$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/AS198889.roa File: AS198889.roa (raw, json) Hash identifier: L0QgedTl8tLxmVvkQMGgpLin23hgMqUMp6I2URA7JJY= Subject key identifier: 9F:9C:F9:84:8C:CB:85:A4:CE:DA:5E:E8:19:02:29:F2:F8:74:F8:31 Certificate issuer: /CN=8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B Certificate serial: 42EC6D2A797BEE55A5DDCAC09FC1CE3CEFBC815A Authority key identifier: 8F:C3:CF:B5:DF:3E:8F:72:1C:08:B8:B5:FE:7F:61:D6:7B:0B:E1:3B Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/AS198889.roa Signing time: Fri 04 Jul 2025 06:53:25 +0000 ROA not before: Fri 04 Jul 2025 06:48:25 +0000 ROA not after: Fri 03 Jul 2026 06:53:25 +0000 asID: 198889 IP address blocks: 2a05:dfc1:3c00::/40 maxlen: 48 Validation: OK Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.crl rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 05 Nov 2025 22:27:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:ec:6d:2a:79:7b:ee:55:a5:dd:ca:c0:9f:c1:ce:3c:ef:bc:81:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B Validity Not Before: Jul 4 06:48:25 2025 GMT Not After : Jul 3 06:53:25 2026 GMT Subject: CN=9F9CF9848CCB85A4CEDA5EE8190229F2F874F831 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:1e:ab:e1:4f:af:aa:6c:48:2f:55:84:f5:6e: 5e:ac:97:b7:70:00:6a:e2:f8:6e:89:7c:85:3b:69: 6e:f8:06:05:fd:d3:ec:8a:0e:df:35:6c:79:57:74: db:f8:eb:6b:58:e2:b8:ae:09:95:7c:fb:bf:03:b3: f9:2b:7d:6f:64:26:4d:bc:08:a0:10:95:5b:50:72: ca:d9:ff:7a:7c:0b:e1:cb:08:9c:ff:90:42:32:50: 45:a4:cb:51:c0:37:f8:91:c4:4b:2f:40:1a:3f:70: 85:00:8b:f3:02:e3:94:82:99:db:14:7f:6d:fd:55: fb:7b:39:8e:b1:6f:70:c4:44:f4:8c:88:51:18:3a: 05:dc:ec:47:2d:41:cf:9b:08:0b:28:50:12:70:29: ec:3d:b4:9e:ce:37:d8:f5:de:f7:8e:33:42:c6:36: c4:b6:23:a2:f8:06:ce:4b:19:d6:46:44:7a:48:9d: 01:82:c6:e7:ee:fb:ac:8b:81:12:04:c9:df:8b:a6: 70:54:1a:d8:23:6f:ca:c8:48:21:ca:e9:3c:1a:df: ca:9f:32:dc:3d:1e:bb:49:31:fa:19:3d:ac:d2:0f: 3f:ea:74:3d:f3:de:86:70:8f:f0:b9:71:1f:3f:32: 5c:42:2b:b7:53:44:53:a3:2b:13:7a:67:7c:f4:e6: 55:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:9C:F9:84:8C:CB:85:A4:CE:DA:5E:E8:19:02:29:F2:F8:74:F8:31 X509v3 Authority Key Identifier: keyid:8F:C3:CF:B5:DF:3E:8F:72:1C:08:B8:B5:FE:7F:61:D6:7B:0B:E1:3B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer Subject Information Access: Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/AS198889.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc1:3c00::/40 Signature Algorithm: sha256WithRSAEncryption 14:fe:d9:e1:47:73:1d:0d:0d:b2:f6:bc:85:0d:1b:5a:df:41: 45:75:fd:ac:d2:14:49:49:25:51:b9:d8:42:57:f7:d0:ed:52: 1b:e1:16:b7:55:ea:c0:cb:c9:04:00:b8:a0:18:42:5a:8f:36: 8c:80:c2:30:d1:52:2c:89:cb:2f:39:2e:42:e9:a0:d8:d6:77: 25:59:d9:7e:30:a3:ca:5b:af:99:c7:02:3c:dc:60:6b:03:00: 07:e5:32:44:60:fd:42:f4:99:c3:87:8e:d9:e3:d0:ea:3b:f3: ea:25:b1:04:81:e7:d7:fb:bb:25:08:1b:71:9a:08:bd:1e:3d: 1b:40:5e:aa:2b:ac:be:9a:10:0b:b5:d4:f4:c4:f6:9f:54:cd: 95:a0:dc:71:69:20:41:f3:a3:b3:86:4f:8d:19:f1:b2:35:09: 6c:cf:35:a0:0d:0c:82:9c:ff:92:2a:e8:aa:f1:b6:c4:ea:42: 55:ef:a0:45:f8:6f:9e:36:84:bd:5a:f6:66:ae:c8:9c:76:ca: 71:90:0a:33:4c:62:fb:89:d2:c2:fe:1d:fa:6f:7f:4d:c7:6e: ac:aa:6b:d2:f8:75:ad:37:f0:77:17:56:ce:82:47:b1:0f:55: 72:58:6e:3d:77:b0:60:27:8c:b7:6d:84:f1:da:e3:14:53:10: b1:29:3a:48 -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUQuxtKnl77lWl3crAn8HOPO+8gVowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEZDM0NGQjVERjNFOEY3MjFDMDhCOEI1RkU3RjYxRDY3 QjBCRTEzQjAeFw0yNTA3MDQwNjQ4MjVaFw0yNjA3MDMwNjUzMjVaMDMxMTAvBgNV BAMTKDlGOUNGOTg0OENDQjg1QTRDRURBNUVFODE5MDIyOUYyRjg3NEY4MzEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaHqvhT6+qbEgvVYT1bl6sl7dw AGri+G6JfIU7aW74BgX90+yKDt81bHlXdNv462tY4riuCZV8+78Ds/krfW9kJk28 CKAQlVtQcsrZ/3p8C+HLCJz/kEIyUEWky1HAN/iRxEsvQBo/cIUAi/MC45SCmdsU f239Vft7OY6xb3DERPSMiFEYOgXc7EctQc+bCAsoUBJwKew9tJ7ON9j13veOM0LG NsS2I6L4Bs5LGdZGRHpInQGCxufu+6yLgRIEyd+LpnBUGtgjb8rISCHK6Twa38qf Mtw9HrtJMfoZPazSDz/qdD3z3oZwj/C5cR8/MlxCK7dTRFOjKxN6Z3z05lWdAgMB AAGjggH0MIIB8DAdBgNVHQ4EFgQUn5z5hIzLhaTO2l7oGQIp8vh0+DEwHwYDVR0j BBgwFoAUj8PPtd8+j3IcCLi1/n9h1nsL4TswDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v Q0xPVURJRS1SUEtJLzQvOEZDM0NGQjVERjNFOEY3MjFDMDhCOEI1RkU3RjYxRDY3 QjBCRTEzQi5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5 bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2 M2UwMTg1NzU1YzkxYmUzZjlkLzcvOEZDM0NGQjVERjNFOEY3MjFDMDhCOEI1RkU3 RjYxRDY3QjBCRTEzQi5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS80 L0FTMTk4ODg5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXfwTwwDQYJKoZIhvcNAQELBQADggEBABT+ 2eFHcx0NDbL2vIUNG1rfQUV1/azSFElJJVG52EJX99DtUhvhFrdV6sDLyQQAuKAY QlqPNoyAwjDRUiyJyy85LkLpoNjWdyVZ2X4wo8pbr5nHAjzcYGsDAAflMkRg/UL0 mcOHjtnj0Oo78+olsQSB59f7uyUIG3GaCL0ePRtAXqorrL6aEAu11PTE9p9UzZWg 3HFpIEHzo7OGT40Z8bI1CWzPNaANDIKc/5Iq6KrxtsTqQlXvoEX4b542hL1a9mau yJx2ynGQCjNMYvuJ0sL+Hfpvf03Hbqyqa9L4da038HcXVs6CR7EPVXJYbj13sGAn jLdthPHa4xRTELEpOkg= -----END CERTIFICATE-----Generated at Wed Nov 5 08:38:48 2025 by rpki-client