$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS200789.roa File: AS200789.roa (raw, json) Hash identifier: sQAz3cAdD7yO69XOUCbAOyhJPam/OJx9hlajrxL6TyY= Subject key identifier: 23:39:9B:FA:4D:24:39:8E:E2:64:6C:D1:17:BF:64:86:D7:75:4B:C0 Certificate issuer: /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Certificate serial: 614E9E8C206A48205B560B52E7AD863C02C3B1AA Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS200789.roa Signing time: Sun 05 Nov 2023 04:07:15 +0000 ROA not before: Sun 05 Nov 2023 04:02:15 +0000 ROA not after: Sun 03 Nov 2024 04:07:15 +0000 asID: 200789 IP address blocks: 2a0a:6040:b700::/40 maxlen: 48 Validation: OK Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 17 May 2024 23:00:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:4e:9e:8c:20:6a:48:20:5b:56:0b:52:e7:ad:86:3c:02:c3:b1:aa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Validity Not Before: Nov 5 04:02:15 2023 GMT Not After : Nov 3 04:07:15 2024 GMT Subject: CN=23399BFA4D24398EE2646CD117BF6486D7754BC0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:6d:30:d4:ba:9d:c8:3c:7e:76:8b:10:aa:39: a3:c5:e3:4d:c8:b0:0f:d7:d9:f3:17:63:88:52:5e: 82:87:2c:a5:a1:e2:3e:3e:12:74:b9:58:97:e8:46: 96:c5:49:c0:b1:ba:fb:95:36:d1:c5:65:e7:87:91: eb:0a:f2:c8:a0:4f:09:88:8a:1d:e0:de:c5:da:ab: f7:e6:1d:ef:8a:69:4e:b4:52:ef:ba:f5:86:39:24: 16:64:82:ad:46:2d:51:13:67:00:57:85:49:94:78: 79:23:ca:66:ce:c6:42:26:82:87:8b:35:d4:a6:e1: a3:09:62:b0:eb:e0:fc:07:28:74:9e:c2:92:95:14: 2f:bb:c2:b5:e4:af:fd:1a:8c:ad:ec:c7:dd:91:16: b5:d3:71:43:e0:02:4a:f6:6d:b6:e4:2f:89:d7:2a: 90:5f:b8:59:05:ca:02:d4:5f:9c:38:76:67:2b:47: 15:21:2f:ad:52:18:f8:58:0e:85:9b:c4:9f:8f:04: 70:d9:21:6e:50:a7:62:ad:21:03:54:5e:6c:00:1c: e1:89:c9:96:9c:86:ec:3f:5d:08:7d:73:06:98:77: 49:4a:d2:3e:32:0c:3d:49:b1:de:a3:86:7c:d3:77: 89:1f:de:34:17:94:b9:4b:db:f8:81:ce:1f:dd:88: ed:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:39:9B:FA:4D:24:39:8E:E2:64:6C:D1:17:BF:64:86:D7:75:4B:C0 X509v3 Authority Key Identifier: keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject Information Access: Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS200789.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0a:6040:b700::/40 Signature Algorithm: sha256WithRSAEncryption 71:ea:31:5d:33:61:ec:82:05:67:01:28:57:13:d6:89:78:c1: f8:3c:7a:d1:ca:0a:f5:29:5a:c6:e0:f4:e2:b5:36:0e:b2:93: 32:55:d3:62:04:ea:8b:48:25:cd:ca:50:e5:5c:65:38:57:0f: 8c:cf:b2:9c:5c:b7:3e:cf:e5:73:fc:9c:ff:fd:d6:ec:00:11: 72:bd:8d:00:1d:2f:37:54:74:dc:64:6c:53:95:64:5a:15:0f: 51:14:f7:7a:27:d8:8a:71:5e:cb:e1:d8:fc:66:0d:3b:a7:39: 12:5c:14:02:18:17:63:7a:56:14:2a:d3:99:7e:7d:b9:d5:34: 56:22:75:e5:47:5e:de:32:03:52:0c:de:62:a2:67:a6:98:82: c6:75:ab:dd:ce:2f:27:f7:91:17:36:e4:ac:5b:af:a6:59:ab: 18:d8:24:a3:95:a9:a7:82:01:ca:8d:27:29:25:79:1a:65:81: d2:aa:5f:ee:db:9e:2f:39:d3:34:85:63:95:32:f7:e1:81:98: ff:11:41:38:ca:8d:76:3b:c2:96:dd:a2:a3:a4:1f:1b:e8:87: 78:67:f5:51:0b:94:53:60:0e:4b:ed:84:18:0e:19:7d:7a:67: 50:4f:20:c5:92:57:51:56:65:31:85:80:f4:d6:8c:9b:bc:dd: 92:67:52:0b -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUYU6ejCBqSCBbVgtS562GPALDsaowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOTAeFw0yMzExMDUwNDAyMTVaFw0yNDExMDMwNDA3MTVaMDMxMTAvBgNV BAMTKDIzMzk5QkZBNEQyNDM5OEVFMjY0NkNEMTE3QkY2NDg2RDc3NTRCQzAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvbTDUup3IPH52ixCqOaPF403I sA/X2fMXY4hSXoKHLKWh4j4+EnS5WJfoRpbFScCxuvuVNtHFZeeHkesK8sigTwmI ih3g3sXaq/fmHe+KaU60Uu+69YY5JBZkgq1GLVETZwBXhUmUeHkjymbOxkImgoeL NdSm4aMJYrDr4PwHKHSewpKVFC+7wrXkr/0ajK3sx92RFrXTcUPgAkr2bbbkL4nX KpBfuFkFygLUX5w4dmcrRxUhL61SGPhYDoWbxJ+PBHDZIW5Qp2KtIQNUXmwAHOGJ yZachuw/XQh9cwaYd0lK0j4yDD1Jsd6jhnzTd4kf3jQXlLlL2/iBzh/diO0jAgMB AAGjggH0MIIB8DAdBgNVHQ4EFgQUIzmb+k0kOY7iZGzRF79khtd1S8AwHwYDVR0j BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5 bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2 M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD MjQzOUI3NkQ4NUFGOS5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w L0FTMjAwNzg5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgpgQLcwDQYJKoZIhvcNAQELBQADggEBAHHq MV0zYeyCBWcBKFcT1ol4wfg8etHKCvUpWsbg9OK1Ng6ykzJV02IE6otIJc3KUOVc ZThXD4zPspxctz7P5XP8nP/91uwAEXK9jQAdLzdUdNxkbFOVZFoVD1EU93on2Ipx Xsvh2PxmDTunORJcFAIYF2N6VhQq05l+fbnVNFYideVHXt4yA1IM3mKiZ6aYgsZ1 q93OLyf3kRc25Kxbr6ZZqxjYJKOVqaeCAcqNJykleRplgdKqX+7bni850zSFY5Uy 9+GBmP8RQTjKjXY7wpbdoqOkHxvoh3hn9VELlFNgDkvthBgOGX16Z1BPIMWSV1FW ZTGFgPTWjJu83ZJnUgs= -----END CERTIFICATE-----Generated at Fri May 17 06:45:34 2024 by rpki-client on console-ams.rpki-client.org