$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS203333.roa File: AS203333.roa (raw, json) Hash identifier: TKcytqWfyksILwSUMaXf8VdEiCgyk59XIB/EZ0OK+Cc= Subject key identifier: F3:B3:7A:25:BD:CF:62:EF:73:96:BF:28:13:93:F4:A3:E4:55:D7:AC Certificate issuer: /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Certificate serial: 22DA8D39DDCF266C4D62CE71DD0CB271AF8C4A14 Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS203333.roa Signing time: Sun 06 Oct 2024 04:45:10 +0000 ROA not before: Sun 06 Oct 2024 04:40:10 +0000 ROA not after: Sun 05 Oct 2025 04:45:10 +0000 asID: 203333 IP address blocks: 2a0a:6040:af00::/40 maxlen: 48 Validation: OK Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 22 Nov 2024 04:12:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:da:8d:39:dd:cf:26:6c:4d:62:ce:71:dd:0c:b2:71:af:8c:4a:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Validity Not Before: Oct 6 04:40:10 2024 GMT Not After : Oct 5 04:45:10 2025 GMT Subject: CN=F3B37A25BDCF62EF7396BF281393F4A3E455D7AC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:6a:cc:b0:f1:e1:75:2c:37:5a:58:eb:8d:0b: 63:2b:0f:d1:49:1b:6e:56:e1:1c:10:13:87:de:84: 09:25:ae:06:85:71:0f:e1:31:3a:66:ac:06:a9:dd: 34:b4:95:33:37:7f:f1:b6:21:e9:1e:c9:be:4d:6c: 5c:c9:72:c3:f0:78:c8:c5:09:0c:fd:e7:7f:ec:86: 61:6b:66:f0:95:60:c4:c7:cf:63:cd:f4:20:37:f8: fa:f2:5d:93:97:3d:b4:6a:a6:61:2a:f8:ad:3b:8c: 06:93:ab:45:c5:09:8f:36:b6:5d:73:2e:ba:77:2d: d7:bd:1c:0c:a6:b0:9c:05:fb:b8:97:d5:5f:48:c0: f2:1c:2c:15:af:84:62:43:76:e2:20:ca:35:f1:d0: bc:32:79:ac:cf:fe:82:bc:b3:14:ef:7f:34:96:27: 72:31:dd:96:82:40:eb:7e:f1:3e:c8:9b:8f:0c:f9: 31:40:d5:86:81:66:ad:f2:4d:e0:a1:cb:c6:16:c2: 23:ba:19:7c:ba:47:ff:31:63:57:8c:bc:e8:62:b4: 37:2a:c9:27:ac:87:bc:db:92:36:33:2f:30:a6:c9: 5e:f4:d9:f4:61:30:c0:85:cd:91:a3:b1:ce:49:92: 0d:e4:0a:df:f3:0e:9f:ef:7f:5c:95:ee:b9:e0:23: 9c:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:B3:7A:25:BD:CF:62:EF:73:96:BF:28:13:93:F4:A3:E4:55:D7:AC X509v3 Authority Key Identifier: keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject Information Access: Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS203333.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0a:6040:af00::/40 Signature Algorithm: sha256WithRSAEncryption 2d:fd:6b:fd:c9:39:4f:40:57:a9:28:3e:96:f6:04:95:9c:5c: f8:8e:31:76:af:85:db:6e:50:e3:fb:57:c4:f4:c0:3a:99:00: 54:e2:73:b2:25:45:72:f8:26:b3:b6:b8:8a:f8:69:40:14:db: fb:34:18:c2:53:47:f3:c0:2c:10:e3:ec:d0:42:39:37:36:ea: d0:a7:2e:52:77:5a:d8:d3:e5:f1:37:be:c3:57:00:58:a0:64: bf:fb:5d:a0:87:95:63:1a:57:33:e7:1b:02:83:1c:63:28:fd: 27:60:13:27:73:35:fd:aa:68:14:34:e6:99:ad:10:78:fc:a8: 1d:7d:14:a2:56:45:32:a5:11:19:8c:78:a9:85:da:cc:cb:d2: 1b:13:f9:18:cb:61:fe:cf:8d:69:4f:29:e6:f1:c5:48:a4:10: bb:c2:eb:04:91:a3:e7:5a:3e:a8:93:f1:2f:6a:d0:b8:64:ae: 0d:51:3a:b7:0e:b6:65:8c:ac:c9:89:e5:3c:ec:6c:88:68:bc: 21:11:12:18:a2:53:3a:1c:77:06:e1:84:12:9d:2d:93:75:e8: b1:fa:03:14:46:37:5b:31:87:e7:3b:40:3b:e7:a3:8f:b8:9c: 20:c6:1e:2b:c9:ba:2f:54:de:1d:31:df:ea:2a:d1:87:c8:8f: ba:c8:ff:a2 -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUItqNOd3PJmxNYs5x3Qyyca+MShQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOTAeFw0yNDEwMDYwNDQwMTBaFw0yNTEwMDUwNDQ1MTBaMDMxMTAvBgNV BAMTKEYzQjM3QTI1QkRDRjYyRUY3Mzk2QkYyODEzOTNGNEEzRTQ1NUQ3QUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxasyw8eF1LDdaWOuNC2MrD9FJ G25W4RwQE4fehAklrgaFcQ/hMTpmrAap3TS0lTM3f/G2Iekeyb5NbFzJcsPweMjF CQz953/shmFrZvCVYMTHz2PN9CA3+PryXZOXPbRqpmEq+K07jAaTq0XFCY82tl1z Lrp3Lde9HAymsJwF+7iX1V9IwPIcLBWvhGJDduIgyjXx0LwyeazP/oK8sxTvfzSW J3Ix3ZaCQOt+8T7Im48M+TFA1YaBZq3yTeChy8YWwiO6GXy6R/8xY1eMvOhitDcq ySesh7zbkjYzLzCmyV702fRhMMCFzZGjsc5Jkg3kCt/zDp/vf1yV7rngI5yfAgMB AAGjggH0MIIB8DAdBgNVHQ4EFgQU87N6Jb3PYu9zlr8oE5P0o+RV16wwHwYDVR0j BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5 bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2 M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD MjQzOUI3NkQ4NUFGOS5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w L0FTMjAzMzMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgpgQK8wDQYJKoZIhvcNAQELBQADggEBAC39 a/3JOU9AV6koPpb2BJWcXPiOMXavhdtuUOP7V8T0wDqZAFTic7IlRXL4JrO2uIr4 aUAU2/s0GMJTR/PALBDj7NBCOTc26tCnLlJ3WtjT5fE3vsNXAFigZL/7XaCHlWMa VzPnGwKDHGMo/SdgEydzNf2qaBQ05pmtEHj8qB19FKJWRTKlERmMeKmF2szL0hsT +RjLYf7PjWlPKebxxUikELvC6wSRo+daPqiT8S9q0Lhkrg1ROrcOtmWMrMmJ5Tzs bIhovCEREhiiUzocdwbhhBKdLZN16LH6AxRGN1sxh+c7QDvno4+4nCDGHivJui9U 3h0x3+oq0YfIj7rI/6I= -----END CERTIFICATE-----Generated at Thu Nov 21 17:25:46 2024 by rpki-client on console-fra.rpki-client.org