$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS924.roa File: AS924.roa (raw, json) Hash identifier: pnX98aDmiwj21K54GyumtH8zBQdd9XuukgK7lK4AQBo= Subject key identifier: AE:59:02:E9:F1:AA:35:34:C1:00:39:C2:E1:74:6B:2A:34:89:FE:86 Certificate issuer: /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Certificate serial: 1AEBAA88AACBB7C1CC459046C32CD0B20B938259 Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS924.roa Signing time: Thu 19 Dec 2024 09:58:28 +0000 ROA not before: Thu 19 Dec 2024 09:53:28 +0000 ROA not after: Thu 18 Dec 2025 09:58:28 +0000 asID: 924 IP address blocks: 2a0a:6040:ff00::/40 maxlen: 48 Validation: OK Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 05 Apr 2025 02:10:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:eb:aa:88:aa:cb:b7:c1:cc:45:90:46:c3:2c:d0:b2:0b:93:82:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Validity Not Before: Dec 19 09:53:28 2024 GMT Not After : Dec 18 09:58:28 2025 GMT Subject: CN=AE5902E9F1AA3534C10039C2E1746B2A3489FE86 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:80:0f:97:33:ec:1b:d0:1c:ee:5b:b5:44:13: 2a:30:8e:e2:fc:76:db:aa:bb:53:45:bc:d8:ad:d2: 23:f7:03:18:cd:e8:b3:0f:54:af:51:fb:41:f5:17: ff:f2:13:27:2d:5f:16:34:7b:9e:0c:24:bd:f8:9f: c3:c2:39:89:af:85:bb:00:16:83:0a:dd:14:a4:a9: 88:f3:d7:f1:34:ea:c9:c9:c9:c4:67:cd:5e:cc:b6: 38:83:86:88:0c:0b:31:03:e7:f1:66:25:d2:d9:6f: c7:8a:8b:33:47:25:d1:3c:c7:78:81:1b:9c:89:50: ee:76:5b:84:80:93:17:75:9e:7b:fa:35:bf:5a:03: 98:80:2d:bd:d8:b7:10:62:6f:bd:35:bb:21:c3:ce: 24:c7:3e:06:49:96:fb:32:8c:9c:77:90:39:23:9a: 18:a1:68:8c:81:34:1c:ed:08:35:85:d8:5c:eb:d4: 7e:fd:2b:9b:23:8a:ed:c6:65:80:a0:21:f8:f2:25: c7:45:17:0b:34:b2:ef:8d:b5:10:32:92:35:81:90: f3:67:a2:cd:2f:7a:91:0e:a6:b5:70:01:97:c9:a5: 60:00:d1:56:05:8f:17:aa:32:4b:89:97:40:06:00: bd:77:19:02:e0:a3:f8:93:64:4c:fe:b4:ff:97:ca: 5f:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:59:02:E9:F1:AA:35:34:C1:00:39:C2:E1:74:6B:2A:34:89:FE:86 X509v3 Authority Key Identifier: keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject Information Access: Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS924.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0a:6040:ff00::/40 Signature Algorithm: sha256WithRSAEncryption ad:6e:7c:57:b7:6a:cd:9c:8e:58:d0:6a:7e:2b:dc:da:76:c0: cc:91:58:90:ed:f9:e2:6e:3b:d6:82:e0:4c:55:e9:a3:6b:51: 89:d4:f0:57:e7:56:67:4b:94:6c:67:03:cf:4c:e8:ae:62:7b: 35:d3:f3:9d:7b:66:c5:5f:0d:58:87:73:df:ea:a0:a5:ff:ce: 46:12:2e:80:f5:2a:b6:8c:c6:a9:b1:25:b0:49:8f:4c:1b:bf: 9d:1d:68:08:45:b7:1c:8a:70:10:dd:46:45:84:ce:be:5d:61: 94:fc:de:55:87:d9:90:9a:27:f9:25:eb:c1:b4:a2:3a:ba:2f: 36:a8:13:a2:42:fd:dd:4b:2f:a0:45:1d:19:c6:15:ec:b9:36: 8d:51:c7:2b:6d:21:e6:e1:c7:04:06:75:fa:7c:36:be:a3:b1: 1a:fb:80:06:fd:bb:cf:d9:4f:02:e5:4e:72:d6:bf:1c:cc:4c: 46:cf:29:14:73:a7:6f:f6:31:90:36:8a:05:16:28:36:4b:fc: 1f:74:c9:0e:5f:be:d3:10:b2:0c:d2:cd:c4:50:67:2a:5e:4a: 80:74:f0:c8:80:04:53:4c:79:ad:77:55:ff:1e:83:bb:d6:95: 5a:9d:f0:65:39:b9:00:c5:b0:9b:60:57:33:44:85:b6:8f:20: a2:12:6c:ed -----BEGIN CERTIFICATE----- MIIE5zCCA8+gAwIBAgIUGuuqiKrLt8HMRZBGwyzQsguTglkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOTAeFw0yNDEyMTkwOTUzMjhaFw0yNTEyMTgwOTU4MjhaMDMxMTAvBgNV BAMTKEFFNTkwMkU5RjFBQTM1MzRDMTAwMzlDMkUxNzQ2QjJBMzQ4OUZFODYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3gA+XM+wb0BzuW7VEEyowjuL8 dtuqu1NFvNit0iP3AxjN6LMPVK9R+0H1F//yEyctXxY0e54MJL34n8PCOYmvhbsA FoMK3RSkqYjz1/E06snJycRnzV7MtjiDhogMCzED5/FmJdLZb8eKizNHJdE8x3iB G5yJUO52W4SAkxd1nnv6Nb9aA5iALb3YtxBib701uyHDziTHPgZJlvsyjJx3kDkj mhihaIyBNBztCDWF2Fzr1H79K5sjiu3GZYCgIfjyJcdFFws0su+NtRAykjWBkPNn os0vepEOprVwAZfJpWAA0VYFjxeqMkuJl0AGAL13GQLgo/iTZEz+tP+Xyl/nAgMB AAGjggHxMIIB7TAdBgNVHQ4EFgQUrlkC6fGqNTTBADnC4XRrKjSJ/oYwHwYDVR0j BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5 bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2 M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD MjQzOUI3NkQ4NUFGOS5jZXIwVwYIKwYBBQUHAQsESzBJMEcGCCsGAQUFBzALhjty c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w L0FTOTI0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEH AQH/BBIwEDAOBAIAAjAIAwYAKgpgQP8wDQYJKoZIhvcNAQELBQADggEBAK1ufFe3 as2cjljQan4r3Np2wMyRWJDt+eJuO9aC4ExV6aNrUYnU8FfnVmdLlGxnA89M6K5i ezXT8517ZsVfDViHc9/qoKX/zkYSLoD1KraMxqmxJbBJj0wbv50daAhFtxyKcBDd RkWEzr5dYZT83lWH2ZCaJ/kl68G0ojq6LzaoE6JC/d1LL6BFHRnGFey5No1Rxytt IebhxwQGdfp8Nr6jsRr7gAb9u8/ZTwLlTnLWvxzMTEbPKRRzp2/2MZA2igUWKDZL /B90yQ5fvtMQsgzSzcRQZypeSoB08MiABFNMea13Vf8eg7vWlVqd8GU5uQDFsJtg VzNEhbaPIKISbO0= -----END CERTIFICATE-----Generated at Fri Apr 4 16:59:09 2025 by rpki-client