$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS202201.roa File: AS202201.roa (raw, json) Hash identifier: BmzS8m0IYii/5DigfdAm9mtw+iisTEvb3m2BuNWUWZI= Subject key identifier: 17:79:91:2A:C5:0D:0C:85:84:8E:18:35:A9:D6:53:4E:3E:6B:28:44 Certificate issuer: /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Certificate serial: 2056318610ABF17DC37754299442A5BD68D80385 Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS202201.roa Signing time: Sun 06 Oct 2024 04:45:19 +0000 ROA not before: Sun 06 Oct 2024 04:40:19 +0000 ROA not after: Sun 05 Oct 2025 04:45:19 +0000 asID: 202201 IP address blocks: 2a0a:6040:5400::/40 maxlen: 48 Validation: OK Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 24 Nov 2024 14:24:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:56:31:86:10:ab:f1:7d:c3:77:54:29:94:42:a5:bd:68:d8:03:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Validity Not Before: Oct 6 04:40:19 2024 GMT Not After : Oct 5 04:45:19 2025 GMT Subject: CN=1779912AC50D0C85848E1835A9D6534E3E6B2844 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:09:fa:3d:df:56:14:1d:0b:4c:23:56:97:5a: bf:f9:e2:2a:5f:5f:19:34:1f:94:f0:82:9e:c0:13: 3d:a9:f4:c7:ff:1c:5e:14:7f:8c:a6:fb:33:6d:62: 7f:28:b2:47:81:c1:59:c4:d1:d4:1c:e4:d1:f4:0f: d7:c4:94:ab:00:1e:2a:fa:2a:8b:32:2d:8b:42:d7: 8f:95:f3:6b:61:a3:50:bd:4e:9c:ae:69:b1:ba:33: 29:3e:6c:f5:d1:5c:8b:df:38:b2:36:e8:37:6a:57: a9:0c:1a:d0:c9:a4:1e:e6:dc:ce:71:3c:58:cd:1c: 46:0a:8e:38:1a:7c:2d:8f:1f:2e:ef:4c:22:52:2d: 02:58:31:67:5f:67:ac:10:0c:50:84:e6:20:5a:24: 14:a2:af:8a:6e:59:bb:1e:a1:7c:4d:77:c3:84:47: 2e:36:11:e7:16:7e:9a:41:5c:5c:ff:a5:15:0e:f4: 9b:b6:b7:be:bb:33:0d:ca:8f:61:af:6f:bb:e6:15: be:ca:c4:77:55:87:55:0a:5a:00:c8:c7:6f:ad:58: 61:4a:40:79:83:84:29:da:b3:8b:53:1b:11:d5:7b: 7b:e7:e3:c3:eb:ea:dc:39:fd:ec:4d:11:b6:f8:38: 32:a6:10:65:55:49:27:da:7f:e5:86:0c:f5:e7:24: cf:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:79:91:2A:C5:0D:0C:85:84:8E:18:35:A9:D6:53:4E:3E:6B:28:44 X509v3 Authority Key Identifier: keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject Information Access: Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS202201.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0a:6040:5400::/40 Signature Algorithm: sha256WithRSAEncryption 01:40:b8:24:46:25:96:31:1c:ed:9b:a1:9b:96:66:b6:f1:ea: f9:c1:c0:94:e8:a7:27:1f:b8:bb:7b:88:86:02:92:a8:60:98: 1a:0c:39:94:1b:1b:85:69:be:d5:18:47:f6:ef:74:d5:53:ea: f5:28:38:eb:0b:e3:01:23:bb:69:09:af:d8:40:aa:4f:2f:58: d3:3e:79:78:6d:4f:a0:6a:ea:35:d6:18:16:d1:ed:80:ef:f7: 95:06:6c:4b:68:71:76:6d:25:49:1c:00:dd:c5:ea:bd:85:3d: 47:75:b9:33:12:41:c6:5b:b5:1d:cb:de:48:7b:ec:6e:3b:0f: 95:14:56:2f:0d:59:f9:da:06:78:87:26:30:10:84:ca:2f:48: 9c:42:16:6b:82:23:79:a1:15:51:01:ef:68:33:20:ee:77:98: 0b:3c:4d:8d:e4:a7:9f:bb:43:ef:03:b3:1f:cc:c7:d3:13:5c: 68:4b:e6:55:89:1a:81:94:c4:33:e0:da:39:76:12:c7:f4:d4: fb:e4:99:08:e6:e3:c3:0a:1d:ce:f4:a9:4b:23:9d:f5:70:b5: d9:21:41:ad:48:f4:41:27:e5:34:c2:d9:f5:1a:cf:07:f8:92: 18:9b:ad:d3:f8:65:55:a4:df:dc:43:0e:3a:3a:77:b8:b7:93: 64:1d:de:70 -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUIFYxhhCr8X3Dd1QplEKlvWjYA4UwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOTAeFw0yNDEwMDYwNDQwMTlaFw0yNTEwMDUwNDQ1MTlaMDMxMTAvBgNV BAMTKDE3Nzk5MTJBQzUwRDBDODU4NDhFMTgzNUE5RDY1MzRFM0U2QjI4NDQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJCfo931YUHQtMI1aXWr/54ipf Xxk0H5Twgp7AEz2p9Mf/HF4Uf4ym+zNtYn8oskeBwVnE0dQc5NH0D9fElKsAHir6 KosyLYtC14+V82tho1C9TpyuabG6Myk+bPXRXIvfOLI26DdqV6kMGtDJpB7m3M5x PFjNHEYKjjgafC2PHy7vTCJSLQJYMWdfZ6wQDFCE5iBaJBSir4puWbseoXxNd8OE Ry42EecWfppBXFz/pRUO9Ju2t767Mw3Kj2Gvb7vmFb7KxHdVh1UKWgDIx2+tWGFK QHmDhCnas4tTGxHVe3vn48Pr6tw5/exNEbb4ODKmEGVVSSfaf+WGDPXnJM8hAgMB AAGjggH0MIIB8DAdBgNVHQ4EFgQUF3mRKsUNDIWEjhg1qdZTTj5rKEQwHwYDVR0j BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5 bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2 M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD MjQzOUI3NkQ4NUFGOS5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w L0FTMjAyMjAxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgpgQFQwDQYJKoZIhvcNAQELBQADggEBAAFA uCRGJZYxHO2boZuWZrbx6vnBwJTopycfuLt7iIYCkqhgmBoMOZQbG4VpvtUYR/bv dNVT6vUoOOsL4wEju2kJr9hAqk8vWNM+eXhtT6Bq6jXWGBbR7YDv95UGbEtocXZt JUkcAN3F6r2FPUd1uTMSQcZbtR3L3kh77G47D5UUVi8NWfnaBniHJjAQhMovSJxC FmuCI3mhFVEB72gzIO53mAs8TY3kp5+7Q+8Dsx/Mx9MTXGhL5lWJGoGUxDPg2jl2 Esf01PvkmQjm48MKHc70qUsjnfVwtdkhQa1I9EEn5TTC2fUazwf4khibrdP4ZVWk 39xDDjo6d7i3k2Qd3nA= -----END CERTIFICATE-----Generated at Sun Nov 24 03:16:14 2024 by rpki-client on console-ams.rpki-client.org