$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS200791.roa File: AS200791.roa (raw, json) Hash identifier: EwItZ4sSZgs1iGPaydLPv9fZAU+34okTTeGwMgn66nE= Subject key identifier: D9:02:6A:31:A6:CB:61:77:47:AB:FC:E8:7F:11:10:30:39:9C:F7:BF Certificate issuer: /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Certificate serial: 3AA12A43A7ADF29E2CAF96A1940ABA3282CA0BCE Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS200791.roa Signing time: Sun 05 Nov 2023 04:07:07 +0000 ROA not before: Sun 05 Nov 2023 04:02:07 +0000 ROA not after: Sun 03 Nov 2024 04:07:07 +0000 asID: 200791 IP address blocks: 2a0a:6040:bb00::/40 maxlen: 48 Validation: OK Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 21 May 2024 22:57:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:a1:2a:43:a7:ad:f2:9e:2c:af:96:a1:94:0a:ba:32:82:ca:0b:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Validity Not Before: Nov 5 04:02:07 2023 GMT Not After : Nov 3 04:07:07 2024 GMT Subject: CN=D9026A31A6CB617747ABFCE87F111030399CF7BF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:51:99:45:6d:b7:e5:23:bb:d6:8e:7e:d8:19: 5d:ab:8c:be:75:ac:03:56:90:4d:7a:68:4c:69:55: 89:d0:67:8c:5e:1d:b8:75:73:6e:99:39:ac:56:e0: b4:33:59:a0:b3:e7:b5:81:ee:11:68:30:87:a3:56: 32:2b:8a:80:40:36:9f:a5:07:44:a8:7b:cd:80:c9: e8:13:00:1c:13:3f:c9:23:62:75:65:f8:05:b6:fc: 72:5d:79:16:4d:d0:4b:18:8d:da:56:da:f8:ea:ad: 82:33:9b:4b:b7:0e:57:c2:d9:ae:2b:ac:60:aa:42: 84:61:5a:00:69:58:64:26:a2:90:f9:ae:81:2c:78: a1:8f:43:9b:d1:66:ab:08:37:ca:82:b1:b4:5f:9f: e7:63:01:34:61:66:f5:6a:04:49:60:c3:97:14:ec: 55:47:82:41:8b:fa:6b:50:d9:b5:36:14:6b:63:f3: 12:5c:d5:d1:79:a1:e5:c9:eb:62:c2:d1:8b:53:f0: 0e:48:41:fe:2a:87:cd:13:59:14:c2:99:58:5b:f7: 60:92:ff:79:b4:f0:65:e0:e3:5a:df:03:27:b9:3b: 32:23:18:44:e3:95:df:bf:35:1c:86:1e:b1:a9:c5: 18:da:aa:c7:b8:0e:bc:65:c6:2c:04:71:8f:4e:80: c5:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:02:6A:31:A6:CB:61:77:47:AB:FC:E8:7F:11:10:30:39:9C:F7:BF X509v3 Authority Key Identifier: keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject Information Access: Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS200791.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0a:6040:bb00::/40 Signature Algorithm: sha256WithRSAEncryption a9:0e:94:33:e3:a7:dd:98:0a:26:3c:24:ef:6f:44:f4:d5:85: 68:86:d7:74:2d:91:48:e2:9b:58:82:05:6e:c4:80:49:39:53: 12:3e:ee:40:26:6c:0d:f6:a4:ce:28:17:d6:7f:27:0b:09:2c: dd:85:d4:f0:72:da:f2:02:a5:71:65:63:ff:94:32:85:52:ac: 57:73:ca:6d:d2:8d:c3:40:35:ef:8b:c2:26:2a:63:48:96:2d: e4:ab:40:50:d8:81:99:1c:e6:77:ff:bb:b4:73:ac:b0:db:05: 11:30:a2:f3:19:49:25:cd:84:1f:d8:e2:2d:e4:8c:66:ee:23: b1:00:fd:c1:c8:e8:d2:0b:8f:26:06:86:11:08:50:37:37:1e: fc:f5:55:eb:01:2b:e7:a0:d8:18:43:97:c8:c0:8c:40:b4:9d: 9e:18:55:9e:3d:03:cc:29:ba:43:39:8d:94:ff:e2:d5:c9:2e: 11:98:a5:98:b6:13:10:3d:44:6c:86:cc:61:d2:59:e4:40:57: d1:62:e9:00:c8:69:1a:ef:11:5a:d9:a8:8a:dc:87:14:c6:c0: 28:9e:33:b2:e8:b6:f0:e8:bc:bb:f4:75:4b:eb:91:f8:79:f3: c5:a8:d7:ae:67:ed:f4:ac:7e:1b:ec:df:b0:ab:8f:6b:74:7e: ef:5f:1d:44 -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUOqEqQ6et8p4sr5ahlAq6MoLKC84wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOTAeFw0yMzExMDUwNDAyMDdaFw0yNDExMDMwNDA3MDdaMDMxMTAvBgNV BAMTKEQ5MDI2QTMxQTZDQjYxNzc0N0FCRkNFODdGMTExMDMwMzk5Q0Y3QkYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvUZlFbbflI7vWjn7YGV2rjL51 rANWkE16aExpVYnQZ4xeHbh1c26ZOaxW4LQzWaCz57WB7hFoMIejVjIrioBANp+l B0Soe82AyegTABwTP8kjYnVl+AW2/HJdeRZN0EsYjdpW2vjqrYIzm0u3DlfC2a4r rGCqQoRhWgBpWGQmopD5roEseKGPQ5vRZqsIN8qCsbRfn+djATRhZvVqBElgw5cU 7FVHgkGL+mtQ2bU2FGtj8xJc1dF5oeXJ62LC0YtT8A5IQf4qh80TWRTCmVhb92CS /3m08GXg41rfAye5OzIjGETjld+/NRyGHrGpxRjaqse4DrxlxiwEcY9OgMXhAgMB AAGjggH0MIIB8DAdBgNVHQ4EFgQU2QJqMabLYXdHq/zofxEQMDmc978wHwYDVR0j BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5 bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2 M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD MjQzOUI3NkQ4NUFGOS5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w L0FTMjAwNzkxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgpgQLswDQYJKoZIhvcNAQELBQADggEBAKkO lDPjp92YCiY8JO9vRPTVhWiG13QtkUjim1iCBW7EgEk5UxI+7kAmbA32pM4oF9Z/ JwsJLN2F1PBy2vICpXFlY/+UMoVSrFdzym3SjcNANe+LwiYqY0iWLeSrQFDYgZkc 5nf/u7RzrLDbBREwovMZSSXNhB/Y4i3kjGbuI7EA/cHI6NILjyYGhhEIUDc3Hvz1 VesBK+eg2BhDl8jAjEC0nZ4YVZ49A8wpukM5jZT/4tXJLhGYpZi2ExA9RGyGzGHS WeRAV9Fi6QDIaRrvEVrZqIrchxTGwCieM7LotvDovLv0dUvrkfh588Wo165n7fSs fhvs37Crj2t0fu9fHUQ= -----END CERTIFICATE-----Generated at Tue May 21 05:34:02 2024 by rpki-client on console-ams.rpki-client.org