$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS200800.roa File: AS200800.roa (raw, json) Hash identifier: 5tcMw4Bsszv3JoW9DjuxzPrU5+OZzbbX8GRYyWoc3a0= Subject key identifier: 75:44:F6:98:0B:15:B0:A7:68:F2:47:9F:DD:86:95:96:07:2D:BB:28 Certificate issuer: /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Certificate serial: 78F53F5A1E164CB51456E7A9B271AA7C143CBB32 Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS200800.roa Signing time: Sun 05 Nov 2023 04:07:07 +0000 ROA not before: Sun 05 Nov 2023 04:02:07 +0000 ROA not after: Sun 03 Nov 2024 04:07:07 +0000 asID: 200800 IP address blocks: 2a0a:6040:a200::/40 maxlen: 48 Validation: OK Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 21 May 2024 22:57:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:f5:3f:5a:1e:16:4c:b5:14:56:e7:a9:b2:71:aa:7c:14:3c:bb:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Validity Not Before: Nov 5 04:02:07 2023 GMT Not After : Nov 3 04:07:07 2024 GMT Subject: CN=7544F6980B15B0A768F2479FDD869596072DBB28 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:18:52:90:7d:73:f9:4c:a3:1f:dd:a8:6b:0d: 1a:60:e8:05:d8:40:e2:9b:75:d2:da:fc:91:fb:ae: 33:98:e8:cc:61:28:63:6e:b7:2c:43:e9:1a:f8:d2: 14:c4:12:b1:d7:47:3a:81:15:ca:3c:fc:c0:f9:73: 77:7c:54:64:87:08:66:97:78:36:46:7c:a0:00:f4: d5:d6:7c:01:f7:72:83:c5:7a:55:c3:ae:26:93:fc: bc:f3:45:28:98:56:7c:bd:f0:1a:83:86:27:dd:7a: 00:8f:64:20:7b:3b:98:f1:6d:1c:8e:c3:36:b4:f5: 14:c0:5e:01:ba:89:a6:21:f5:fc:35:35:5b:ce:66: a4:a7:c0:d4:04:a7:a1:a6:b1:14:0e:77:52:7b:b8: 02:d0:7f:fe:af:72:31:68:56:20:23:af:08:c8:b6: b9:09:50:d3:ec:0e:b0:d4:ff:71:89:e7:c7:fc:2e: 9c:a8:41:bd:5f:38:85:e0:80:89:70:cc:ab:a2:47: 98:de:a8:6d:fa:15:b5:1a:02:38:0e:8a:ae:7c:bd: 7c:8c:7b:ea:00:95:a2:41:43:44:21:e4:0b:3b:10: 2b:2b:60:6d:23:01:92:77:a7:5e:75:a1:be:6a:4b: f1:df:45:51:87:8e:7d:bd:e1:6b:ab:b0:7b:8b:e2: c6:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:44:F6:98:0B:15:B0:A7:68:F2:47:9F:DD:86:95:96:07:2D:BB:28 X509v3 Authority Key Identifier: keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject Information Access: Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS200800.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0a:6040:a200::/40 Signature Algorithm: sha256WithRSAEncryption 3e:c3:19:c4:e0:51:3b:92:1f:41:00:c9:b3:66:14:48:4a:20: 32:d0:e9:e5:fa:d0:d3:a7:b5:73:79:13:f8:31:e4:47:17:43: 2e:a9:d9:7b:8f:9f:20:88:bc:f7:69:a6:9f:15:bd:1c:db:90: f1:f4:43:07:3b:78:1d:0d:ad:29:b8:47:6a:3a:4a:22:fb:59: d3:39:d8:a7:0c:99:eb:c7:b7:2b:54:9e:74:74:a1:69:9d:ed: e0:2a:40:31:62:f5:31:bc:83:82:bb:9e:c9:79:f3:93:bc:28: eb:56:df:9f:8b:fd:b4:fd:c8:64:25:52:37:61:e2:da:d7:8c: 61:82:4f:28:85:4a:9a:b6:50:86:26:22:7d:cf:6f:4b:7f:4c: 25:1e:be:90:05:0d:c0:72:66:02:f9:bb:e1:ca:9e:e0:51:6b: df:86:b6:98:01:94:ca:b4:1c:50:e3:d8:d4:13:16:5c:85:a8: 1c:81:8b:be:09:3b:f2:d8:f3:49:fb:9f:35:e7:54:0d:d0:c6: 8f:76:ce:bd:1f:12:ba:90:0f:69:ac:d5:9b:ca:92:f1:7b:66: ce:a0:fc:a8:dd:79:a3:0b:75:fe:6c:31:c2:0b:98:f0:2c:f2: 46:88:fe:e6:38:b9:2e:21:6d:81:76:38:ba:6f:01:80:dd:56: 7d:a3:40:32 -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUePU/Wh4WTLUUVuepsnGqfBQ8uzIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOTAeFw0yMzExMDUwNDAyMDdaFw0yNDExMDMwNDA3MDdaMDMxMTAvBgNV BAMTKDc1NDRGNjk4MEIxNUIwQTc2OEYyNDc5RkREODY5NTk2MDcyREJCMjgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/GFKQfXP5TKMf3ahrDRpg6AXY QOKbddLa/JH7rjOY6MxhKGNutyxD6Rr40hTEErHXRzqBFco8/MD5c3d8VGSHCGaX eDZGfKAA9NXWfAH3coPFelXDriaT/LzzRSiYVny98BqDhifdegCPZCB7O5jxbRyO wza09RTAXgG6iaYh9fw1NVvOZqSnwNQEp6GmsRQOd1J7uALQf/6vcjFoViAjrwjI trkJUNPsDrDU/3GJ58f8LpyoQb1fOIXggIlwzKuiR5jeqG36FbUaAjgOiq58vXyM e+oAlaJBQ0Qh5As7ECsrYG0jAZJ3p151ob5qS/HfRVGHjn294WursHuL4sa3AgMB AAGjggH0MIIB8DAdBgNVHQ4EFgQUdUT2mAsVsKdo8kef3YaVlgctuygwHwYDVR0j BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5 bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2 M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD MjQzOUI3NkQ4NUFGOS5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w L0FTMjAwODAwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgpgQKIwDQYJKoZIhvcNAQELBQADggEBAD7D GcTgUTuSH0EAybNmFEhKIDLQ6eX60NOntXN5E/gx5EcXQy6p2XuPnyCIvPdppp8V vRzbkPH0Qwc7eB0NrSm4R2o6SiL7WdM52KcMmevHtytUnnR0oWmd7eAqQDFi9TG8 g4K7nsl585O8KOtW35+L/bT9yGQlUjdh4trXjGGCTyiFSpq2UIYmIn3Pb0t/TCUe vpAFDcByZgL5u+HKnuBRa9+GtpgBlMq0HFDj2NQTFlyFqByBi74JO/LY80n7nzXn VA3Qxo92zr0fErqQD2ms1ZvKkvF7Zs6g/KjdeaMLdf5sMcILmPAs8kaI/uY4uS4h bYF2OLpvAYDdVn2jQDI= -----END CERTIFICATE-----Generated at Tue May 21 05:34:02 2024 by rpki-client on console-ams.rpki-client.org