Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ALI/25mCA4h4csDMc_UwaiYUsWEcM38.roa
File:                     25mCA4h4csDMc_UwaiYUsWEcM38.roa (raw, json)
Hash identifier:          RLLToLF4rn6dbJatmMOSfWzQX2vuw+OJp9O7tF+xzNc=
Subject key identifier:   DB:99:82:03:88:78:72:C0:CC:73:F5:30:6A:26:14:B1:61:1C:33:7F
Certificate issuer:       /CN=C46656F8C9D72547BCA79848DC6A2E6B0FC3E2B2
Certificate serial:       10F3
Authority key identifier: C4:66:56:F8:C9:D7:25:47:BC:A7:98:48:DC:6A:2E:6B:0F:C3:E2:B2
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xGZW-MnXJUe8p5hI3Gouaw_D4rI.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/ALI/25mCA4h4csDMc_UwaiYUsWEcM38.roa
Signing time:             Thu 15 Sep 2022 02:44:35 +0000
ROA not before:           Thu 15 Sep 2022 02:44:35 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     18046
IP address blocks:        103.130.40.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4339 (0x10f3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C46656F8C9D72547BCA79848DC6A2E6B0FC3E2B2
        Validity
            Not Before: Sep 15 02:44:35 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=DB998203887872C0CC73F5306A2614B1611C337F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:c4:d6:37:04:02:6b:04:fa:5f:89:88:63:75:
                    8e:8e:28:48:82:c9:fb:b8:d2:64:1a:21:3e:e1:d0:
                    d5:c8:2d:d6:8c:97:56:b4:f9:61:70:42:2e:18:dd:
                    b4:bd:40:0a:09:a9:f7:8e:fc:53:8c:37:27:af:9b:
                    bf:f0:ec:3f:db:fd:d8:04:27:e8:91:bd:ff:42:d0:
                    c2:77:27:52:7d:e8:65:95:e3:53:a6:d4:55:e6:10:
                    c2:e5:24:51:70:22:a7:2c:80:66:3b:66:94:e9:4d:
                    bc:3c:ee:44:b0:d7:66:34:69:b6:c5:2a:4c:12:ef:
                    55:cf:bb:d1:90:e9:f3:a4:10:39:8f:2d:15:2b:e2:
                    d3:17:69:5d:44:fb:17:a1:df:fc:8a:a9:b2:bc:4c:
                    7b:3c:c7:48:a6:a9:46:90:ac:53:a9:4f:98:39:b2:
                    87:46:9b:00:7d:6e:8c:0c:c2:be:73:10:e4:d4:e7:
                    eb:78:24:e4:85:ed:a7:7d:1e:bb:8c:09:6a:57:43:
                    31:df:f5:3b:c5:50:5b:b9:c1:b7:79:96:62:d2:cd:
                    1b:90:31:89:d8:23:91:5a:bf:32:26:db:b8:ed:97:
                    65:f2:2f:c1:f6:7e:62:9e:08:4e:f8:2e:a4:d5:56:
                    6a:ab:b7:57:75:64:61:27:b4:67:a1:66:0b:e0:80:
                    f8:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:99:82:03:88:78:72:C0:CC:73:F5:30:6A:26:14:B1:61:1C:33:7F
            X509v3 Authority Key Identifier:
                keyid:C4:66:56:F8:C9:D7:25:47:BC:A7:98:48:DC:6A:2E:6B:0F:C3:E2:B2

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ALI/xGZW-MnXJUe8p5hI3Gouaw_D4rI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xGZW-MnXJUe8p5hI3Gouaw_D4rI.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ALI/25mCA4h4csDMc_UwaiYUsWEcM38.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.130.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         32:a0:87:e3:b4:9d:bf:9c:73:e3:a8:c7:9e:79:76:9a:9a:6e:
         1d:54:6b:4f:13:e8:b6:a6:98:f4:6f:be:e9:5e:58:14:70:f5:
         29:87:d2:c8:b7:6e:c6:df:14:af:c2:32:69:80:8b:c3:bb:a8:
         c7:a8:59:d1:47:bc:ae:e2:83:5d:1e:50:0f:3f:d4:b3:f5:b8:
         ce:c6:8e:8a:f5:22:e1:5f:5e:c4:35:5d:8c:cb:f4:24:74:f6:
         7e:9a:d0:7e:9e:c2:8f:b5:2f:da:96:57:a9:2f:0a:7e:9e:ab:
         a6:05:ae:7f:f7:fa:a7:3a:f3:78:3e:e7:f0:69:65:2e:f6:b0:
         28:6e:54:24:b2:5c:77:66:ec:be:57:95:3a:0a:51:3e:1b:d0:
         f0:d8:44:1a:dd:e2:89:4f:67:a5:b9:09:f2:01:da:05:b1:67:
         a6:8c:cc:a9:ff:09:56:c0:25:21:9d:a2:af:ae:a3:c7:b8:50:
         1c:22:83:17:f5:64:5d:4f:2d:f1:bc:3e:ab:00:cf:f5:6e:c3:
         67:7b:a7:8e:84:97:fb:df:58:9f:ca:5d:e1:79:0f:ab:c3:01:
         b2:87:7e:af:1b:8d:92:c3:36:a9:3d:08:b6:a1:88:ac:dc:f3:
         bd:b7:fe:eb:62:2a:dd:71:db:82:d3:73:78:d2:da:66:76:03:
         c3:d2:1a:43
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEPMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ2
NjU2RjhDOUQ3MjU0N0JDQTc5ODQ4REM2QTJFNkIwRkMzRTJCMjAeFw0yMjA5MTUw
MjQ0MzVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKERCOTk4MjAzODg3ODcy
QzBDQzczRjUzMDZBMjYxNEIxNjExQzMzN0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOxNY3BAJrBPpfiYhjdY6OKEiCyfu40mQaIT7h0NXILdaMl1a0
+WFwQi4Y3bS9QAoJqfeO/FOMNyevm7/w7D/b/dgEJ+iRvf9C0MJ3J1J96GWV41Om
1FXmEMLlJFFwIqcsgGY7ZpTpTbw87kSw12Y0abbFKkwS71XPu9GQ6fOkEDmPLRUr
4tMXaV1E+xeh3/yKqbK8THs8x0imqUaQrFOpT5g5sodGmwB9bowMwr5zEOTU5+t4
JOSF7ad9HruMCWpXQzHf9TvFUFu5wbd5lmLSzRuQMYnYI5FavzIm27jtl2XyL8H2
fmKeCE74LqTVVmqrt1d1ZGEntGehZgvggPjZAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU25mCA4h4csDMc/UwaiYUsWEcM38wHwYDVR0jBBgwFoAUxGZW+MnXJUe8p5hI
3Gouaw/D4rIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQUxJL3hH
WlctTW5YSlVlOHA1aEkzR291YXdfRDRySS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
eEdaVy1NblhKVWU4cDVoSTNHb3Vhd19ENHJJLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvQUxJLzI1bUNBNGg0Y3NETWNfVXdhaVlVc1dF
Y00zOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJngigwDQYJ
KoZIhvcNAQELBQADggEBADKgh+O0nb+cc+Oox555dpqabh1Ua08T6LammPRvvule
WBRw9SmH0si3bsbfFK/CMmmAi8O7qMeoWdFHvK7ig10eUA8/1LP1uM7Gjor1IuFf
XsQ1XYzL9CR09n6a0H6ewo+1L9qWV6kvCn6eq6YFrn/3+qc683g+5/BpZS72sChu
VCSyXHdm7L5XlToKUT4b0PDYRBrd4olPZ6W5CfIB2gWxZ6aMzKn/CVbAJSGdoq+u
o8e4UBwigxf1ZF1PLfG8PqsAz/Vuw2d7p46El/vfWJ/KXeF5D6vDAbKHfq8bjZLD
Nqk9CLahiKzc8723/utiKt1x24LTc3jS2mZ2A8PSGkM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:59:58 2024 by rpki-client on console-ams.rpki-client.org