$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS209686.roa File: AS209686.roa (raw, json) Hash identifier: fgnCeN6idiEOzpo1QKsPo5P4uAoleGB7dTYvQDJHEM0= Subject key identifier: 8D:FE:FA:00:9D:35:B0:5F:92:D9:8F:01:3B:1C:9E:8E:63:66:0D:B4 Certificate issuer: /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Certificate serial: 7E4DC05B487784A07F7C858677C04AF43F081E78 Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS209686.roa Signing time: Thu 24 Apr 2025 12:46:12 +0000 ROA not before: Thu 24 Apr 2025 12:41:12 +0000 ROA not after: Thu 23 Apr 2026 12:46:12 +0000 asID: 209686 IP address blocks: 2a05:dfc1:5a00::/40 maxlen: 48 Validation: OK Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 16 Jun 2025 08:59:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:4d:c0:5b:48:77:84:a0:7f:7c:85:86:77:c0:4a:f4:3f:08:1e:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9 Validity Not Before: Apr 24 12:41:12 2025 GMT Not After : Apr 23 12:46:12 2026 GMT Subject: CN=8DFEFA009D35B05F92D98F013B1C9E8E63660DB4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:32:67:5f:4d:b8:7a:05:b9:5a:74:4c:36:e0: a7:51:e7:e4:45:0f:b0:13:07:4d:7f:e0:77:dd:c8: 3a:17:e1:96:07:7b:e2:cf:51:9c:1c:f2:22:a8:04: bc:47:41:37:18:d9:35:ac:7f:62:c5:5b:e5:3b:24: 24:8f:ad:02:3c:89:06:66:11:cc:f8:39:0c:41:9d: fe:1d:f6:5b:12:d7:34:52:cd:8e:5b:6c:f4:65:ad: 9a:f0:03:f8:1e:5d:ff:48:ac:cf:74:f7:9b:2e:27: d4:5e:e2:1b:0e:d8:ca:3a:6b:ab:47:e3:57:28:ec: c0:a6:82:c3:9b:60:bf:8c:86:25:e5:6d:cf:74:e7: 84:7a:ba:de:69:69:08:2c:6c:43:95:8a:84:17:dd: 70:13:93:65:ee:2a:13:65:7f:40:da:42:64:a6:25: ad:ed:fb:fd:2e:fe:71:6f:ed:da:9c:3b:fd:02:a8: ea:95:8f:37:46:11:f4:64:27:9d:c8:26:2e:fe:82: 4e:24:f6:1d:33:4b:c2:71:bd:1b:1e:d1:0b:e5:3e: 76:0e:e1:0a:b4:f5:03:cb:3a:f2:77:a0:f1:a4:c9: 7e:a6:29:b7:11:f2:11:12:13:91:db:a9:69:c0:77: f5:b5:67:48:9b:53:05:fb:97:be:a7:b0:14:da:3a: 83:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:FE:FA:00:9D:35:B0:5F:92:D9:8F:01:3B:1C:9E:8E:63:66:0D:B4 X509v3 Authority Key Identifier: keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer Subject Information Access: Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS209686.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc1:5a00::/40 Signature Algorithm: sha256WithRSAEncryption 6a:da:c8:4a:9a:d5:57:9b:1a:c7:26:df:2d:f8:c4:a1:00:22: d7:b8:49:68:e6:6c:bc:f4:36:43:51:06:55:e3:7d:32:65:0f: 61:b6:b6:18:a7:43:fa:91:09:7e:c9:3a:d7:c1:41:96:9a:a2: cd:6f:13:32:0a:78:56:7a:52:2a:a9:24:68:5a:df:ec:78:93: 00:a1:b8:83:79:aa:52:4f:ae:ac:2b:36:9a:4c:e4:75:1c:a9: f1:48:f3:28:77:aa:f4:75:39:11:7b:14:ba:c7:c4:11:9d:29: 91:32:fa:a8:00:5f:dd:71:25:12:3b:45:d8:84:ad:e7:71:4b: aa:18:c3:1d:5f:c2:ae:30:80:e1:75:0d:d7:06:65:29:6d:b8: 67:89:68:81:8f:18:56:9b:69:df:c7:b1:bc:ad:08:b0:d8:6d: 01:c5:fa:6b:26:1b:c9:00:a1:45:e3:2f:f8:f6:bd:3d:be:ab: 0b:14:06:b9:03:0c:81:d7:49:c3:79:3e:6c:3c:6f:65:ed:45: 5a:b3:97:35:50:97:0a:51:b3:5b:f0:f0:e6:de:0d:c3:bf:b8: 5d:1d:11:3d:30:8f:0b:c8:de:b0:d4:31:5e:d9:03:65:96:cd: b1:11:ff:24:c7:7c:de:46:51:b3:e4:3b:b4:e4:1b:e1:36:50: 1c:7b:5a:8f -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUfk3AW0h3hKB/fIWGd8BK9D8IHngwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOTAeFw0yNTA0MjQxMjQxMTJaFw0yNjA0MjMxMjQ2MTJaMDMxMTAvBgNV BAMTKDhERkVGQTAwOUQzNUIwNUY5MkQ5OEYwMTNCMUM5RThFNjM2NjBEQjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUMmdfTbh6BbladEw24KdR5+RF D7ATB01/4HfdyDoX4ZYHe+LPUZwc8iKoBLxHQTcY2TWsf2LFW+U7JCSPrQI8iQZm Ecz4OQxBnf4d9lsS1zRSzY5bbPRlrZrwA/geXf9IrM9095suJ9Re4hsO2Mo6a6tH 41co7MCmgsObYL+MhiXlbc9054R6ut5paQgsbEOVioQX3XATk2XuKhNlf0DaQmSm Ja3t+/0u/nFv7dqcO/0CqOqVjzdGEfRkJ53IJi7+gk4k9h0zS8JxvRse0QvlPnYO 4Qq09QPLOvJ3oPGkyX6mKbcR8hESE5HbqWnAd/W1Z0ibUwX7l76nsBTaOoMnAgMB AAGjggH0MIIB8DAdBgNVHQ4EFgQUjf76AJ01sF+S2Y8BOxyejmNmDbQwHwYDVR0j BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3 NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5 bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2 M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD MjQzOUI3NkQ4NUFGOS5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w L0FTMjA5Njg2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXfwVowDQYJKoZIhvcNAQELBQADggEBAGra yEqa1VebGscm3y34xKEAIte4SWjmbLz0NkNRBlXjfTJlD2G2thinQ/qRCX7JOtfB QZaaos1vEzIKeFZ6UiqpJGha3+x4kwChuIN5qlJPrqwrNppM5HUcqfFI8yh3qvR1 ORF7FLrHxBGdKZEy+qgAX91xJRI7RdiEredxS6oYwx1fwq4wgOF1DdcGZSltuGeJ aIGPGFabad/HsbytCLDYbQHF+msmG8kAoUXjL/j2vT2+qwsUBrkDDIHXScN5Pmw8 b2XtRVqzlzVQlwpRs1vw8ObeDcO/uF0dET0wjwvI3rDUMV7ZA2WWzbER/yTHfN5G UbPkO7TkG+E2UBx7Wo8= -----END CERTIFICATE-----Generated at Sun Jun 15 23:53:15 2025 by rpki-client