$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS200954.roa File: AS200954.roa (raw, json) Hash identifier: WRnQMULADlrAImJQHjsBz560tKhuXMRlkm8RfLu8/Tg= Subject key identifier: 47:14:11:DF:5D:08:DD:FB:42:49:61:13:D1:16:D5:2B:18:40:3D:76 Certificate issuer: /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Certificate serial: 0942CFC36C926D35AF56EE3850E9F823DDC07767 Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS200954.roa Signing time: Sun 05 Nov 2023 04:07:11 +0000 ROA not before: Sun 05 Nov 2023 04:02:11 +0000 ROA not after: Sun 03 Nov 2024 04:07:11 +0000 asID: 200954 IP address blocks: 2a0a:6040:e300::/40 maxlen: 48 Validation: OK Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 18 May 2024 03:53:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:42:cf:c3:6c:92:6d:35:af:56:ee:38:50:e9:f8:23:dd:c0:77:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Validity Not Before: Nov 5 04:02:11 2023 GMT Not After : Nov 3 04:07:11 2024 GMT Subject: CN=471411DF5D08DDFB42496113D116D52B18403D76 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:7e:c1:27:8e:f5:42:16:78:07:e0:72:00:cd: 4a:33:45:0b:5b:5b:ce:e3:0d:67:ff:80:4b:fc:ba: 55:8d:21:07:36:51:66:fa:ac:34:fa:4e:5d:c6:0f: c5:f6:58:36:1b:b3:8d:e7:0c:31:80:23:55:af:4c: f9:be:3d:e0:71:7b:ae:81:26:f8:bd:39:a6:e0:f9: 52:f4:c2:20:62:52:08:f1:c8:19:91:d7:7c:f7:71: d3:12:eb:f4:5a:29:9c:22:d6:6f:43:bc:fd:9d:a4: 02:ba:58:07:f9:98:c4:ff:98:ae:a0:17:10:7e:f8: 7a:12:85:a0:34:67:30:0b:4a:04:6a:fd:fa:24:00: f0:3b:5b:bb:89:b8:1f:5a:1f:cc:11:e6:fc:90:b3: bf:5f:c6:69:b3:3d:dc:a2:26:a1:a9:f7:bc:fe:50: 87:9d:5b:b3:7f:8b:41:81:af:95:70:3d:33:30:0b: d2:1b:1c:7b:6c:ce:93:80:1d:2d:c0:80:f4:84:6a: 4f:45:61:b0:65:a6:87:ff:a8:fc:f0:3f:87:dc:2e: 60:39:9a:4c:83:f4:f9:8d:f2:05:a1:4a:21:67:9f: e6:0e:43:46:0d:21:7e:8f:cc:9e:be:ca:90:bc:35: 01:fe:79:48:57:f3:4d:fa:0c:c6:49:1f:fa:99:b5: f4:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:14:11:DF:5D:08:DD:FB:42:49:61:13:D1:16:D5:2B:18:40:3D:76 X509v3 Authority Key Identifier: keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject Information Access: Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS200954.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0a:6040:e300::/40 Signature Algorithm: sha256WithRSAEncryption 81:ea:30:49:4d:45:ae:ef:0c:53:4b:71:5b:47:91:60:b3:9c: 85:0e:e3:45:67:7a:a4:37:17:0c:3b:13:f6:f0:61:5d:0d:59: b5:f2:23:17:4c:38:9b:cb:45:31:02:7c:22:6e:d5:fe:79:a7: 65:0f:1e:80:cc:0f:9d:8f:20:09:bd:ff:4f:ce:3c:3b:43:3a: 4f:80:be:58:9c:6e:37:c6:0e:26:66:49:e6:59:12:fc:30:9c: 60:84:c5:9b:97:6a:03:61:4f:ed:27:f2:e3:ff:ae:26:4f:3e: 4a:54:dd:d4:3e:79:a0:ad:dd:ba:42:2d:9d:47:f3:8f:cd:d4: bc:d8:58:34:43:f3:5e:20:62:92:f7:4f:79:97:58:f7:ba:d3: 1e:f2:4b:ec:76:46:12:ba:91:e3:2e:91:53:78:9e:67:c9:7a: a7:4e:93:2d:6f:5b:03:af:9a:a4:a8:06:9e:27:84:3a:d6:d1: 5f:63:1a:35:75:de:ff:42:1c:74:4d:8c:62:ce:19:8e:9b:ec: 78:fa:52:7f:e4:1b:a9:ed:0c:99:85:5e:44:d7:92:67:a4:f4: 92:ea:57:aa:6e:b8:ac:1c:7d:0d:7e:ae:c7:11:b8:87:fa:1a: 9b:9d:dd:0d:75:8a:ee:a2:d8:c5:dc:4b:65:18:2c:d2:34:ea: 4b:35:cb:80 -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUCULPw2ySbTWvVu44UOn4I93Ad2cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOTAeFw0yMzExMDUwNDAyMTFaFw0yNDExMDMwNDA3MTFaMDMxMTAvBgNV BAMTKDQ3MTQxMURGNUQwOERERkI0MjQ5NjExM0QxMTZENTJCMTg0MDNENzYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/fsEnjvVCFngH4HIAzUozRQtb W87jDWf/gEv8ulWNIQc2UWb6rDT6Tl3GD8X2WDYbs43nDDGAI1WvTPm+PeBxe66B Jvi9Oabg+VL0wiBiUgjxyBmR13z3cdMS6/RaKZwi1m9DvP2dpAK6WAf5mMT/mK6g FxB++HoShaA0ZzALSgRq/fokAPA7W7uJuB9aH8wR5vyQs79fxmmzPdyiJqGp97z+ UIedW7N/i0GBr5VwPTMwC9IbHHtszpOAHS3AgPSEak9FYbBlpof/qPzwP4fcLmA5 mkyD9PmN8gWhSiFnn+YOQ0YNIX6PzJ6+ypC8NQH+eUhX8036DMZJH/qZtfQrAgMB AAGjggH0MIIB8DAdBgNVHQ4EFgQURxQR310I3ftCSWET0RbVKxhAPXYwHwYDVR0j BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5 bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2 M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD MjQzOUI3NkQ4NUFGOS5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w L0FTMjAwOTU0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgpgQOMwDQYJKoZIhvcNAQELBQADggEBAIHq MElNRa7vDFNLcVtHkWCznIUO40VneqQ3Fww7E/bwYV0NWbXyIxdMOJvLRTECfCJu 1f55p2UPHoDMD52PIAm9/0/OPDtDOk+AvlicbjfGDiZmSeZZEvwwnGCExZuXagNh T+0n8uP/riZPPkpU3dQ+eaCt3bpCLZ1H84/N1LzYWDRD814gYpL3T3mXWPe60x7y S+x2RhK6keMukVN4nmfJeqdOky1vWwOvmqSoBp4nhDrW0V9jGjV13v9CHHRNjGLO GY6b7Hj6Un/kG6ntDJmFXkTXkmek9JLqV6puuKwcfQ1+rscRuIf6Gpud3Q11iu6i 2MXcS2UYLNI06ks1y4A= -----END CERTIFICATE-----Generated at Fri May 17 13:11:27 2024 by rpki-client on console-ams.rpki-client.org