$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/AS209686.roa File: AS209686.roa (raw, json) Hash identifier: qUmoBoRBQHTwsxjl9w1ND0TKGAqqEuFcbJM6bDueFfY= Subject key identifier: BE:5C:A3:A8:C2:D1:79:85:1E:D3:8F:8D:C1:B2:93:BE:23:81:D6:65 Certificate issuer: /CN=8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B Certificate serial: 52A5A678B514C4AECA5974736BD74866A77DF104 Authority key identifier: 8F:C3:CF:B5:DF:3E:8F:72:1C:08:B8:B5:FE:7F:61:D6:7B:0B:E1:3B Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/AS209686.roa Signing time: Fri 05 Jun 2026 07:12:44 +0000 ROA not before: Fri 05 Jun 2026 07:07:44 +0000 ROA not after: Fri 04 Jun 2027 07:12:44 +0000 asID: 209686 IP address blocks: 2a05:dfc1:5a00::/40 maxlen: 48 Validation: OK Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.crl rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.mft rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Jun 2026 01:00:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:a5:a6:78:b5:14:c4:ae:ca:59:74:73:6b:d7:48:66:a7:7d:f1:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B Validity Not Before: Jun 5 07:07:44 2026 GMT Not After : Jun 4 07:12:44 2027 GMT Subject: CN=BE5CA3A8C2D179851ED38F8DC1B293BE2381D665 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:1f:22:5a:8b:57:f7:dc:cd:a6:a6:35:ed:4e: 67:9f:c3:47:1f:4b:54:a1:39:ce:d0:51:d2:00:ae: c6:55:09:b1:45:83:e2:e4:53:7b:f4:e9:b2:bc:8a: 9a:f5:b6:be:df:5e:11:3e:cd:f2:57:c9:a0:5a:23: aa:ef:9d:6e:37:2e:3f:3a:60:ba:7b:8b:6d:b8:19: ac:84:f4:14:96:76:15:81:98:a6:19:8f:71:60:a4: 19:bf:a8:38:56:7a:0f:9c:43:cf:c1:ce:4d:d2:29: f3:b5:25:5a:1d:36:26:16:e1:cc:b4:87:bd:ce:7b: 8e:08:15:be:36:25:fb:90:f1:9d:7b:1c:5a:5c:80: 45:d6:f1:5b:d2:a8:13:3d:7d:b3:f3:46:c3:eb:24: 4b:fe:22:65:65:76:cc:b8:f6:5e:f1:43:5e:9a:18: 31:aa:6f:0d:5d:39:22:a3:22:5d:54:f1:ad:43:60: 8d:95:33:42:65:ff:6d:ac:79:35:3d:b9:bd:15:5f: 1a:84:43:eb:5f:00:9f:09:64:48:bc:be:c7:15:c5: 99:69:3a:e6:2a:ff:c0:e3:cd:47:28:66:5b:9b:b9: de:0f:d5:83:49:92:05:b8:e1:d4:92:8c:53:f2:d4: ad:df:5c:9e:a7:d4:20:79:ff:67:89:e9:93:13:32: bd:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:5C:A3:A8:C2:D1:79:85:1E:D3:8F:8D:C1:B2:93:BE:23:81:D6:65 X509v3 Authority Key Identifier: keyid:8F:C3:CF:B5:DF:3E:8F:72:1C:08:B8:B5:FE:7F:61:D6:7B:0B:E1:3B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer Subject Information Access: Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/AS209686.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:dfc1:5a00::/40 Signature Algorithm: sha256WithRSAEncryption a8:4d:33:9e:45:36:97:dd:a8:7d:70:3d:e1:47:8d:eb:78:f6: 96:68:e3:68:2c:e3:95:12:6e:5e:78:fc:0e:72:7e:b3:05:8f: 7d:97:ee:fa:0f:ad:23:4b:82:db:e6:c6:63:06:15:70:95:1b: 48:4a:38:09:f6:75:9c:a4:9f:b2:83:c5:c2:d1:1c:35:54:a1: 0c:2d:50:3d:f8:fd:59:92:ab:1b:87:aa:88:00:95:ec:1b:61: 43:28:ae:57:69:78:0c:c0:e8:b8:88:a3:0d:d9:b9:d7:b1:42: aa:8b:5d:4a:e0:4f:b3:79:9e:0c:7c:fc:0b:fe:52:cc:06:bf: e0:4a:42:41:03:98:68:01:47:77:8a:0f:92:96:1c:35:a2:92: eb:58:43:76:a3:5b:c9:a1:98:a5:e3:a3:3a:25:1d:0b:26:75: 6f:e3:fc:bf:2e:f0:9c:df:4c:03:25:04:0d:72:cd:1a:77:8d: 51:53:35:98:85:55:66:6b:18:2c:01:6f:c0:2c:2c:ba:fc:74: c1:1e:5d:9e:54:8f:ac:66:80:0e:40:9d:3b:6c:7c:96:75:a5: a8:12:18:24:ff:24:b4:91:32:f3:ee:70:72:ed:ec:83:4e:ef: 4b:f4:05:11:bf:51:49:6b:9a:62:31:40:9d:c3:a6:52:b3:fe: ae:3f:d5:be -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUUqWmeLUUxK7KWXRza9dIZqd98QQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEZDM0NGQjVERjNFOEY3MjFDMDhCOEI1RkU3RjYxRDY3 QjBCRTEzQjAeFw0yNjA2MDUwNzA3NDRaFw0yNzA2MDQwNzEyNDRaMDMxMTAvBgNV BAMTKEJFNUNBM0E4QzJEMTc5ODUxRUQzOEY4REMxQjI5M0JFMjM4MUQ2NjUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVHyJai1f33M2mpjXtTmefw0cf S1ShOc7QUdIArsZVCbFFg+LkU3v06bK8ipr1tr7fXhE+zfJXyaBaI6rvnW43Lj86 YLp7i224GayE9BSWdhWBmKYZj3FgpBm/qDhWeg+cQ8/Bzk3SKfO1JVodNiYW4cy0 h73Oe44IFb42JfuQ8Z17HFpcgEXW8VvSqBM9fbPzRsPrJEv+ImVldsy49l7xQ16a GDGqbw1dOSKjIl1U8a1DYI2VM0Jl/22seTU9ub0VXxqEQ+tfAJ8JZEi8vscVxZlp OuYq/8DjzUcoZlubud4P1YNJkgW44dSSjFPy1K3fXJ6n1CB5/2eJ6ZMTMr0RAgMB AAGjggH0MIIB8DAdBgNVHQ4EFgQUvlyjqMLReYUe04+NwbKTviOB1mUwHwYDVR0j BBgwFoAUj8PPtd8+j3IcCLi1/n9h1nsL4TswDgYDVR0PAQH/BAQDAgeAMG8GA1Ud HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v Q0xPVURJRS1SUEtJLzQvOEZDM0NGQjVERjNFOEY3MjFDMDhCOEI1RkU3RjYxRDY3 QjBCRTEzQi5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5 bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2 M2UwMTg1NzU1YzkxYmUzZjlkLzcvOEZDM0NGQjVERjNFOEY3MjFDMDhCOEI1RkU3 RjYxRDY3QjBCRTEzQi5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS80 L0FTMjA5Njg2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXfwVowDQYJKoZIhvcNAQELBQADggEBAKhN M55FNpfdqH1wPeFHjet49pZo42gs45USbl54/A5yfrMFj32X7voPrSNLgtvmxmMG FXCVG0hKOAn2dZykn7KDxcLRHDVUoQwtUD34/VmSqxuHqogAlewbYUMorldpeAzA 6LiIow3ZudexQqqLXUrgT7N5ngx8/Av+UswGv+BKQkEDmGgBR3eKD5KWHDWikutY Q3ajW8mhmKXjozolHQsmdW/j/L8u8JzfTAMlBA1yzRp3jVFTNZiFVWZrGCwBb8As LLr8dMEeXZ5Uj6xmgA5AnTtsfJZ1pagSGCT/JLSRMvPucHLt7INO70v0BRG/UUlr mmIxQJ3DplKz/q4/1b4= -----END CERTIFICATE-----Generated at Sat Jun 13 09:10:10 2026 by rpki-client