$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS203470.roa File: AS203470.roa (raw, json) Hash identifier: FrElE3yqS/u7K2t6lrMc7Dhl4gYD5ehUJkv7UVRch68= Subject key identifier: 60:FD:51:E3:CA:52:03:EC:53:40:4F:BA:03:DA:69:22:09:E3:2F:6E Certificate issuer: /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Certificate serial: 2AF83813D6A19574E4E004F77C2EE6AC284A074A Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS203470.roa Signing time: Thu 10 Aug 2023 22:10:27 +0000 ROA not before: Thu 10 Aug 2023 22:05:27 +0000 ROA not after: Thu 08 Aug 2024 22:10:27 +0000 asID: 203470 IP address blocks: 2a05:dfc1:8400::/40 maxlen: 48 Validation: OK Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 21 May 2024 07:22:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:f8:38:13:d6:a1:95:74:e4:e0:04:f7:7c:2e:e6:ac:28:4a:07:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Validity Not Before: Aug 10 22:05:27 2023 GMT Not After : Aug 8 22:10:27 2024 GMT Subject: CN=60FD51E3CA5203EC53404FBA03DA692209E32F6E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:be:f4:c9:30:f5:ec:64:0f:c2:7b:d6:7c:52: fd:26:07:da:57:c8:9b:73:6e:ac:fb:33:09:d7:79: ce:f9:f5:29:ad:9a:39:54:95:cf:eb:9a:c7:c8:d0: 41:7e:0c:04:d7:b0:5b:05:ee:e6:9b:60:f4:33:b2: 44:05:a4:44:44:ce:7d:81:2d:a9:0a:ac:d4:a7:ac: 90:e1:fe:2a:25:03:bd:3e:df:5e:02:51:1f:4a:a0: 38:9c:fe:36:1d:85:ec:0f:d3:4c:bd:73:05:06:d0: 34:af:6e:70:7f:6d:39:e6:ee:97:a1:8f:f5:22:b7: ff:18:eb:30:1a:70:06:00:db:ca:ee:12:d0:a4:3c: 6f:9e:3b:3b:10:4a:e7:73:6c:c1:52:14:27:12:20: 1a:a7:a5:e6:8b:f6:c8:29:24:7d:42:e2:6a:b5:64: 16:03:7e:0c:42:74:48:84:61:18:8e:9b:3b:55:f9: e5:14:3a:8b:3c:58:ed:a6:52:0b:89:3c:fd:6f:02: 9f:d4:c0:31:9d:7c:a7:85:f9:9d:04:66:0b:80:72: 09:de:7e:1f:66:aa:15:84:c9:b9:6a:3d:9b:7b:7f: 9b:e4:91:92:6b:38:2f:2b:1b:d0:f7:12:0b:a9:19: 91:31:b9:c3:58:80:ae:04:d0:a0:8e:86:0c:74:05: be:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:FD:51:E3:CA:52:03:EC:53:40:4F:BA:03:DA:69:22:09:E3:2F:6E X509v3 Authority Key Identifier: keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject Information Access: Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS203470.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc1:8400::/40 Signature Algorithm: sha256WithRSAEncryption 2b:07:29:0f:43:4e:28:c9:ed:b4:80:55:cf:ee:34:55:ba:f1: 7f:d4:43:cd:23:25:46:68:f5:46:84:36:36:01:08:97:6e:73: ac:42:f5:c5:04:4d:63:55:3d:d6:35:c4:c8:99:55:eb:81:d7: cd:91:50:50:17:52:06:25:5a:1b:08:39:0d:7d:58:36:38:29: d9:57:c4:59:1e:31:6c:e5:10:d9:71:a5:58:71:04:43:b3:33: 0c:f6:0d:0b:8e:fa:99:81:e1:52:52:71:b6:37:ba:84:82:83: d0:53:8c:3e:47:26:57:15:ba:1d:bb:26:85:c4:17:b2:e8:46: 83:d4:af:79:ab:46:93:b6:91:74:38:91:fd:38:24:fa:86:96: 29:ae:1d:12:19:c9:81:b2:f9:66:ab:dd:92:11:3b:3a:8a:95: 67:0d:db:11:b3:f4:43:e8:ff:4f:14:70:b0:82:4c:65:ec:7f: 30:78:08:60:b9:b0:1b:a3:04:3a:3f:b7:82:b8:a0:a7:8a:a5: c0:83:90:ae:12:70:af:17:21:45:89:bb:89:28:6a:27:cf:fa: 37:96:62:79:e2:5b:cf:27:d7:4d:10:92:40:65:3b:7f:2b:98: af:f2:55:34:56:30:20:3c:8e:e9:d8:21:96:27:77:81:c8:ed: fd:09:5f:66 -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUKvg4E9ahlXTk4AT3fC7mrChKB0owDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOTAeFw0yMzA4MTAyMjA1MjdaFw0yNDA4MDgyMjEwMjdaMDMxMTAvBgNV BAMTKDYwRkQ1MUUzQ0E1MjAzRUM1MzQwNEZCQTAzREE2OTIyMDlFMzJGNkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTvvTJMPXsZA/Ce9Z8Uv0mB9pX yJtzbqz7MwnXec759SmtmjlUlc/rmsfI0EF+DATXsFsF7uabYPQzskQFpEREzn2B LakKrNSnrJDh/iolA70+314CUR9KoDic/jYdhewP00y9cwUG0DSvbnB/bTnm7peh j/Uit/8Y6zAacAYA28ruEtCkPG+eOzsQSudzbMFSFCcSIBqnpeaL9sgpJH1C4mq1 ZBYDfgxCdEiEYRiOmztV+eUUOos8WO2mUguJPP1vAp/UwDGdfKeF+Z0EZguAcgne fh9mqhWEyblqPZt7f5vkkZJrOC8rG9D3EgupGZExucNYgK4E0KCOhgx0Bb4pAgMB AAGjggH0MIIB8DAdBgNVHQ4EFgQUYP1R48pSA+xTQE+6A9ppIgnjL24wHwYDVR0j BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5 bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2 M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD MjQzOUI3NkQ4NUFGOS5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w L0FTMjAzNDcwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXfwYQwDQYJKoZIhvcNAQELBQADggEBACsH KQ9DTijJ7bSAVc/uNFW68X/UQ80jJUZo9UaENjYBCJduc6xC9cUETWNVPdY1xMiZ VeuB182RUFAXUgYlWhsIOQ19WDY4KdlXxFkeMWzlENlxpVhxBEOzMwz2DQuO+pmB 4VJScbY3uoSCg9BTjD5HJlcVuh27JoXEF7LoRoPUr3mrRpO2kXQ4kf04JPqGlimu HRIZyYGy+War3ZIROzqKlWcN2xGz9EPo/08UcLCCTGXsfzB4CGC5sBujBDo/t4K4 oKeKpcCDkK4ScK8XIUWJu4koaifP+jeWYnniW88n100QkkBlO38rmK/yVTRWMCA8 junYIZYnd4HI7f0JX2Y= -----END CERTIFICATE-----Generated at Mon May 20 13:08:21 2024 by rpki-client on console-fra.rpki-client.org