Route Origin Authorization
$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: 3kA1dDPSlKFtiWj8EVPd14A0mWBGJJSQWVDhQhCjLpw=
Subject key identifier: 7A:0A:67:14:2F:67:5C:A7:A7:0E:E1:98:3E:A2:AA:4E:D2:26:9C:C3
Certificate issuer: /CN=8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B
Certificate serial: 3751EF3DE2089DB3799974D744AB5CAED9025F76
Authority key identifier: 8F:C3:CF:B5:DF:3E:8F:72:1C:08:B8:B5:FE:7F:61:D6:7B:0B:E1:3B
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer
Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/AS0.roa
Signing time: Fri 04 Jul 2025 06:52:55 +0000
ROA not before: Fri 04 Jul 2025 06:47:55 +0000
ROA not after: Fri 03 Jul 2026 06:52:55 +0000
asID: 0
IP address blocks: 2a05:dfc1:300::/40 maxlen: 40
2a05:dfc1:800::/40 maxlen: 48
2a05:dfc1:2500::/40 maxlen: 40
2a05:dfc1:2600::/40 maxlen: 40
2a05:dfc1:2800::/40 maxlen: 40
2a05:dfc1:2900::/40 maxlen: 40
2a05:dfc1:2a00::/40 maxlen: 40
2a05:dfc1:3000::/40 maxlen: 40
2a05:dfc1:3100::/40 maxlen: 40
2a05:dfc1:3900::/40 maxlen: 40
2a05:dfc1:3a00::/40 maxlen: 40
2a05:dfc1:3b00::/40 maxlen: 40
2a05:dfc1:5000::/40 maxlen: 48
2a05:dfc1:6700::/40 maxlen: 40
2a05:dfc1:6c00::/40 maxlen: 40
2a05:dfc1:6d00::/40 maxlen: 40
2a05:dfc1:8600::/40 maxlen: 40
2a05:dfc1:8d00::/40 maxlen: 48
2a0a:6040:8b00::/40 maxlen: 48
2a0a:6040:8c00::/40 maxlen: 40
2a0a:6040:9b00::/40 maxlen: 40
2a0a:6040:ef00::/40 maxlen: 48
Validation: OK
Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.crl
rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.mft
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Jul 2025 01:40:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:51:ef:3d:e2:08:9d:b3:79:99:74:d7:44:ab:5c:ae:d9:02:5f:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B
Validity
Not Before: Jul 4 06:47:55 2025 GMT
Not After : Jul 3 06:52:55 2026 GMT
Subject: CN=7A0A67142F675CA7A70EE1983EA2AA4ED2269CC3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:fd:ac:3a:83:d2:24:40:7f:0c:10:a3:54:7d:
39:59:4c:98:bc:e4:bc:00:12:a5:fe:a8:04:17:71:
81:9b:d6:0b:18:0b:06:c5:91:6a:c7:34:a4:b0:f8:
88:89:51:81:95:97:66:ad:af:b4:7d:0f:04:53:d9:
67:58:07:4a:d5:d0:20:2e:6d:ef:9f:c2:ee:38:7f:
8e:fa:72:68:51:31:6d:97:a9:c7:49:af:f4:cb:0a:
39:7e:17:a6:75:c1:f6:04:be:70:a0:91:82:cd:fd:
a8:ee:79:19:5c:ca:70:bc:37:df:f4:ef:55:cc:e9:
5b:e2:2c:b7:b4:ff:f2:9a:42:8b:4d:3d:16:fb:0a:
f8:6e:ff:f5:77:b5:ba:32:51:9a:12:0c:bf:9b:64:
0d:af:43:65:88:1c:91:69:9c:2f:5e:94:31:26:8c:
33:50:e8:fa:7b:6c:24:89:b2:bd:c5:3a:0c:79:1b:
e0:58:1c:af:b8:c5:10:af:72:cd:c8:46:35:a9:db:
00:6b:d8:27:77:4c:32:e7:6b:d3:0e:04:13:ac:b6:
e0:f5:7b:e0:da:5d:84:89:e7:92:10:89:1a:dd:2c:
e9:4a:df:99:6b:a2:fc:b5:c2:4b:f9:72:f9:4a:7a:
bb:1d:81:97:74:f1:04:bc:92:f0:d1:cb:bf:92:31:
ee:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:0A:67:14:2F:67:5C:A7:A7:0E:E1:98:3E:A2:AA:4E:D2:26:9C:C3
X509v3 Authority Key Identifier:
keyid:8F:C3:CF:B5:DF:3E:8F:72:1C:08:B8:B5:FE:7F:61:D6:7B:0B:E1:3B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer
Subject Information Access:
Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:dfc1:300::/40
2a05:dfc1:800::/40
2a05:dfc1:2500::-2a05:dfc1:26ff:ffff:ffff:ffff:ffff:ffff
2a05:dfc1:2800::-2a05:dfc1:2aff:ffff:ffff:ffff:ffff:ffff
2a05:dfc1:3000::/39
2a05:dfc1:3900::-2a05:dfc1:3bff:ffff:ffff:ffff:ffff:ffff
2a05:dfc1:5000::/40
2a05:dfc1:6700::/40
2a05:dfc1:6c00::/39
2a05:dfc1:8600::/40
2a05:dfc1:8d00::/40
2a0a:6040:8b00::-2a0a:6040:8cff:ffff:ffff:ffff:ffff:ffff
2a0a:6040:9b00::/40
2a0a:6040:ef00::/40
Signature Algorithm: sha256WithRSAEncryption
b6:ec:62:e7:18:6e:a0:53:c8:19:7d:da:53:73:fd:52:80:5d:
36:d4:4a:d1:3a:c3:e3:34:85:d9:0f:4f:80:10:96:b2:fd:c7:
b4:59:a1:0b:bb:f5:fd:a0:4e:4a:bc:97:47:30:72:a2:03:87:
b0:b2:10:2f:54:1e:87:6e:b8:e8:26:46:06:d7:10:30:05:fe:
cb:e7:2a:ea:99:22:54:93:74:fc:2d:b2:d7:74:99:2f:92:bb:
40:56:0e:ad:f1:67:8a:bf:97:b7:db:c0:72:06:7c:12:c1:04:
71:3d:fe:2f:c6:02:cc:e1:b7:87:07:0f:bf:a0:b6:dc:93:a2:
be:92:4c:67:d3:ca:45:b1:15:f4:a3:31:b5:b1:ac:ef:f9:9e:
d1:57:db:72:4e:ce:62:8b:6c:f1:34:de:e6:19:76:f8:70:22:
c9:2f:56:ac:fa:50:ba:b6:fd:c8:06:96:55:ba:24:d3:53:2b:
ca:0a:27:cd:35:e1:52:e4:67:83:8e:e2:8c:98:2f:d2:81:8a:
32:d8:76:61:59:f1:d3:76:1a:da:b1:db:22:20:6c:31:ce:8c:
e1:92:cc:91:91:a4:d3:ba:89:c2:45:ce:de:d6:d8:77:6a:c5:
be:1c:f3:81:c9:ce:66:72:dd:38:e2:2e:60:7b:32:62:e1:d0:
1a:75:33:0c
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIUN1HvPeIInbN5mXTXRKtcrtkCX3YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEZDM0NGQjVERjNFOEY3MjFDMDhCOEI1RkU3RjYxRDY3
QjBCRTEzQjAeFw0yNTA3MDQwNjQ3NTVaFw0yNjA3MDMwNjUyNTVaMDMxMTAvBgNV
BAMTKDdBMEE2NzE0MkY2NzVDQTdBNzBFRTE5ODNFQTJBQTRFRDIyNjlDQzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDb/aw6g9IkQH8MEKNUfTlZTJi8
5LwAEqX+qAQXcYGb1gsYCwbFkWrHNKSw+IiJUYGVl2atr7R9DwRT2WdYB0rV0CAu
be+fwu44f476cmhRMW2XqcdJr/TLCjl+F6Z1wfYEvnCgkYLN/ajueRlcynC8N9/0
71XM6VviLLe0//KaQotNPRb7Cvhu//V3tboyUZoSDL+bZA2vQ2WIHJFpnC9elDEm
jDNQ6Pp7bCSJsr3FOgx5G+BYHK+4xRCvcs3IRjWp2wBr2Cd3TDLna9MOBBOstuD1
e+DaXYSJ55IQiRrdLOlK35lrovy1wkv5cvlKersdgZd08QS8kvDRy7+SMe61AgMB
AAGjggKEMIICgDAdBgNVHQ4EFgQUegpnFC9nXKenDuGYPqKqTtImnMMwHwYDVR0j
BBgwFoAUj8PPtd8+j3IcCLi1/n9h1nsL4TswDgYDVR0PAQH/BAQDAgeAMG8GA1Ud
HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v
Q0xPVURJRS1SUEtJLzQvOEZDM0NGQjVERjNFOEY3MjFDMDhCOEI1RkU3RjYxRDY3
QjBCRTEzQi5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5
bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2
M2UwMTg1NzU1YzkxYmUzZjlkLzcvOEZDM0NGQjVERjNFOEY3MjFDMDhCOEI1RkU3
RjYxRDY3QjBCRTEzQi5jZXIwVQYIKwYBBQUHAQsESTBHMEUGCCsGAQUFBzALhjly
c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS80
L0FTMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBtQYIKwYBBQUHAQcB
Af8EgaUwgaIwgZ8EAgACMIGYAwYAKgXfwQMDBgAqBd/BCDAQAwYAKgXfwSUDBgAq
Bd/BJjAQAwYDKgXfwSgDBgAqBd/BKgMGASoF38EwMBADBgAqBd/BOQMGAioF38E4
AwYAKgXfwVADBgAqBd/BZwMGASoF38FsAwYAKgXfwYYDBgAqBd/BjTAQAwYAKgpg
QIsDBgAqCmBAjAMGACoKYECbAwYAKgpgQO8wDQYJKoZIhvcNAQELBQADggEBALbs
YucYbqBTyBl92lNz/VKAXTbUStE6w+M0hdkPT4AQlrL9x7RZoQu79f2gTkq8l0cw
cqIDh7CyEC9UHoduuOgmRgbXEDAF/svnKuqZIlSTdPwtstd0mS+Su0BWDq3xZ4q/
l7fbwHIGfBLBBHE9/i/GAszht4cHD7+gttyTor6STGfTykWxFfSjMbWxrO/5ntFX
23JOzmKLbPE03uYZdvhwIskvVqz6ULq2/cgGllW6JNNTK8oKJ8014VLkZ4OO4oyY
L9KBijLYdmFZ8dN2Gtqx2yIgbDHOjOGSzJGRpNO6icJFzt7W2Hdqxb4c84HJzmZy
3TjiLmB7MmLh0Bp1Mww=
-----END CERTIFICATE-----
Generated at Sat Jul 5 03:40:32 2025 by rpki-client