$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS203333.roa File: AS203333.roa (raw, json) Hash identifier: IqQ6pkeO/XFs8tI2B9kpTdYY5CRCnPvtgqr/rG8Tq/E= Subject key identifier: DC:78:C5:6D:A4:DC:15:54:C9:9C:42:68:2A:E2:24:94:45:94:55:D3 Certificate issuer: /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Certificate serial: 0AA47C748E7C0FF870063D39EE38142F015ED6DC Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS203333.roa Signing time: Sun 05 Nov 2023 04:07:13 +0000 ROA not before: Sun 05 Nov 2023 04:02:13 +0000 ROA not after: Sun 03 Nov 2024 04:07:13 +0000 asID: 203333 IP address blocks: 2a0a:6040:af00::/40 maxlen: 48 Validation: OK Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 21 May 2024 22:57:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:a4:7c:74:8e:7c:0f:f8:70:06:3d:39:ee:38:14:2f:01:5e:d6:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Validity Not Before: Nov 5 04:02:13 2023 GMT Not After : Nov 3 04:07:13 2024 GMT Subject: CN=DC78C56DA4DC1554C99C42682AE22494459455D3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:d4:84:1a:12:a6:ba:7f:78:27:73:1f:ab:0e: b2:ad:dc:60:81:74:c3:62:75:09:84:b7:6c:bb:62: 13:b1:0a:b5:86:c2:9e:bc:40:2f:17:af:28:1f:d5: c9:24:64:ef:68:b8:8a:a2:f4:5e:f2:9f:f7:58:4c: 62:4a:0a:0e:4e:e1:63:93:35:3b:47:29:9b:d9:5a: 08:85:05:41:65:62:d4:c4:26:cf:56:5f:64:f4:b6: 5c:a1:78:dd:7f:08:91:d2:55:3d:9a:4f:00:09:81: 5a:8d:c5:c2:09:79:c6:0b:85:98:74:ad:6e:72:ec: c7:f6:e6:e2:5e:ec:01:d0:8c:f4:0b:b2:10:3e:94: 0c:1c:76:0a:49:68:42:8f:70:46:e6:ad:63:a1:c5: 65:a0:96:ef:68:74:51:bb:12:a3:59:5f:c2:7c:8d: c1:3b:42:bf:2b:bb:7d:24:b6:37:cf:14:8e:5a:66: 90:8f:a4:be:ee:f2:b8:be:3e:5d:03:10:d0:69:54: b5:5d:a0:4b:d7:62:61:f1:af:f1:60:ea:51:40:7c: 3b:f4:0b:5f:e4:91:50:4e:85:09:55:da:0a:44:0b: a4:bb:f4:59:f0:e5:31:cf:93:d7:a7:c6:5e:c1:ec: fa:db:1d:84:ed:74:d8:52:cf:81:30:87:8d:2b:e7: 52:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:78:C5:6D:A4:DC:15:54:C9:9C:42:68:2A:E2:24:94:45:94:55:D3 X509v3 Authority Key Identifier: keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject Information Access: Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS203333.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0a:6040:af00::/40 Signature Algorithm: sha256WithRSAEncryption 25:dc:e4:43:6b:f6:ac:0d:fc:6a:63:fd:e7:e7:e5:4f:24:03: b7:0d:93:d7:9b:30:24:98:86:55:24:25:1d:32:a0:fe:c0:c2: 03:d2:6a:61:e7:60:21:af:46:ba:8a:0b:d0:bf:87:a3:fe:f6: af:d2:b6:fb:5b:3c:89:e0:c9:8e:c8:e7:8c:c4:02:2c:8e:08: 2c:b0:5b:32:4e:52:ed:7d:6f:43:c7:83:ef:91:e8:a8:b5:4b: 62:bd:f4:60:36:89:de:f4:07:a7:f3:78:4f:b9:7a:33:a1:da: ad:b8:08:2f:cb:5e:d7:45:85:92:39:84:1e:62:57:c9:70:0a: b7:cb:bf:af:32:64:23:8f:fa:72:89:50:86:cc:1e:6c:ef:ea: e7:d2:c8:7c:35:9b:76:c2:20:f0:6a:47:57:77:9a:e2:78:aa: 13:14:0a:ea:76:f6:cf:47:9a:a4:c1:5a:4c:0c:3a:e6:09:f3: e0:44:68:62:1d:21:0b:c6:cd:6f:7b:4c:a0:21:08:2a:00:1e: 80:ca:82:5d:d1:63:2a:ff:6f:f6:0d:c3:c4:92:c4:6c:e8:b0: a1:cc:72:03:98:33:2a:f2:fb:3e:d8:0e:86:68:49:b5:bf:54: 43:90:df:a7:32:3a:be:ec:29:86:79:d8:4a:6f:57:ff:0d:f3: 2d:92:53:68 -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUCqR8dI58D/hwBj057jgULwFe1twwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOTAeFw0yMzExMDUwNDAyMTNaFw0yNDExMDMwNDA3MTNaMDMxMTAvBgNV BAMTKERDNzhDNTZEQTREQzE1NTRDOTlDNDI2ODJBRTIyNDk0NDU5NDU1RDMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCa1IQaEqa6f3gncx+rDrKt3GCB dMNidQmEt2y7YhOxCrWGwp68QC8Xrygf1ckkZO9ouIqi9F7yn/dYTGJKCg5O4WOT NTtHKZvZWgiFBUFlYtTEJs9WX2T0tlyheN1/CJHSVT2aTwAJgVqNxcIJecYLhZh0 rW5y7Mf25uJe7AHQjPQLshA+lAwcdgpJaEKPcEbmrWOhxWWglu9odFG7EqNZX8J8 jcE7Qr8ru30ktjfPFI5aZpCPpL7u8ri+Pl0DENBpVLVdoEvXYmHxr/Fg6lFAfDv0 C1/kkVBOhQlV2gpEC6S79Fnw5THPk9enxl7B7PrbHYTtdNhSz4Ewh40r51IRAgMB AAGjggH0MIIB8DAdBgNVHQ4EFgQU3HjFbaTcFVTJnEJoKuIklEWUVdMwHwYDVR0j BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5 bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2 M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD MjQzOUI3NkQ4NUFGOS5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w L0FTMjAzMzMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgpgQK8wDQYJKoZIhvcNAQELBQADggEBACXc 5ENr9qwN/Gpj/efn5U8kA7cNk9ebMCSYhlUkJR0yoP7AwgPSamHnYCGvRrqKC9C/ h6P+9q/StvtbPIngyY7I54zEAiyOCCywWzJOUu19b0PHg++R6Ki1S2K99GA2id70 B6fzeE+5ejOh2q24CC/LXtdFhZI5hB5iV8lwCrfLv68yZCOP+nKJUIbMHmzv6ufS yHw1m3bCIPBqR1d3muJ4qhMUCup29s9HmqTBWkwMOuYJ8+BEaGIdIQvGzW97TKAh CCoAHoDKgl3RYyr/b/YNw8SSxGzosKHMcgOYMyry+z7YDoZoSbW/VEOQ36cyOr7s KYZ52EpvV/8N8y2SU2g= -----END CERTIFICATE-----Generated at Tue May 21 04:45:06 2024 by rpki-client on console-fra.rpki-client.org