$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS211036.roa File: AS211036.roa (raw, json) Hash identifier: EBUbSORFRPi1fMJq5gmjDMvJFk3STeRRouBpC8+FJ9Y= Subject key identifier: 1C:FD:46:A3:9E:C7:68:F3:CE:18:DD:C9:89:D4:8C:4A:49:16:E6:34 Certificate issuer: /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Certificate serial: 5474C291357BA1DC71E2F058B2EADC4A94F0E21D Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS211036.roa Signing time: Wed 29 Jan 2025 09:45:43 +0000 ROA not before: Wed 29 Jan 2025 09:40:43 +0000 ROA not after: Wed 28 Jan 2026 09:45:43 +0000 asID: 211036 IP address blocks: 2a05:dfc1:1a00::/40 maxlen: 48 Validation: OK Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 09 Apr 2025 03:33:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:74:c2:91:35:7b:a1:dc:71:e2:f0:58:b2:ea:dc:4a:94:f0:e2:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Validity Not Before: Jan 29 09:40:43 2025 GMT Not After : Jan 28 09:45:43 2026 GMT Subject: CN=1CFD46A39EC768F3CE18DDC989D48C4A4916E634 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:96:7e:f0:9b:13:d3:b1:0c:94:25:6d:a3:ce: 14:78:59:b2:bd:76:d9:76:34:de:26:b3:e6:56:5c: 71:60:8e:30:1a:1e:f2:45:26:0a:b5:dd:d6:7b:51: e2:c9:ec:18:6c:4a:83:16:23:65:d2:cf:22:15:e3: 9c:ba:5a:88:93:99:76:fe:1d:b7:20:1c:eb:db:87: d8:41:21:3d:73:f4:cf:f1:1d:70:dd:b2:4c:f2:0a: 43:0f:1a:98:3c:e5:2d:1a:08:ab:08:d4:d5:06:9a: 87:e9:d2:49:eb:66:8b:f8:01:6e:5e:ce:27:20:77: 99:65:ec:92:d6:25:d9:a1:9a:5b:e3:c7:b7:c5:d1: 80:79:71:b9:13:9c:f3:49:fa:ca:c7:42:c9:5b:76: 88:55:b5:0b:8f:c5:85:92:25:27:c9:89:d2:22:e6: 67:ad:85:a1:c2:a3:42:47:3d:6c:4e:c0:00:e2:67: 83:b7:9b:69:66:aa:f3:11:68:eb:25:ff:8d:fc:8f: 72:a8:58:98:6d:b8:34:7c:9f:99:3f:20:0c:f3:6a: 49:a6:9a:9c:4a:60:f7:1e:18:a6:1f:4f:18:5a:70: 8e:63:ea:8f:a7:65:82:49:d7:56:9b:91:73:9c:d5: 3a:95:0e:f9:d3:b4:6f:01:06:44:48:5b:f5:09:c4: 75:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:FD:46:A3:9E:C7:68:F3:CE:18:DD:C9:89:D4:8C:4A:49:16:E6:34 X509v3 Authority Key Identifier: keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject Information Access: Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS211036.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc1:1a00::/40 Signature Algorithm: sha256WithRSAEncryption 07:44:a8:08:94:f4:f1:c7:21:61:c9:2e:6b:17:b9:cb:48:30: f3:c4:e9:26:c1:9f:e5:82:27:20:46:d3:a0:47:c4:a8:e3:63: 0a:4f:66:41:a1:11:03:9f:cd:1c:b3:d2:83:0f:75:aa:71:8e: 42:49:2a:72:41:fa:90:05:2e:be:db:e4:e3:cc:d3:f1:47:40: 3f:78:3e:8e:94:92:e2:1d:55:d5:f4:04:1c:c3:ee:5f:19:05: e8:6f:2e:b5:9d:46:36:f8:e4:f8:da:67:50:5d:3a:99:eb:67: 2e:a7:40:3e:14:05:11:73:9b:88:62:91:b1:4e:e7:35:61:35: 72:46:5a:21:06:0d:45:2e:e3:90:b6:9a:7b:73:5e:69:d6:7d: 16:6c:0b:67:ae:73:2d:5c:9c:da:fb:8a:2a:d4:0a:a6:da:9a: 63:0f:9c:ed:0c:66:e5:1a:e0:d4:94:8a:dd:35:72:c4:ac:cc: ff:2e:d6:5e:2b:9e:e9:8e:f3:a0:73:3e:9e:00:5a:dd:b5:a7: 61:b1:ca:f7:52:99:a8:df:ec:04:19:31:0a:a6:34:bb:f0:4f: e6:cf:be:7b:3a:b1:9c:03:36:82:f9:94:0f:62:c2:a8:37:b8: ed:4e:9c:88:fd:3b:e9:fa:9e:cf:9e:ce:51:e5:d0:ff:45:e0: 9c:1c:41:88 -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUVHTCkTV7odxx4vBYsurcSpTw4h0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOTAeFw0yNTAxMjkwOTQwNDNaFw0yNjAxMjgwOTQ1NDNaMDMxMTAvBgNV BAMTKDFDRkQ0NkEzOUVDNzY4RjNDRTE4RERDOTg5RDQ4QzRBNDkxNkU2MzQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEln7wmxPTsQyUJW2jzhR4WbK9 dtl2NN4ms+ZWXHFgjjAaHvJFJgq13dZ7UeLJ7BhsSoMWI2XSzyIV45y6WoiTmXb+ HbcgHOvbh9hBIT1z9M/xHXDdskzyCkMPGpg85S0aCKsI1NUGmofp0knrZov4AW5e zicgd5ll7JLWJdmhmlvjx7fF0YB5cbkTnPNJ+srHQslbdohVtQuPxYWSJSfJidIi 5methaHCo0JHPWxOwADiZ4O3m2lmqvMRaOsl/438j3KoWJhtuDR8n5k/IAzzakmm mpxKYPceGKYfTxhacI5j6o+nZYJJ11abkXOc1TqVDvnTtG8BBkRIW/UJxHX/AgMB AAGjggH0MIIB8DAdBgNVHQ4EFgQUHP1Go57HaPPOGN3JidSMSkkW5jQwHwYDVR0j BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5 bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2 M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD MjQzOUI3NkQ4NUFGOS5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w L0FTMjExMDM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXfwRowDQYJKoZIhvcNAQELBQADggEBAAdE qAiU9PHHIWHJLmsXuctIMPPE6SbBn+WCJyBG06BHxKjjYwpPZkGhEQOfzRyz0oMP dapxjkJJKnJB+pAFLr7b5OPM0/FHQD94Po6UkuIdVdX0BBzD7l8ZBehvLrWdRjb4 5PjaZ1BdOpnrZy6nQD4UBRFzm4hikbFO5zVhNXJGWiEGDUUu45C2mntzXmnWfRZs C2eucy1cnNr7iirUCqbammMPnO0MZuUa4NSUit01csSszP8u1l4rnumO86BzPp4A Wt21p2GxyvdSmajf7AQZMQqmNLvwT+bPvns6sZwDNoL5lA9iwqg3uO1OnIj9O+n6 ns+ezlHl0P9F4JwcQYg= -----END CERTIFICATE-----Generated at Tue Apr 8 14:17:46 2025 by rpki-client