$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/AS198969.roa File: AS198969.roa (raw, json) Hash identifier: TvPPpczHvOwsShJ9qYWykkXVzFBn9XCAJk8o4ialrXQ= Subject key identifier: 2D:B4:04:C3:87:21:2C:8B:45:5B:B3:0B:05:1B:16:1C:E9:3A:96:5C Certificate issuer: /CN=8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B Certificate serial: 4934E482F5C8730B5B4DEBB1A9AC7814272C6595 Authority key identifier: 8F:C3:CF:B5:DF:3E:8F:72:1C:08:B8:B5:FE:7F:61:D6:7B:0B:E1:3B Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/AS198969.roa Signing time: Fri 05 Jun 2026 07:12:12 +0000 ROA not before: Fri 05 Jun 2026 07:07:12 +0000 ROA not after: Fri 04 Jun 2027 07:12:12 +0000 asID: 198969 IP address blocks: 2a05:dfc1:1700::/40 maxlen: 48 Validation: OK Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.crl rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Jun 2026 01:00:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:34:e4:82:f5:c8:73:0b:5b:4d:eb:b1:a9:ac:78:14:27:2c:65:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B Validity Not Before: Jun 5 07:07:12 2026 GMT Not After : Jun 4 07:12:12 2027 GMT Subject: CN=2DB404C387212C8B455BB30B051B161CE93A965C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:1a:2b:ae:6d:42:5a:8a:3a:b8:d1:cc:14:f3: 51:9c:17:f5:04:a5:cd:8a:31:fa:db:26:d8:3e:b3: 23:2f:ba:d0:aa:7a:e1:72:9a:b5:da:78:9d:dd:05: 47:37:fc:ac:4a:de:6f:33:93:65:98:69:6d:84:cf: 9c:86:95:a6:21:ee:4a:0f:28:94:3d:ff:82:64:77: 86:c5:b6:97:39:3a:09:2d:97:39:0a:a6:49:68:65: 54:53:9c:37:7c:25:cc:47:06:75:77:62:cd:8a:56: 51:c5:5b:9b:78:b7:1a:6e:b1:41:6a:16:2b:4c:46: a3:35:57:e6:c7:b9:67:80:c0:ea:92:ab:e8:0d:19: 5c:03:08:04:70:7a:0b:e2:b0:a8:29:4d:47:82:56: dd:a1:37:6e:2d:cc:b0:1c:19:d1:23:db:c4:62:23: e9:82:d0:fa:46:d9:74:58:5a:44:63:01:44:4b:04: 18:c4:7a:d7:8a:b4:2e:b8:df:64:ee:18:0d:8b:bd: 7b:e0:e6:1d:03:11:fb:e3:2e:dc:a5:3b:7a:82:e6: 3b:e0:1f:c7:66:91:cb:95:74:7d:4d:19:4c:21:bc: b7:d5:cf:c7:3e:aa:89:da:f9:94:66:62:ca:5c:81: 04:77:fb:b7:8e:ef:c2:bd:32:34:ce:a1:8b:e6:83: 35:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:B4:04:C3:87:21:2C:8B:45:5B:B3:0B:05:1B:16:1C:E9:3A:96:5C X509v3 Authority Key Identifier: keyid:8F:C3:CF:B5:DF:3E:8F:72:1C:08:B8:B5:FE:7F:61:D6:7B:0B:E1:3B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer Subject Information Access: Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/AS198969.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc1:1700::/40 Signature Algorithm: sha256WithRSAEncryption b2:0f:9a:8e:3c:71:27:9b:7f:7d:c0:6b:dd:0c:4c:05:2c:18: 5e:6a:ff:01:41:cf:dd:3a:cc:3f:7d:14:4c:f4:0c:b2:89:f8: b8:f1:35:43:6a:92:e1:9c:55:23:7b:47:db:05:b1:9a:12:7a: 88:c0:41:91:f7:02:8e:e0:b3:8c:bb:14:10:f0:63:3d:2d:aa: f4:b3:7a:02:77:89:47:3d:47:01:93:30:1a:6f:0a:56:1b:0e: 9e:d5:74:af:83:6d:98:47:7b:f1:ff:81:22:c6:e0:82:83:e7: a6:af:f4:58:52:d9:b2:77:70:fa:39:b8:fb:f9:ca:57:12:d2: 0c:6e:27:b9:d6:37:85:6e:1f:7b:d4:59:ad:26:95:4b:ed:c0: 9b:ab:1e:e8:23:60:91:dc:c1:44:8b:6d:0d:60:8d:62:ff:ab: a4:1d:d3:6f:82:5e:05:74:d9:51:3f:58:9b:10:39:e0:a0:07: fd:e9:78:13:40:0e:e8:6c:03:f7:3f:b9:f7:3c:4c:d7:4c:05: bc:07:a6:a3:67:e9:c9:00:86:27:e0:7c:db:06:e3:6f:69:df: d9:83:a2:80:46:6e:7b:d8:61:b8:eb:3c:48:52:fb:93:dd:aa: 35:f6:ab:72:71:9e:b7:d8:62:12:f8:18:a9:28:b4:80:41:4b: 18:62:d7:b8 -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUSTTkgvXIcwtbTeuxqax4FCcsZZUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEZDM0NGQjVERjNFOEY3MjFDMDhCOEI1RkU3RjYxRDY3 QjBCRTEzQjAeFw0yNjA2MDUwNzA3MTJaFw0yNzA2MDQwNzEyMTJaMDMxMTAvBgNV BAMTKDJEQjQwNEMzODcyMTJDOEI0NTVCQjMwQjA1MUIxNjFDRTkzQTk2NUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4GiuubUJaijq40cwU81GcF/UE pc2KMfrbJtg+syMvutCqeuFymrXaeJ3dBUc3/KxK3m8zk2WYaW2Ez5yGlaYh7koP KJQ9/4Jkd4bFtpc5OgktlzkKpkloZVRTnDd8JcxHBnV3Ys2KVlHFW5t4txpusUFq FitMRqM1V+bHuWeAwOqSq+gNGVwDCARwegvisKgpTUeCVt2hN24tzLAcGdEj28Ri I+mC0PpG2XRYWkRjAURLBBjEeteKtC6432TuGA2LvXvg5h0DEfvjLtylO3qC5jvg H8dmkcuVdH1NGUwhvLfVz8c+qona+ZRmYspcgQR3+7eO78K9MjTOoYvmgzVxAgMB AAGjggH0MIIB8DAdBgNVHQ4EFgQULbQEw4chLItFW7MLBRsWHOk6llwwHwYDVR0j BBgwFoAUj8PPtd8+j3IcCLi1/n9h1nsL4TswDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v Q0xPVURJRS1SUEtJLzQvOEZDM0NGQjVERjNFOEY3MjFDMDhCOEI1RkU3RjYxRDY3 QjBCRTEzQi5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5 bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2 M2UwMTg1NzU1YzkxYmUzZjlkLzcvOEZDM0NGQjVERjNFOEY3MjFDMDhCOEI1RkU3 RjYxRDY3QjBCRTEzQi5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS80 L0FTMTk4OTY5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXfwRcwDQYJKoZIhvcNAQELBQADggEBALIP mo48cSebf33Aa90MTAUsGF5q/wFBz906zD99FEz0DLKJ+LjxNUNqkuGcVSN7R9sF sZoSeojAQZH3Ao7gs4y7FBDwYz0tqvSzegJ3iUc9RwGTMBpvClYbDp7VdK+DbZhH e/H/gSLG4IKD56av9FhS2bJ3cPo5uPv5ylcS0gxuJ7nWN4VuH3vUWa0mlUvtwJur HugjYJHcwUSLbQ1gjWL/q6Qd02+CXgV02VE/WJsQOeCgB/3peBNADuhsA/c/ufc8 TNdMBbwHpqNn6ckAhifgfNsG429p39mDooBGbnvYYbjrPEhS+5PdqjX2q3JxnrfY YhL4GKkotIBBSxhi17g= -----END CERTIFICATE-----Generated at Sat Jun 13 09:12:07 2026 by rpki-client