXAwHwYDVR0j BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5 bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2 M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD MjQzOUI3NkQ4NUFGOS5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w L0FTMTk5OTI5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgpgQFwwDQYJKoZIhvcNAQELBQADggEBAAZf XlA4b2zIFayoTD3GSTHHfCeoFIAbgxJRqyivxMBH+Fj2xKrl6jTbJLTyXROElPIs TE6UJIKyyyVx8bQtFjR71NK+RtUFT7C7FXvjbXy7KnL5I7e+sDgSmLP4yDAHO4KB RSGsg9k05M7Uyy4dCE681No0Um1thFMZPNzdsMV9YCzJhONuGuRRbrIZhx8tOXhj BmtwwIFkO5Z6tUlJ/DAVS0NVIicyuMBuKMuz3q3EEjZfDumSK6HGM0KikgDoekuV SKH6Coav7Q7lz81TPKHjB46Ak3KawhEZstAR5kkEaLXRU/zW7+/LmEdvSgptCwgi UbLE9b2Gl1s+bUMZao4= -----END CERTIFICATE-----Generated at Thu Nov 21 18:46:54 2024 by rpki-client on console-ams.rpki-client.org