$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS203686.roa File: AS203686.roa (raw, json) Hash identifier: 3exQ5HqA1pyxfdhXZMgWDWzfdNHoCWmPz27uEslqA1s= Subject key identifier: C4:CE:86:55:E4:11:EF:A0:AD:45:32:F0:BE:73:BB:01:95:50:50:53 Certificate issuer: /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Certificate serial: 42F94DC6859D0AA0AC1B793747E9F46AC1C22163 Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS203686.roa Signing time: Mon 08 Jul 2024 23:00:28 +0000 ROA not before: Mon 08 Jul 2024 22:55:28 +0000 ROA not after: Mon 07 Jul 2025 23:00:28 +0000 asID: 203686 IP address blocks: 2a05:dfc1:7e00::/40 maxlen: 48 Validation: OK Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 22 Nov 2024 04:12:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:f9:4d:c6:85:9d:0a:a0:ac:1b:79:37:47:e9:f4:6a:c1:c2:21:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Validity Not Before: Jul 8 22:55:28 2024 GMT Not After : Jul 7 23:00:28 2025 GMT Subject: CN=C4CE8655E411EFA0AD4532F0BE73BB0195505053 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:b3:a8:73:27:aa:65:66:2f:3f:8e:44:b3:22: 88:8a:f6:5b:85:1c:0f:2a:fe:dc:4d:22:38:07:29: 9c:32:de:10:02:6a:4b:c1:94:83:47:84:f5:25:39: 05:e4:d7:68:5a:2c:ec:03:ad:3d:be:6f:4e:43:69: 86:4a:ad:5b:56:98:1e:45:be:e4:8a:af:04:11:ff: 6e:6d:67:6a:58:ae:4d:21:ca:bf:df:3d:07:0b:47: b6:b2:4a:1b:71:c0:b5:5d:01:33:82:a4:61:c4:ac: a6:8c:18:85:9e:4c:34:ca:e2:ae:f5:81:0e:9b:89: cd:eb:6e:4d:3f:00:86:5b:38:03:ba:c3:1c:12:45: 51:1f:44:72:52:1b:1c:72:12:1e:b1:ac:b6:25:fc: 47:93:6c:1d:0e:6c:38:d3:d6:f0:17:17:63:80:ce: 35:58:38:d9:c3:6e:82:5d:ba:23:f3:ee:ac:63:68: fd:ba:41:34:1d:1b:07:67:80:d4:3f:35:92:16:a7: 97:de:59:18:38:63:44:32:be:1a:0c:25:e1:eb:8f: 8d:f9:74:1e:7e:4f:60:75:17:81:01:92:f3:72:96: 5c:57:92:4c:e5:a4:ea:56:28:32:47:82:fe:38:c2: cf:1d:82:77:8b:55:87:8d:d6:14:ea:55:ab:b9:43: 79:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:CE:86:55:E4:11:EF:A0:AD:45:32:F0:BE:73:BB:01:95:50:50:53 X509v3 Authority Key Identifier: keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject Information Access: Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS203686.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc1:7e00::/40 Signature Algorithm: sha256WithRSAEncryption 6b:b2:79:7a:bc:54:e0:7c:5d:8b:27:30:6f:b5:c6:b6:52:60: 8f:75:ef:61:6d:ed:1e:f3:2b:b0:fa:55:3f:8f:4e:0a:d2:8a: 09:26:be:53:a9:a8:e4:43:55:83:0e:50:8a:ae:68:ba:ee:9b: 62:e1:3c:58:2d:97:f7:db:33:bf:cf:78:0c:b5:78:09:c2:48: 89:d1:11:ec:c8:04:60:88:aa:75:42:10:d3:2c:ca:8d:88:6f: 83:57:ce:68:7c:32:01:20:33:d9:96:54:2c:05:3f:c4:0e:5d: ad:95:25:18:d1:2f:46:93:9b:28:47:fc:58:9b:c0:ff:35:80: 8a:95:83:41:48:d5:5d:af:7e:b8:b9:1e:7a:6f:09:4f:55:93: cf:78:39:43:eb:47:76:b3:68:9a:24:b0:07:c7:6c:cb:7d:40: 3a:f1:b7:f3:65:e6:a4:b1:1b:9f:d1:83:be:06:88:21:d1:ee: ce:9c:a1:68:1a:c0:bf:d2:db:f6:c1:a0:9c:af:0c:b2:48:b5: 2d:a2:7a:c3:0b:ae:b8:a5:6f:38:f7:23:50:b1:d0:0f:0e:22: d2:c1:43:1e:6e:b7:7a:cd:96:60:28:1f:b5:7b:3f:e2:0a:2f: ca:a0:dd:01:75:8a:61:aa:42:80:07:4b:52:82:ae:cc:69:37: 5d:a1:fd:0b -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUQvlNxoWdCqCsG3k3R+n0asHCIWMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOTAeFw0yNDA3MDgyMjU1MjhaFw0yNTA3MDcyMzAwMjhaMDMxMTAvBgNV BAMTKEM0Q0U4NjU1RTQxMUVGQTBBRDQ1MzJGMEJFNzNCQjAxOTU1MDUwNTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCss6hzJ6plZi8/jkSzIoiK9luF HA8q/txNIjgHKZwy3hACakvBlINHhPUlOQXk12haLOwDrT2+b05DaYZKrVtWmB5F vuSKrwQR/25tZ2pYrk0hyr/fPQcLR7ayShtxwLVdATOCpGHErKaMGIWeTDTK4q71 gQ6bic3rbk0/AIZbOAO6wxwSRVEfRHJSGxxyEh6xrLYl/EeTbB0ObDjT1vAXF2OA zjVYONnDboJduiPz7qxjaP26QTQdGwdngNQ/NZIWp5feWRg4Y0QyvhoMJeHrj435 dB5+T2B1F4EBkvNyllxXkkzlpOpWKDJHgv44ws8dgneLVYeN1hTqVau5Q3lbAgMB AAGjggH0MIIB8DAdBgNVHQ4EFgQUxM6GVeQR76CtRTLwvnO7AZVQUFMwHwYDVR0j BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5 bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2 M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD MjQzOUI3NkQ4NUFGOS5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w L0FTMjAzNjg2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXfwX4wDQYJKoZIhvcNAQELBQADggEBAGuy eXq8VOB8XYsnMG+1xrZSYI9172Ft7R7zK7D6VT+PTgrSigkmvlOpqORDVYMOUIqu aLrum2LhPFgtl/fbM7/PeAy1eAnCSInREezIBGCIqnVCENMsyo2Ib4NXzmh8MgEg M9mWVCwFP8QOXa2VJRjRL0aTmyhH/FibwP81gIqVg0FI1V2vfri5HnpvCU9Vk894 OUPrR3azaJoksAfHbMt9QDrxt/Nl5qSxG5/Rg74GiCHR7s6coWgawL/S2/bBoJyv DLJItS2iesMLrrilbzj3I1Cx0A8OItLBQx5ut3rNlmAoH7V7P+IKL8qg3QF1imGq QoAHS1KCrsxpN12h/Qs= -----END CERTIFICATE-----Generated at Thu Nov 21 17:25:46 2024 by rpki-client on console-fra.rpki-client.org