$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/AS216123.roa File: AS216123.roa (raw, json) Hash identifier: fOH15xMm5A53K6uLMVXwWv6R+uuokhP7Pqq36VxW1F4= Subject key identifier: 9A:2F:FF:D6:D8:E0:89:F7:E3:76:B9:1E:BD:B7:42:CE:27:9A:FF:B5 Certificate issuer: /CN=8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B Certificate serial: 258F36717E1DC3061FF4559676CC1137B8B406BC Authority key identifier: 8F:C3:CF:B5:DF:3E:8F:72:1C:08:B8:B5:FE:7F:61:D6:7B:0B:E1:3B Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/AS216123.roa Signing time: Fri 04 Jul 2025 06:53:10 +0000 ROA not before: Fri 04 Jul 2025 06:48:10 +0000 ROA not after: Fri 03 Jul 2026 06:53:10 +0000 asID: 216123 IP address blocks: 2a05:dfc1:a900::/40 maxlen: 48 Validation: OK Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.crl rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 06 Jul 2025 02:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:8f:36:71:7e:1d:c3:06:1f:f4:55:96:76:cc:11:37:b8:b4:06:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B Validity Not Before: Jul 4 06:48:10 2025 GMT Not After : Jul 3 06:53:10 2026 GMT Subject: CN=9A2FFFD6D8E089F7E376B91EBDB742CE279AFFB5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:66:0e:c0:cb:ff:0c:7a:23:6b:e7:c1:68:d6: 0e:cb:ff:27:d3:08:89:ca:f4:f8:14:79:56:dc:90: a1:1e:e8:e4:e5:84:99:08:4d:74:86:83:12:9d:a0: 00:98:33:6f:b9:f0:42:3c:52:75:6b:98:4d:b0:ad: 74:67:c2:66:50:cf:3d:4f:9a:67:d9:6d:80:05:4d: cb:91:15:af:ce:d9:7d:ba:2f:a8:46:23:e1:c8:ed: 8d:5a:87:b2:c1:78:b1:7e:e6:06:3f:1f:7e:94:a2: 15:95:88:64:a3:47:35:bc:82:4d:30:01:bc:31:50: de:0c:52:dd:53:c3:d2:35:da:35:15:56:84:fe:67: 20:7c:d9:a9:8d:fe:d7:b7:ba:33:b5:75:50:83:65: 0a:69:ac:f5:e7:ae:98:81:0c:f7:bc:95:ce:62:10: a7:5a:30:f3:f8:d8:8f:77:ea:28:34:98:ef:ef:6c: f7:01:db:1a:59:ab:33:4e:2a:76:cc:f5:a1:77:d4: 73:17:c3:91:7b:02:af:54:68:38:85:1a:c7:87:85: a5:c5:92:a1:22:07:8f:e9:1b:70:ed:47:dc:b0:ed: af:a0:6f:96:f0:45:1e:e3:85:fd:21:d6:b0:94:17: 82:a4:40:a9:fc:16:0c:b8:23:84:44:88:49:57:30: 55:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:2F:FF:D6:D8:E0:89:F7:E3:76:B9:1E:BD:B7:42:CE:27:9A:FF:B5 X509v3 Authority Key Identifier: keyid:8F:C3:CF:B5:DF:3E:8F:72:1C:08:B8:B5:FE:7F:61:D6:7B:0B:E1:3B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer Subject Information Access: Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/AS216123.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc1:a900::/40 Signature Algorithm: sha256WithRSAEncryption cf:bd:40:c8:ce:83:e7:68:88:00:d4:b9:1c:73:25:d7:12:2b: 89:cf:4c:ae:77:4e:5e:b3:8b:0e:69:4f:8c:1a:91:91:79:26: 4e:be:c0:1e:f9:c6:3f:dc:d7:03:93:08:9f:06:71:97:42:8e: 25:32:b0:be:22:2d:e6:c3:6b:50:2c:52:c5:a1:fe:c7:9c:7a: 40:a9:e4:01:fc:83:37:5d:f2:b0:05:fb:81:f9:ac:15:cf:27: 6a:8a:da:ee:fa:d7:64:4e:6d:de:c5:87:fe:aa:b4:45:8e:b0: aa:35:9e:45:65:c4:e6:97:99:b6:7a:99:70:b3:a4:7a:67:23: 89:98:bd:a8:de:18:47:00:07:ff:08:58:b8:ae:89:49:70:cd: d4:2b:fa:bc:9c:12:58:d4:19:4d:bb:79:9e:d5:54:fe:24:45: 1f:65:8a:14:d4:f1:6b:33:9b:25:62:89:b6:83:c6:96:8d:c1: 09:9f:04:68:db:3b:4b:41:22:41:c9:16:b8:0d:ad:dd:87:65: 4a:6c:d4:92:b8:e6:2a:85:13:1c:6c:29:ed:de:3a:68:fc:ea: cc:a0:76:22:c7:5a:ec:67:70:90:71:bb:69:e1:d8:75:c1:41: ad:8e:7e:a0:1e:6a:32:91:51:ce:64:a7:27:89:20:db:0a:5a: 0c:a8:40:02 -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUJY82cX4dwwYf9FWWdswRN7i0BrwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEZDM0NGQjVERjNFOEY3MjFDMDhCOEI1RkU3RjYxRDY3 QjBCRTEzQjAeFw0yNTA3MDQwNjQ4MTBaFw0yNjA3MDMwNjUzMTBaMDMxMTAvBgNV BAMTKDlBMkZGRkQ2RDhFMDg5RjdFMzc2QjkxRUJEQjc0MkNFMjc5QUZGQjUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoZg7Ay/8MeiNr58Fo1g7L/yfT CInK9PgUeVbckKEe6OTlhJkITXSGgxKdoACYM2+58EI8UnVrmE2wrXRnwmZQzz1P mmfZbYAFTcuRFa/O2X26L6hGI+HI7Y1ah7LBeLF+5gY/H36UohWViGSjRzW8gk0w AbwxUN4MUt1Tw9I12jUVVoT+ZyB82amN/te3ujO1dVCDZQpprPXnrpiBDPe8lc5i EKdaMPP42I936ig0mO/vbPcB2xpZqzNOKnbM9aF31HMXw5F7Aq9UaDiFGseHhaXF kqEiB4/pG3DtR9yw7a+gb5bwRR7jhf0h1rCUF4KkQKn8Fgy4I4REiElXMFWhAgMB AAGjggH0MIIB8DAdBgNVHQ4EFgQUmi//1tjgiffjdrkevbdCziea/7UwHwYDVR0j BBgwFoAUj8PPtd8+j3IcCLi1/n9h1nsL4TswDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v Q0xPVURJRS1SUEtJLzQvOEZDM0NGQjVERjNFOEY3MjFDMDhCOEI1RkU3RjYxRDY3 QjBCRTEzQi5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5 bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2 M2UwMTg1NzU1YzkxYmUzZjlkLzcvOEZDM0NGQjVERjNFOEY3MjFDMDhCOEI1RkU3 RjYxRDY3QjBCRTEzQi5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS80 L0FTMjE2MTIzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXfwakwDQYJKoZIhvcNAQELBQADggEBAM+9 QMjOg+doiADUuRxzJdcSK4nPTK53Tl6ziw5pT4wakZF5Jk6+wB75xj/c1wOTCJ8G cZdCjiUysL4iLebDa1AsUsWh/secekCp5AH8gzdd8rAF+4H5rBXPJ2qK2u7612RO bd7Fh/6qtEWOsKo1nkVlxOaXmbZ6mXCzpHpnI4mYvajeGEcAB/8IWLiuiUlwzdQr +rycEljUGU27eZ7VVP4kRR9lihTU8WszmyViibaDxpaNwQmfBGjbO0tBIkHJFrgN rd2HZUps1JK45iqFExxsKe3eOmj86sygdiLHWuxncJBxu2nh2HXBQa2OfqAeajKR Uc5kpyeJINsKWgyoQAI= -----END CERTIFICATE-----Generated at Sat Jul 5 04:02:10 2025 by rpki-client