$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS212854.roa File: AS212854.roa (raw, json) Hash identifier: ZCCYXUKE6bsgxEqFnekFKJxCPh8iUnhhW7eZSRnNcOk= Subject key identifier: 23:5E:7C:6B:DB:E8:11:9F:C8:41:8F:82:00:E9:E6:BC:9C:2F:24:21 Certificate issuer: /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Certificate serial: 14C10C3DAF0FEC87E421D8934D624AC85076BF86 Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS212854.roa Signing time: Tue 04 Mar 2025 11:45:56 +0000 ROA not before: Tue 04 Mar 2025 11:40:56 +0000 ROA not after: Tue 03 Mar 2026 11:45:56 +0000 asID: 212854 IP address blocks: 2a05:dfc1:3e00::/40 maxlen: 48 Validation: OK Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Apr 2025 02:10:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:c1:0c:3d:af:0f:ec:87:e4:21:d8:93:4d:62:4a:c8:50:76:bf:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Validity Not Before: Mar 4 11:40:56 2025 GMT Not After : Mar 3 11:45:56 2026 GMT Subject: CN=235E7C6BDBE8119FC8418F8200E9E6BC9C2F2421 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:06:1d:3a:28:b5:1d:9e:49:a7:08:1d:2c:66: c1:4d:16:b8:db:aa:73:70:69:a4:e2:6a:79:5c:da: c3:eb:ec:60:2f:bf:fd:36:27:b5:52:da:95:7e:52: 8f:03:80:d5:9a:12:0e:6d:8f:ba:f4:0f:89:b4:56: f9:c0:5d:ca:5c:4e:f4:f7:16:ea:54:00:04:ba:3e: 2b:05:3f:78:35:f0:41:3d:f4:30:62:71:f1:60:b0: e4:ea:69:a2:cf:02:90:f4:e8:69:ad:93:4b:fc:4f: fa:5a:ca:36:83:15:12:6b:ef:31:4a:f7:21:e4:f5: 7f:15:6d:6a:a3:93:0c:8a:59:d2:23:42:d7:e1:ef: b4:35:7a:91:6f:d3:a2:03:36:14:dc:0b:34:1d:5d: 82:4f:2f:cd:a3:95:a4:b3:b6:94:47:bd:a6:da:65: 12:68:ff:67:a4:a5:10:4b:68:82:4b:2e:c2:d7:42: f2:10:79:04:5c:de:e4:c7:c0:8e:df:7a:14:be:f2: 7b:5e:c7:6e:83:f6:02:2e:a4:a0:30:3e:57:91:9a: d1:2e:90:69:86:6c:ed:f5:5e:d9:43:49:26:36:ea: 07:39:fb:d1:d7:48:b4:c5:48:42:a9:84:11:c4:5e: 01:17:fd:82:3d:aa:a5:03:57:a2:ce:50:f4:8f:fd: 7b:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:5E:7C:6B:DB:E8:11:9F:C8:41:8F:82:00:E9:E6:BC:9C:2F:24:21 X509v3 Authority Key Identifier: keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject Information Access: Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS212854.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc1:3e00::/40 Signature Algorithm: sha256WithRSAEncryption bb:d6:f3:47:a9:b5:12:f2:f0:81:62:4f:2f:52:f4:8f:b0:2d: 1a:85:b6:95:30:b5:58:a2:80:a2:4a:0e:60:ff:47:ba:b0:58: 11:de:a2:75:c7:42:81:1d:78:b7:55:6e:0d:73:14:62:49:7e: ac:e6:91:f7:32:63:46:0e:1f:c5:82:f9:d5:ce:de:37:23:b1: 35:6f:61:85:e9:3a:d9:b7:8f:a9:76:1d:ee:9c:f4:d5:a6:6d: 0d:89:62:b2:40:0e:aa:c0:b6:0f:b5:4e:7d:68:aa:17:8f:45: 15:29:c6:14:7e:83:7d:33:a9:df:23:4f:da:b2:65:8f:13:73: bb:22:5a:26:96:0d:29:8f:ed:19:23:a2:34:19:9f:5e:3a:db: 9b:85:f2:0d:c7:15:77:25:9d:80:04:25:eb:79:25:b1:88:14: 04:18:a6:36:89:fe:cd:3d:19:eb:55:0c:d9:83:b5:61:59:57: f4:1e:19:44:e3:18:5e:4a:11:fe:d2:22:26:f0:dd:39:5d:81: c2:c3:45:28:54:3b:18:98:f9:14:1a:34:e1:dc:5c:b1:ad:9a: 30:77:ef:2b:4d:26:4f:e5:ef:00:c1:a8:4d:5b:47:c9:93:29: 4a:39:6f:eb:3c:49:fe:36:70:10:4e:40:a5:a2:d7:5c:e2:7c: c8:6c:44:83 -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUFMEMPa8P7IfkIdiTTWJKyFB2v4YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOTAeFw0yNTAzMDQxMTQwNTZaFw0yNjAzMDMxMTQ1NTZaMDMxMTAvBgNV BAMTKDIzNUU3QzZCREJFODExOUZDODQxOEY4MjAwRTlFNkJDOUMyRjI0MjEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBBh06KLUdnkmnCB0sZsFNFrjb qnNwaaTianlc2sPr7GAvv/02J7VS2pV+Uo8DgNWaEg5tj7r0D4m0VvnAXcpcTvT3 FupUAAS6PisFP3g18EE99DBicfFgsOTqaaLPApD06Gmtk0v8T/payjaDFRJr7zFK 9yHk9X8VbWqjkwyKWdIjQtfh77Q1epFv06IDNhTcCzQdXYJPL82jlaSztpRHvaba ZRJo/2ekpRBLaIJLLsLXQvIQeQRc3uTHwI7fehS+8ntex26D9gIupKAwPleRmtEu kGmGbO31XtlDSSY26gc5+9HXSLTFSEKphBHEXgEX/YI9qqUDV6LOUPSP/XstAgMB AAGjggH0MIIB8DAdBgNVHQ4EFgQUI158a9voEZ/IQY+CAOnmvJwvJCEwHwYDVR0j BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5 bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2 M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD MjQzOUI3NkQ4NUFGOS5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w L0FTMjEyODU0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXfwT4wDQYJKoZIhvcNAQELBQADggEBALvW 80eptRLy8IFiTy9S9I+wLRqFtpUwtViigKJKDmD/R7qwWBHeonXHQoEdeLdVbg1z FGJJfqzmkfcyY0YOH8WC+dXO3jcjsTVvYYXpOtm3j6l2He6c9NWmbQ2JYrJADqrA tg+1Tn1oqhePRRUpxhR+g30zqd8jT9qyZY8Tc7siWiaWDSmP7RkjojQZn14625uF 8g3HFXclnYAEJet5JbGIFAQYpjaJ/s09GetVDNmDtWFZV/QeGUTjGF5KEf7SIibw 3TldgcLDRShUOxiY+RQaNOHcXLGtmjB37ytNJk/l7wDBqE1bR8mTKUo5b+s8Sf42 cBBOQKWi11zifMhsRIM= -----END CERTIFICATE-----Generated at Fri Apr 4 17:03:26 2025 by rpki-client