Route Origin Authorization

$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/AS210965.roa
File:                     AS210965.roa (raw, json)
Hash identifier:          7wpqw9crzkShlP0fxAN+yNO+QBO//p71erQF0HFKEB8=
Subject key identifier:   18:25:6B:7E:96:55:56:C0:33:C6:59:3B:EF:84:C4:AE:C7:E8:91:21
Certificate issuer:       /CN=8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B
Certificate serial:       33EA68F9C58972DD5B7273C5FC3DAFACE1650980
Authority key identifier: 8F:C3:CF:B5:DF:3E:8F:72:1C:08:B8:B5:FE:7F:61:D6:7B:0B:E1:3B
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer
Subject info access:      rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/AS210965.roa
Signing time:             Fri 04 Jul 2025 06:52:58 +0000
ROA not before:           Fri 04 Jul 2025 06:47:58 +0000
ROA not after:            Fri 03 Jul 2026 06:52:58 +0000
asID:                     210965
IP address blocks:        2a0a:6040:b400::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.crl
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 06 Jul 2025 01:40:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            33:ea:68:f9:c5:89:72:dd:5b:72:73:c5:fc:3d:af:ac:e1:65:09:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B
        Validity
            Not Before: Jul  4 06:47:58 2025 GMT
            Not After : Jul  3 06:52:58 2026 GMT
        Subject: CN=18256B7E965556C033C6593BEF84C4AEC7E89121
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:13:2c:91:0b:e0:21:64:91:9a:e2:74:05:ff:
                    80:d4:45:04:0c:29:92:16:41:9a:a0:ac:e2:01:25:
                    07:50:fd:ff:18:62:69:e7:15:be:e9:7e:80:76:13:
                    49:67:73:98:df:d6:05:33:48:e5:09:6f:66:73:23:
                    50:13:10:09:f1:01:d4:f3:dc:9d:c0:ae:84:6d:fd:
                    38:f6:f1:9a:3d:e4:c2:0c:2e:96:46:7c:d8:4a:0d:
                    52:85:36:cb:d4:db:b6:d2:c3:9a:43:6f:9d:80:a8:
                    ef:1d:58:36:bc:8e:8d:a7:80:09:34:89:57:b4:f7:
                    9f:42:8c:db:81:2c:95:c0:3b:6a:8d:26:dc:44:13:
                    3d:c3:0d:94:87:db:14:c1:e4:78:9c:a7:f7:17:58:
                    0c:d0:ed:5d:f1:e6:0f:6f:95:b1:b9:4e:41:30:2c:
                    e4:b4:f9:8e:1e:48:e3:77:0f:55:43:34:70:e0:89:
                    25:d4:21:04:2b:36:ec:34:66:fa:a2:fc:27:6d:bc:
                    86:08:da:99:47:5d:36:c1:0f:2b:e2:85:63:26:83:
                    52:fb:9c:57:a1:2e:cb:a0:fe:cf:02:3f:3c:6e:64:
                    e8:85:5f:19:24:05:e6:15:91:2d:e7:92:f8:cf:f0:
                    72:f5:74:b7:60:94:af:dc:dc:6e:27:71:c9:a5:d9:
                    71:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:25:6B:7E:96:55:56:C0:33:C6:59:3B:EF:84:C4:AE:C7:E8:91:21
            X509v3 Authority Key Identifier:
                keyid:8F:C3:CF:B5:DF:3E:8F:72:1C:08:B8:B5:FE:7F:61:D6:7B:0B:E1:3B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer

            Subject Information Access:
                Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/AS210965.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6040:b400::/40

    Signature Algorithm: sha256WithRSAEncryption
         21:9f:da:84:36:f0:05:e9:92:57:35:dd:de:24:d4:ed:aa:c5:
         f0:bd:c9:41:a4:08:4d:ac:d9:45:24:46:33:76:d7:eb:33:ab:
         a9:38:73:ca:02:b7:bb:07:cc:de:5d:7f:70:8a:8a:70:0e:aa:
         83:c2:c4:95:57:ec:15:e5:e4:62:7e:83:c3:f9:86:81:ab:ec:
         9d:b6:ca:a8:55:d9:a3:62:bf:2f:5e:26:5f:d6:73:b1:6d:6e:
         8d:f0:a5:be:f2:9a:c4:3a:26:a0:e8:47:68:6b:61:0d:be:59:
         99:c4:69:bb:20:47:d8:b3:d1:2e:5f:8e:7e:48:6f:8c:f2:c4:
         a6:fa:ab:da:37:2d:08:62:49:02:41:a7:96:41:43:14:df:45:
         46:bd:79:81:02:1b:09:5c:21:e2:3a:5a:de:a0:1d:d0:1c:26:
         87:f8:f8:ac:15:f9:c1:f2:dd:99:5d:03:6f:35:45:2f:3c:03:
         66:58:92:5e:55:c7:6d:d7:38:0a:a4:7b:c3:fd:fd:f0:e8:7f:
         73:91:8c:67:d4:6a:1c:bd:a9:43:07:e5:a0:31:bc:ca:b7:6d:
         4c:f8:45:15:3a:09:1a:16:9b:62:b0:6f:89:23:c2:93:09:04:
         f1:44:c4:f9:f9:2b:a9:80:6f:9c:22:d5:60:a7:6e:c7:ac:4c:
         63:69:0b:54
-----BEGIN CERTIFICATE-----
MIIE6jCCA9KgAwIBAgIUM+po+cWJct1bcnPF/D2vrOFlCYAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEZDM0NGQjVERjNFOEY3MjFDMDhCOEI1RkU3RjYxRDY3
QjBCRTEzQjAeFw0yNTA3MDQwNjQ3NThaFw0yNjA3MDMwNjUyNThaMDMxMTAvBgNV
BAMTKDE4MjU2QjdFOTY1NTU2QzAzM0M2NTkzQkVGODRDNEFFQzdFODkxMjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfEyyRC+AhZJGa4nQF/4DURQQM
KZIWQZqgrOIBJQdQ/f8YYmnnFb7pfoB2E0lnc5jf1gUzSOUJb2ZzI1ATEAnxAdTz
3J3AroRt/Tj28Zo95MIMLpZGfNhKDVKFNsvU27bSw5pDb52AqO8dWDa8jo2ngAk0
iVe0959CjNuBLJXAO2qNJtxEEz3DDZSH2xTB5Hicp/cXWAzQ7V3x5g9vlbG5TkEw
LOS0+Y4eSON3D1VDNHDgiSXUIQQrNuw0Zvqi/CdtvIYI2plHXTbBDyvihWMmg1L7
nFehLsug/s8CPzxuZOiFXxkkBeYVkS3nkvjP8HL1dLdglK/c3G4nccml2XFtAgMB
AAGjggH0MIIB8DAdBgNVHQ4EFgQUGCVrfpZVVsAzxlk774TErsfokSEwHwYDVR0j
BBgwFoAUj8PPtd8+j3IcCLi1/n9h1nsL4TswDgYDVR0PAQH/BAQDAgeAMG8GA1Ud
HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v
Q0xPVURJRS1SUEtJLzQvOEZDM0NGQjVERjNFOEY3MjFDMDhCOEI1RkU3RjYxRDY3
QjBCRTEzQi5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5
bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2
M2UwMTg1NzU1YzkxYmUzZjlkLzcvOEZDM0NGQjVERjNFOEY3MjFDMDhCOEI1RkU3
RjYxRDY3QjBCRTEzQi5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y
c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS80
L0FTMjEwOTY1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF
BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgpgQLQwDQYJKoZIhvcNAQELBQADggEBACGf
2oQ28AXpklc13d4k1O2qxfC9yUGkCE2s2UUkRjN21+szq6k4c8oCt7sHzN5df3CK
inAOqoPCxJVX7BXl5GJ+g8P5hoGr7J22yqhV2aNivy9eJl/Wc7Ftbo3wpb7ymsQ6
JqDoR2hrYQ2+WZnEabsgR9iz0S5fjn5Ib4zyxKb6q9o3LQhiSQJBp5ZBQxTfRUa9
eYECGwlcIeI6Wt6gHdAcJof4+KwV+cHy3ZldA281RS88A2ZYkl5Vx23XOAqke8P9
/fDof3ORjGfUahy9qUMH5aAxvMq3bUz4RRU6CRoWm2Kwb4kjwpMJBPFExPn5K6mA
b5wi1WCnbsesTGNpC1Q=
-----END CERTIFICATE-----
Generated at Sat Jul 5 03:57:47 2025 by rpki-client