$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS211962.roa File: AS211962.roa (raw, json) Hash identifier: OcFVKi+KfqlehGv5xTAP+uVupmcBPUqtGVGE5+cIJaA= Subject key identifier: 64:C1:1E:D9:69:37:1A:BF:9D:31:E6:76:3E:5F:D7:49:02:42:43:8B Certificate issuer: /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Certificate serial: 330E34C03537950EC058EE2C98CB190116ED557D Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS211962.roa Signing time: Mon 28 Apr 2025 22:46:17 +0000 ROA not before: Mon 28 Apr 2025 22:41:17 +0000 ROA not after: Mon 27 Apr 2026 22:46:17 +0000 asID: 211962 IP address blocks: 2a06:9f81:4400::/40 maxlen: 48 Validation: OK Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 07 May 2025 04:33:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:0e:34:c0:35:37:95:0e:c0:58:ee:2c:98:cb:19:01:16:ed:55:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Validity Not Before: Apr 28 22:41:17 2025 GMT Not After : Apr 27 22:46:17 2026 GMT Subject: CN=64C11ED969371ABF9D31E6763E5FD7490242438B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:21:ea:21:ce:ae:59:a6:5c:7b:e6:35:7a:c8: ef:41:bf:c8:f9:a3:a7:49:be:43:0d:f1:c9:1e:51: 26:bb:2d:40:d8:53:bb:cb:10:43:cb:e5:99:f7:95: c6:5f:0e:de:2f:a5:ea:d1:f7:2e:81:81:f3:0a:30: 41:8f:75:ba:2a:2b:34:3c:7b:ab:e3:de:1a:dc:a1: 1e:b9:ae:7a:a7:42:56:f9:fd:2a:57:ab:b8:2c:64: 37:f0:45:3a:27:ee:6f:b6:f3:50:5e:59:b9:28:83: c3:cd:34:ba:c5:f2:9d:4f:c5:6a:b4:fc:32:ef:2a: a0:24:f6:ef:4d:ae:b4:ea:ef:db:da:e2:32:11:81: ad:bc:a3:6a:81:5c:33:1e:41:a2:72:a9:ee:10:78: 71:d6:64:37:ba:aa:b9:e1:99:2f:12:df:b4:15:ad: e5:f6:fa:21:6e:f9:ff:ee:56:d7:3d:18:55:70:50: 63:64:51:5b:ca:45:78:fe:dc:ba:3d:ff:63:9f:9f: 7c:eb:e2:31:2f:e5:a5:43:7c:bf:38:c4:bc:bf:68: 11:e1:e3:0e:be:41:1a:c2:8f:e7:da:b6:4c:23:2b: 32:9f:25:83:72:10:47:0b:64:de:0f:d6:94:01:0a: 5f:f7:14:ee:0d:ba:59:97:50:54:90:fa:16:26:1a: ab:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:C1:1E:D9:69:37:1A:BF:9D:31:E6:76:3E:5F:D7:49:02:42:43:8B X509v3 Authority Key Identifier: keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject Information Access: Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS211962.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a06:9f81:4400::/40 Signature Algorithm: sha256WithRSAEncryption 2c:4a:6b:25:8e:01:8a:cc:fd:f1:08:bb:6f:17:19:92:fc:3c: 99:71:6b:f4:3f:47:aa:3b:f0:2f:25:04:c3:ba:20:1a:ee:87: 6c:25:97:a0:87:6f:3b:74:9e:51:0f:ee:db:25:1b:ae:a6:7d: 83:8f:81:13:85:cf:f5:ba:51:30:57:6c:24:b3:a5:e1:b3:01: be:64:dc:5b:9c:5f:44:6e:6e:29:66:10:8d:aa:8a:8f:46:ec: b8:66:22:7a:ee:21:2d:d8:09:57:dd:46:92:d1:89:be:aa:53: 89:d6:62:11:02:ec:5a:db:15:fb:ab:df:8a:00:41:c1:0a:2d: e4:e5:08:9c:81:2a:43:89:2f:29:c4:cf:48:3b:e7:f4:74:73: 11:d2:b8:8c:24:6e:d8:23:46:bc:19:07:2d:68:d0:ce:e0:4d: f1:0a:31:ad:43:3f:58:c6:22:10:ca:d5:a9:b7:b3:a3:a5:e1: 1e:b4:25:c4:6b:df:03:65:36:19:bb:1b:93:83:d6:23:d6:62: be:70:94:66:c1:ee:6b:cf:84:7a:61:86:f6:81:bd:a3:0d:20: 3c:ed:38:68:de:f7:10:48:39:ea:65:37:75:c7:f1:6f:91:59: 5d:f3:7d:2c:c7:99:f3:06:a5:22:8d:1d:d9:4e:75:86:72:2f: dc:5e:82:ab -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUMw40wDU3lQ7AWO4smMsZARbtVX0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOTAeFw0yNTA0MjgyMjQxMTdaFw0yNjA0MjcyMjQ2MTdaMDMxMTAvBgNV BAMTKDY0QzExRUQ5NjkzNzFBQkY5RDMxRTY3NjNFNUZENzQ5MDI0MjQzOEIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTIeohzq5Zplx75jV6yO9Bv8j5 o6dJvkMN8ckeUSa7LUDYU7vLEEPL5Zn3lcZfDt4vperR9y6BgfMKMEGPdboqKzQ8 e6vj3hrcoR65rnqnQlb5/SpXq7gsZDfwRTon7m+281BeWbkog8PNNLrF8p1PxWq0 /DLvKqAk9u9NrrTq79va4jIRga28o2qBXDMeQaJyqe4QeHHWZDe6qrnhmS8S37QV reX2+iFu+f/uVtc9GFVwUGNkUVvKRXj+3Lo9/2Ofn3zr4jEv5aVDfL84xLy/aBHh 4w6+QRrCj+fatkwjKzKfJYNyEEcLZN4P1pQBCl/3FO4NulmXUFSQ+hYmGqv1AgMB AAGjggH0MIIB8DAdBgNVHQ4EFgQUZMEe2Wk3Gr+dMeZ2Pl/XSQJCQ4swHwYDVR0j BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5 bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2 M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD MjQzOUI3NkQ4NUFGOS5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w L0FTMjExOTYyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgafgUQwDQYJKoZIhvcNAQELBQADggEBACxK ayWOAYrM/fEIu28XGZL8PJlxa/Q/R6o78C8lBMO6IBruh2wll6CHbzt0nlEP7tsl G66mfYOPgROFz/W6UTBXbCSzpeGzAb5k3FucX0RubilmEI2qio9G7LhmInruIS3Y CVfdRpLRib6qU4nWYhEC7FrbFfur34oAQcEKLeTlCJyBKkOJLynEz0g75/R0cxHS uIwkbtgjRrwZBy1o0M7gTfEKMa1DP1jGIhDK1am3s6Ol4R60JcRr3wNlNhm7G5OD 1iPWYr5wlGbB7mvPhHphhvaBvaMNIDztOGje9xBIOeplN3XH8W+RWV3zfSzHmfMG pSKNHdlOdYZyL9xegqs= -----END CERTIFICATE-----Generated at Tue May 6 21:19:33 2025 by rpki-client