Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/2Wjo7IrtW-LHkrs4W7D99oU78i0.roa
File:                     2Wjo7IrtW-LHkrs4W7D99oU78i0.roa (raw, json)
Hash identifier:          h8rC8X5griCu3VnPIEv+hMeMLQIRsrgO/KYLeRu4q4g=
Subject key identifier:   D9:68:E8:EC:8A:ED:5B:E2:C7:92:BB:38:5B:B0:FD:F6:85:3B:F2:2D
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       12C8
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/2Wjo7IrtW-LHkrs4W7D99oU78i0.roa
Signing time:             Fri 01 Sep 2023 08:04:58 +0000
ROA not before:           Fri 01 Sep 2023 08:04:58 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     17709
IP address blocks:        210.202.192.0/18 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4808 (0x12c8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep  1 08:04:58 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=D968E8EC8AED5BE2C792BB385BB0FDF6853BF22D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:8f:df:2f:06:45:4f:65:47:3c:37:b7:d2:40:
                    d8:cd:39:e4:ae:93:2b:1d:e0:8a:6e:cd:d4:f7:55:
                    ba:31:ef:4e:dc:38:59:11:71:45:01:df:38:96:d3:
                    0a:22:1b:1d:28:ce:19:64:34:88:cc:cf:5c:ad:fe:
                    49:f0:5e:a1:dc:d9:4d:7c:e9:76:f3:50:ab:1d:73:
                    a7:e3:f0:8d:5d:56:c3:b2:e0:50:45:91:ed:87:57:
                    db:9f:1d:e2:dc:3e:f8:e0:89:f5:83:fb:d1:f1:49:
                    bd:38:10:94:e2:bf:fe:67:ff:f1:7b:15:9f:2b:db:
                    9e:ac:d8:02:cb:1f:5f:da:a8:1e:e3:48:cf:22:3c:
                    3a:14:aa:5d:af:77:b8:b3:be:0c:57:1a:c1:7a:b2:
                    22:97:31:18:7c:45:ed:c4:b7:8e:1f:1f:2e:85:71:
                    1e:24:f3:94:45:70:f0:79:89:a0:fb:27:73:69:d1:
                    fb:08:36:c8:c4:b9:be:75:ca:2e:83:61:3e:5b:88:
                    4a:04:b6:50:28:a6:bb:ce:d0:d7:e8:4a:1e:bf:c9:
                    7e:22:16:cf:d9:e3:1c:85:e6:29:ac:08:fc:da:8f:
                    a6:fb:83:ab:71:de:22:84:cd:17:dc:90:5d:e1:a2:
                    f1:da:58:41:c6:4e:b5:3f:23:62:be:77:07:cf:1a:
                    7e:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:68:E8:EC:8A:ED:5B:E2:C7:92:BB:38:5B:B0:FD:F6:85:3B:F2:2D
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/2Wjo7IrtW-LHkrs4W7D99oU78i0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.202.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         4e:0a:dc:cf:09:3e:f9:b1:fd:5e:2b:b9:51:53:d4:2b:4c:d0:
         cc:ac:52:5a:ae:8e:fc:00:22:dc:bc:71:c4:ff:95:7a:5f:e3:
         ea:8c:17:72:cb:75:b2:7c:88:d9:98:54:3e:df:ad:2b:c0:6d:
         59:d6:dc:78:a4:f4:3d:22:55:6a:10:37:70:bf:a2:4f:43:e4:
         0d:6b:07:7d:53:b0:6d:99:f9:71:fc:c2:55:ba:65:68:5a:9e:
         5a:15:0b:4a:80:71:b4:26:67:5d:d5:d6:09:d4:ea:94:3f:2a:
         ca:3d:0a:fd:45:d7:44:85:b7:d1:44:3e:c1:9d:35:6e:29:fe:
         96:b8:27:21:9f:88:d7:c2:8f:30:72:7e:ca:58:6f:c1:d7:f2:
         8a:9c:4b:4d:b6:8e:df:41:c6:4f:e4:53:e0:aa:e7:4f:07:46:
         56:82:a6:ac:92:ae:1c:27:25:33:e7:8d:86:2d:96:09:37:e9:
         f4:31:3d:a6:5a:4d:28:e2:c2:dc:b5:f3:e6:c8:3c:de:c4:7d:
         d3:64:6d:90:a9:4d:59:38:c5:4b:7c:42:bf:57:cb:e6:04:ed:
         77:4b:01:28:a2:10:5a:03:c9:5d:0e:37:19:32:c5:08:2f:0a:
         41:a1:71:d1:5d:18:a0:17:f3:28:e2:9f:ee:18:b8:e2:9a:24:
         10:f5:b5:81
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEsgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0NThaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEQ5NjhFOEVDOEFFRDVC
RTJDNzkyQkIzODVCQjBGREY2ODUzQkYyMkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjj98vBkVPZUc8N7fSQNjNOeSukysd4IpuzdT3Vbox707cOFkR
cUUB3ziW0woiGx0ozhlkNIjMz1yt/knwXqHc2U186XbzUKsdc6fj8I1dVsOy4FBF
ke2HV9ufHeLcPvjgifWD+9HxSb04EJTiv/5n//F7FZ8r256s2ALLH1/aqB7jSM8i
PDoUql2vd7izvgxXGsF6siKXMRh8Re3Et44fHy6FcR4k85RFcPB5iaD7J3Np0fsI
NsjEub51yi6DYT5biEoEtlAoprvO0NfoSh6/yX4iFs/Z4xyF5imsCPzaj6b7g6tx
3iKEzRfckF3hovHaWEHGTrU/I2K+dwfPGn53AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU2Wjo7IrtW+LHkrs4W7D99oU78i0wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvMldqbzdJcnRXLUxIa3JzNFc3RDk5
b1U3OGkwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBtLKwDAN
BgkqhkiG9w0BAQsFAAOCAQEATgrczwk++bH9Xiu5UVPUK0zQzKxSWq6O/AAi3Lxx
xP+Vel/j6owXcst1snyI2ZhUPt+tK8BtWdbceKT0PSJVahA3cL+iT0PkDWsHfVOw
bZn5cfzCVbplaFqeWhULSoBxtCZnXdXWCdTqlD8qyj0K/UXXRIW30UQ+wZ01bin+
lrgnIZ+I18KPMHJ+ylhvwdfyipxLTbaO30HGT+RT4KrnTwdGVoKmrJKuHCclM+eN
hi2WCTfp9DE9plpNKOLC3LXz5sg83sR902RtkKlNWTjFS3xCv1fL5gTtd0sBKKIQ
WgPJXQ43GTLFCC8KQaFx0V0YoBfzKOKf7hi44pokEPW1gQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org