Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/AIRPAYTW/vSpKZS8VX0RYstzxkcEP1_2OjqE.roa
File:                     vSpKZS8VX0RYstzxkcEP1_2OjqE.roa (raw, json)
Hash identifier:          wAoEgO5bTr36i1/f3UxTuk6LwRWAmculGJaMfLz0wq4=
Subject key identifier:   BD:2A:4A:65:2F:15:5F:44:58:B2:DC:F1:91:C1:0F:D7:FD:8E:8E:A1
Certificate issuer:       /CN=23E0C44033B500F78931D123EBD9F35E9AE17DC4
Certificate serial:       1019
Authority key identifier: 23:E0:C4:40:33:B5:00:F7:89:31:D1:23:EB:D9:F3:5E:9A:E1:7D:C4
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/I-DEQDO1APeJMdEj69nzXprhfcQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/AIRPAYTW/vSpKZS8VX0RYstzxkcEP1_2OjqE.roa
Signing time:             Fri 01 Sep 2023 07:48:55 +0000
ROA not before:           Fri 01 Sep 2023 07:48:55 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     131635
IP address blocks:        103.127.232.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4121 (0x1019)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23E0C44033B500F78931D123EBD9F35E9AE17DC4
        Validity
            Not Before: Sep  1 07:48:55 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=BD2A4A652F155F4458B2DCF191C10FD7FD8E8EA1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:db:d5:e4:c3:68:35:d9:d3:6a:fd:b6:b5:05:
                    5c:26:d1:94:a2:d4:7b:ed:57:35:c6:db:b5:66:67:
                    3b:f4:26:af:dd:c2:79:2c:55:58:86:58:23:49:8a:
                    fb:71:c8:ab:67:0a:a6:30:52:b6:4d:43:d9:0d:be:
                    2a:b1:33:2e:11:97:24:7f:f8:24:a4:1d:5d:09:b8:
                    f6:97:41:d3:9e:cc:76:34:92:f4:a8:39:2b:5f:dc:
                    84:9e:75:8e:99:c4:47:97:b7:dd:80:6d:7e:2f:e2:
                    14:dd:a6:0f:d3:a6:87:f7:f9:53:31:b2:77:ce:63:
                    68:c3:92:b3:70:c1:ac:d2:cc:dc:5a:ec:6f:71:f2:
                    40:c4:61:b9:2c:2e:ce:9d:19:27:59:9b:ac:05:7b:
                    69:c1:51:42:7f:ee:16:83:1d:b8:7f:0e:76:fb:25:
                    14:7d:4b:95:c7:79:05:34:d0:96:78:73:28:d4:8a:
                    66:a7:ff:eb:1d:85:d9:34:1a:8c:fc:1e:d3:fd:c6:
                    a9:b6:5c:02:18:86:25:59:48:08:89:2c:56:90:8d:
                    1c:4e:e0:fe:db:68:5e:fa:87:88:a2:f1:1d:a5:a9:
                    6d:03:7a:7a:3c:4c:8d:c4:d8:6f:4e:34:8e:7a:22:
                    0d:46:47:44:95:28:6d:e2:8f:05:39:0d:63:d8:f9:
                    91:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:2A:4A:65:2F:15:5F:44:58:B2:DC:F1:91:C1:0F:D7:FD:8E:8E:A1
            X509v3 Authority Key Identifier:
                keyid:23:E0:C4:40:33:B5:00:F7:89:31:D1:23:EB:D9:F3:5E:9A:E1:7D:C4

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AIRPAYTW/I-DEQDO1APeJMdEj69nzXprhfcQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/I-DEQDO1APeJMdEj69nzXprhfcQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AIRPAYTW/vSpKZS8VX0RYstzxkcEP1_2OjqE.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.127.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8a:f4:d0:8c:f8:e9:53:d6:67:5b:95:bc:83:97:1e:96:59:fc:
         cf:93:6f:49:d6:11:ae:9d:00:58:73:b3:96:f5:5f:05:c3:31:
         59:4a:ae:27:51:3a:6c:85:61:20:5c:0e:58:84:1a:4a:20:42:
         5f:bc:60:8f:74:2e:6c:df:79:b4:40:92:5f:68:de:76:c0:78:
         8f:96:41:ef:8b:10:68:bb:6b:7e:7a:a5:d2:f3:46:5e:6b:0e:
         77:c1:31:72:f1:97:4a:cc:ff:93:f9:e8:df:a7:51:c8:c4:be:
         29:e3:51:08:73:a5:b6:24:7c:0b:4c:80:e9:e6:63:17:5d:12:
         f5:5a:4e:f1:19:b4:fd:8f:2e:aa:ef:54:52:b6:31:35:86:f1:
         9f:a2:59:9c:9c:38:3f:ee:23:7f:62:f3:f0:e4:37:40:7c:38:
         fa:57:9e:67:05:77:56:aa:82:50:11:59:01:fc:23:8e:d4:2b:
         de:7b:58:b7:d6:3d:cf:b1:b5:40:fe:0a:c1:dd:46:5c:be:46:
         38:d3:99:6a:d6:ae:fc:b7:e6:a5:a1:be:26:88:e4:e2:de:61:
         70:42:a4:6f:53:80:51:22:6a:5a:57:40:23:41:20:29:d7:fd:
         43:13:17:78:a8:0a:34:c9:47:cf:eb:9e:e0:53:47:57:a7:0d:
         8c:a5:57:d5
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICEBkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjNF
MEM0NDAzM0I1MDBGNzg5MzFEMTIzRUJEOUYzNUU5QUUxN0RDNDAeFw0yMzA5MDEw
NzQ4NTVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEJEMkE0QTY1MkYxNTVG
NDQ1OEIyRENGMTkxQzEwRkQ3RkQ4RThFQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDc29Xkw2g12dNq/ba1BVwm0ZSi1HvtVzXG27VmZzv0Jq/dwnks
VViGWCNJivtxyKtnCqYwUrZNQ9kNviqxMy4RlyR/+CSkHV0JuPaXQdOezHY0kvSo
OStf3ISedY6ZxEeXt92AbX4v4hTdpg/Tpof3+VMxsnfOY2jDkrNwwazSzNxa7G9x
8kDEYbksLs6dGSdZm6wFe2nBUUJ/7haDHbh/Dnb7JRR9S5XHeQU00JZ4cyjUiman
/+sdhdk0Goz8HtP9xqm2XAIYhiVZSAiJLFaQjRxO4P7baF76h4ii8R2lqW0Deno8
TI3E2G9ONI56Ig1GR0SVKG3ijwU5DWPY+ZG9AgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUvSpKZS8VX0RYstzxkcEP1/2OjqEwHwYDVR0jBBgwFoAUI+DEQDO1APeJMdEj
69nzXprhfcQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQUlSUEFZ
VFcvSS1ERVFETzFBUGVKTWRFajY5bnpYcHJoZmNRLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9JLURFUURPMUFQZUpNZEVqNjluelhwcmhmY1EuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9BSVJQQVlUVy92U3BLWlM4VlgwUllz
dHp4a2NFUDFfMk9qcUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCZ3/oMA0GCSqGSIb3DQEBCwUAA4IBAQCK9NCM+OlT1mdblbyDlx6WWfzPk29J
1hGunQBYc7OW9V8FwzFZSq4nUTpshWEgXA5YhBpKIEJfvGCPdC5s33m0QJJfaN52
wHiPlkHvixBou2t+eqXS80Zeaw53wTFy8ZdKzP+T+ejfp1HIxL4p41EIc6W2JHwL
TIDp5mMXXRL1Wk7xGbT9jy6q71RStjE1hvGfolmcnDg/7iN/YvPw5DdAfDj6V55n
BXdWqoJQEVkB/COO1Cvee1i31j3PsbVA/grB3UZcvkY405lq1q78t+alob4miOTi
3mFwQqRvU4BRImpaV0AjQSAp1/1DExd4qAo0yUfP657gU0dXpw2MpVfV
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:17 2024 by rpki-client on console-fra.rpki-client.org