$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS209652.roa File: AS209652.roa (raw, json) Hash identifier: lLlTOnnd+OizKLU9CHG2X6T5IdMzg192vQ1PIdFjoQ0= Subject key identifier: 6A:AE:82:87:BE:15:FE:F8:EB:B8:12:9F:CE:65:C4:39:D0:F5:3A:FE Certificate issuer: /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Certificate serial: 4D3E7104D4CF3788C17B62BC654FC37E949C2161 Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS209652.roa Signing time: Sun 06 Oct 2024 04:45:10 +0000 ROA not before: Sun 06 Oct 2024 04:40:10 +0000 ROA not after: Sun 05 Oct 2025 04:45:10 +0000 asID: 209652 IP address blocks: 2a0a:6040:2400::/40 maxlen: 48 Validation: OK Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 22 Nov 2024 04:12:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:3e:71:04:d4:cf:37:88:c1:7b:62:bc:65:4f:c3:7e:94:9c:21:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Validity Not Before: Oct 6 04:40:10 2024 GMT Not After : Oct 5 04:45:10 2025 GMT Subject: CN=6AAE8287BE15FEF8EBB8129FCE65C439D0F53AFE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:79:8f:6a:f5:09:8d:eb:55:ca:03:aa:ea:d6: ae:20:e3:ba:13:5b:78:b9:3a:28:16:20:f9:cb:52: 75:79:fd:95:eb:a8:d9:c9:c6:db:98:84:bb:41:34: a0:42:de:24:ed:f4:95:93:cc:88:bd:9b:b4:8a:55: cc:17:bc:e8:6e:bd:bc:b6:8d:07:53:63:4e:b5:21: 4f:5d:bf:75:c1:1e:1c:23:49:46:e8:cf:4a:db:29: 43:5e:ac:c8:54:86:f0:88:42:8f:60:7d:9b:5b:1f: 0d:de:66:d5:d9:3e:97:01:54:f1:d2:57:ea:a9:25: af:8e:5f:18:a0:fa:4d:0b:dc:f3:8f:37:33:1e:7e: ec:33:9e:44:91:9e:ba:b2:95:39:a2:9c:71:de:82: ce:ff:93:17:52:80:83:3d:71:99:10:2a:c3:6b:b9: e1:b6:29:e5:2b:0c:ff:c0:6c:5c:18:77:32:f1:8e: df:86:88:26:35:71:24:f3:5a:a1:16:e6:f0:bb:57: 52:71:c9:83:6f:42:73:4f:17:ac:80:35:f2:72:3e: 0f:91:82:0d:92:c2:4e:27:3b:bc:e9:c7:e0:76:16: d8:02:13:e6:f3:9a:ed:76:27:69:29:dc:61:c4:36: 5a:98:55:a3:91:a1:b8:76:e6:0c:ac:9d:a5:77:fd: 7d:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:AE:82:87:BE:15:FE:F8:EB:B8:12:9F:CE:65:C4:39:D0:F5:3A:FE X509v3 Authority Key Identifier: keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject Information Access: Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS209652.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0a:6040:2400::/40 Signature Algorithm: sha256WithRSAEncryption a9:60:b4:d0:41:58:de:66:10:87:90:dc:88:5f:84:28:1e:5d: c3:b9:87:ea:8a:f0:4c:d2:9a:72:10:2b:3d:1d:bb:14:3a:cc: 61:22:06:34:da:fa:f1:d7:80:77:46:fc:97:ab:77:8c:37:3e: 98:49:08:68:e9:6c:a4:55:5f:2b:69:a9:ed:6f:33:8d:9c:a7: 67:19:ad:8d:ea:80:50:18:cd:d1:47:fa:99:2a:6d:91:18:20: 9c:2c:72:06:28:c8:de:7b:8d:e7:ea:25:ad:5e:08:99:2a:b1: 04:3f:38:3d:9c:b8:7b:fd:3a:af:fe:52:4f:2d:86:47:7d:0c: 23:44:85:44:1b:f6:07:c7:2b:b4:c2:bc:93:ec:9a:e6:9f:3f: 88:2b:5d:f3:ff:93:ea:94:fc:9c:1b:f4:89:3d:8d:31:c6:da: d5:ea:58:29:92:14:5f:ea:40:1e:07:81:1e:eb:1b:be:f6:6d: 11:bf:92:05:09:6c:ac:74:a9:3f:a2:d2:cd:6f:32:c4:9b:11: 91:d7:77:ea:68:23:c2:df:5d:75:fb:42:4f:b3:33:44:ae:f0: 93:f2:88:e8:97:85:30:c4:ca:45:56:fa:d0:53:43:88:88:ea: 3c:9b:a1:fd:cf:df:03:42:11:36:74:b5:3f:0d:4e:ce:74:b6: 52:09:ae:64 -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUTT5xBNTPN4jBe2K8ZU/DfpScIWEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOTAeFw0yNDEwMDYwNDQwMTBaFw0yNTEwMDUwNDQ1MTBaMDMxMTAvBgNV BAMTKDZBQUU4Mjg3QkUxNUZFRjhFQkI4MTI5RkNFNjVDNDM5RDBGNTNBRkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdeY9q9QmN61XKA6rq1q4g47oT W3i5OigWIPnLUnV5/ZXrqNnJxtuYhLtBNKBC3iTt9JWTzIi9m7SKVcwXvOhuvby2 jQdTY061IU9dv3XBHhwjSUboz0rbKUNerMhUhvCIQo9gfZtbHw3eZtXZPpcBVPHS V+qpJa+OXxig+k0L3POPNzMefuwznkSRnrqylTminHHegs7/kxdSgIM9cZkQKsNr ueG2KeUrDP/AbFwYdzLxjt+GiCY1cSTzWqEW5vC7V1JxyYNvQnNPF6yANfJyPg+R gg2Swk4nO7zpx+B2FtgCE+bzmu12J2kp3GHENlqYVaORobh25gysnaV3/X0pAgMB AAGjggH0MIIB8DAdBgNVHQ4EFgQUaq6Ch74V/vjruBKfzmXEOdD1Ov4wHwYDVR0j BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5 bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2 M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD MjQzOUI3NkQ4NUFGOS5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w L0FTMjA5NjUyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgpgQCQwDQYJKoZIhvcNAQELBQADggEBAKlg tNBBWN5mEIeQ3IhfhCgeXcO5h+qK8EzSmnIQKz0duxQ6zGEiBjTa+vHXgHdG/Jer d4w3PphJCGjpbKRVXytpqe1vM42cp2cZrY3qgFAYzdFH+pkqbZEYIJwscgYoyN57 jefqJa1eCJkqsQQ/OD2cuHv9Oq/+Uk8thkd9DCNEhUQb9gfHK7TCvJPsmuafP4gr XfP/k+qU/Jwb9Ik9jTHG2tXqWCmSFF/qQB4HgR7rG772bRG/kgUJbKx0qT+i0s1v MsSbEZHXd+poI8LfXXX7Qk+zM0Su8JPyiOiXhTDEykVW+tBTQ4iI6jybof3P3wNC ETZ0tT8NTs50tlIJrmQ= -----END CERTIFICATE-----Generated at Thu Nov 21 18:46:55 2024 by rpki-client on console-ams.rpki-client.org