Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/1S2BLraFWRn1RIosQKyuOy7J9wc.roa
File:                     1S2BLraFWRn1RIosQKyuOy7J9wc.roa (raw, json)
Hash identifier:          XXFdV44Qy2XJbOIPqqOjYVsvP9L5aKvVMXAfDX0p5Qk=
Subject key identifier:   D5:2D:81:2E:B6:85:59:19:F5:44:8A:2C:40:AC:AE:3B:2E:C9:F7:07
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0BD1
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/1S2BLraFWRn1RIosQKyuOy7J9wc.roa
Signing time:             Sun 07 Feb 2021 11:33:58 +0000
ROA not before:           Sun 07 Feb 2021 11:33:58 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     24154
IP address blocks:        210.200.8.0/21 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3025 (0xbd1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Feb  7 11:33:58 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=D52D812EB6855919F5448A2C40ACAE3B2EC9F707
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:ca:75:e4:bd:60:d6:55:55:74:25:9a:54:5e:
                    99:20:7f:e0:d8:1a:37:20:2c:eb:4c:d7:dd:eb:44:
                    09:af:38:4d:59:0a:d8:25:65:a6:89:fd:e3:6d:13:
                    85:94:58:6e:8e:15:42:61:7b:ac:54:5c:89:12:26:
                    30:72:f9:73:26:0e:d0:42:4e:5e:33:e7:0d:2d:45:
                    31:31:63:c5:df:41:b7:23:5d:73:ce:63:11:44:ad:
                    f0:d9:39:60:c8:2d:de:1c:f7:88:31:2a:4a:8b:c4:
                    a1:bb:da:0b:c3:81:09:ac:cf:86:cc:23:0a:9d:bf:
                    64:5f:20:c7:64:b6:6c:34:a6:3f:d2:ce:29:5c:8f:
                    a3:83:a8:67:23:4a:ce:3c:2e:d5:49:4d:ee:88:7d:
                    04:2a:24:0b:38:27:6f:dd:47:ed:39:7e:43:66:1a:
                    5b:d9:3d:f2:fa:a7:00:0b:dc:8a:58:40:7c:10:88:
                    0b:f4:81:8a:11:30:d8:90:ff:9b:c4:97:a3:00:3b:
                    d1:e2:5a:8c:b1:af:b9:d2:f7:e8:d1:8d:61:7e:4b:
                    86:6c:64:ce:31:35:61:c6:88:77:87:84:04:ac:26:
                    3b:79:81:c7:29:4e:ec:0b:5e:7c:6c:ce:dd:ef:e7:
                    7f:25:40:4c:a5:54:2f:d6:07:cf:b8:18:3e:47:e9:
                    9d:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:2D:81:2E:B6:85:59:19:F5:44:8A:2C:40:AC:AE:3B:2E:C9:F7:07
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/1S2BLraFWRn1RIosQKyuOy7J9wc.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.200.8.0/21

    Signature Algorithm: sha256WithRSAEncryption
         21:98:30:7f:68:e2:69:a2:18:d0:c3:6f:71:6c:26:09:96:35:
         36:09:a9:77:94:7f:fe:8f:cf:2b:fd:d4:43:e6:1d:8c:08:12:
         95:81:4e:fa:53:9d:5c:c7:bd:f2:ec:0d:75:fe:1e:08:fe:1b:
         30:69:ba:f2:f6:75:0f:83:44:1a:47:af:95:3d:e4:85:fb:d9:
         fc:0b:62:0f:8d:78:a2:ea:39:03:5b:a3:81:a7:e2:9e:aa:18:
         e6:93:b0:29:47:4b:68:40:d4:34:1a:21:6a:9a:c4:2f:11:96:
         99:a8:dd:e0:f6:98:f8:d0:c8:64:55:8c:1f:13:bf:32:4a:df:
         e9:3d:ed:8d:00:a8:d1:4e:36:27:b6:ab:a9:ce:ba:e1:90:e5:
         86:3e:39:2f:2c:e6:d7:37:fe:15:44:0a:0c:75:f7:c2:23:92:
         bf:fb:3c:1b:c1:8a:c4:8f:55:67:3e:eb:eb:e9:4c:c1:bd:a1:
         44:f3:3c:49:a7:4d:69:07:b3:29:58:6a:a1:1c:68:09:ca:04:
         e2:14:86:02:8e:c0:1b:73:e4:4a:e3:f5:c1:10:37:b1:bd:90:
         84:d2:cf:d1:89:29:c2:d0:7b:dd:aa:94:4b:9b:09:43:8f:36:
         c9:61:d9:e8:7f:29:89:ac:11:fe:1b:db:ef:45:a1:d0:b5:42:
         b6:8a:14:c9
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC9EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAyMDcx
MTMzNThaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEQ1MkQ4MTJFQjY4NTU5
MTlGNTQ0OEEyQzQwQUNBRTNCMkVDOUY3MDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4ynXkvWDWVVV0JZpUXpkgf+DYGjcgLOtM193rRAmvOE1ZCtgl
ZaaJ/eNtE4WUWG6OFUJhe6xUXIkSJjBy+XMmDtBCTl4z5w0tRTExY8XfQbcjXXPO
YxFErfDZOWDILd4c94gxKkqLxKG72gvDgQmsz4bMIwqdv2RfIMdktmw0pj/Szilc
j6ODqGcjSs48LtVJTe6IfQQqJAs4J2/dR+05fkNmGlvZPfL6pwAL3IpYQHwQiAv0
gYoRMNiQ/5vEl6MAO9HiWoyxr7nS9+jRjWF+S4ZsZM4xNWHGiHeHhASsJjt5gccp
TuwLXnxszt3v538lQEylVC/WB8+4GD5H6Z19AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU1S2BLraFWRn1RIosQKyuOy7J9wcwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvMVMyQkxyYUZXUm4xUklvc1FLeXVP
eTdKOXdjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA9LICDAN
BgkqhkiG9w0BAQsFAAOCAQEAIZgwf2jiaaIY0MNvcWwmCZY1Ngmpd5R//o/PK/3U
Q+YdjAgSlYFO+lOdXMe98uwNdf4eCP4bMGm68vZ1D4NEGkevlT3khfvZ/AtiD414
ouo5A1ujgafinqoY5pOwKUdLaEDUNBohaprELxGWmajd4PaY+NDIZFWMHxO/Mkrf
6T3tjQCo0U42J7arqc664ZDlhj45Lyzm1zf+FUQKDHX3wiOSv/s8G8GKxI9VZz7r
6+lMwb2hRPM8SadNaQezKVhqoRxoCcoE4hSGAo7AG3PkSuP1wRA3sb2QhNLP0Ykp
wtB73aqUS5sJQ482yWHZ6H8piawR/hvb70Wh0LVCtooUyQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:59:59 2024 by rpki-client on console-ams.rpki-client.org