Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/2XAnE_HyI-ycY5tOFKt2W2AEki0.roa
File:                     2XAnE_HyI-ycY5tOFKt2W2AEki0.roa (raw, json)
Hash identifier:          Ulj0n0DSOyliGP8r9Ci250OKp1pAzxMJWy0iYFjetHI=
Subject key identifier:   D9:70:27:13:F1:F2:23:EC:9C:63:9B:4E:14:AB:76:5B:60:04:92:2D
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       1298
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/2XAnE_HyI-ycY5tOFKt2W2AEki0.roa
Signing time:             Fri 01 Sep 2023 08:04:40 +0000
ROA not before:           Fri 01 Sep 2023 08:04:40 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     9311
IP address blocks:        210.58.96.0/21 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4760 (0x1298)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep  1 08:04:40 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=D9702713F1F223EC9C639B4E14AB765B6004922D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:79:e2:3c:e1:1a:b3:16:a7:af:38:7b:d2:9e:
                    af:41:e3:3e:60:ba:73:49:be:03:f4:0d:73:87:30:
                    46:26:c5:23:94:7b:76:33:ac:92:42:56:9f:e3:ce:
                    0d:48:1f:c9:e8:fd:fb:28:f1:1f:64:57:33:df:20:
                    46:4c:c7:15:b6:f4:c1:27:07:3f:6d:f8:01:fe:e9:
                    7d:61:4e:c3:4f:fe:d5:0f:53:2d:3c:2d:a7:8d:1d:
                    bf:08:85:ea:cc:a3:d2:9e:84:e1:aa:93:e2:22:b7:
                    6b:aa:c1:a1:b5:47:80:2d:f9:0a:c8:92:0f:12:da:
                    40:d9:3e:0b:90:02:14:d0:9f:a7:d9:4b:b8:02:8a:
                    bf:37:93:05:5a:8a:52:10:b5:c5:80:d2:b8:4f:e5:
                    9e:e7:7b:42:99:5c:51:35:43:3b:87:5a:b9:73:10:
                    6c:83:97:00:e7:15:61:ce:d6:d7:40:3b:5b:20:0d:
                    b0:0d:fe:68:b0:0d:d9:bb:2c:59:d8:9f:f1:38:f2:
                    b1:a9:f5:3b:fb:7d:0b:be:74:d1:4c:8e:c2:5a:35:
                    c3:1d:2a:5c:9a:c6:22:0b:02:76:6f:5d:f8:1a:ec:
                    0e:e7:22:32:8f:41:7a:0c:a4:8e:9a:e2:54:1d:67:
                    72:cc:a5:63:67:9a:22:6c:58:9d:2a:19:54:7f:7c:
                    6a:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:70:27:13:F1:F2:23:EC:9C:63:9B:4E:14:AB:76:5B:60:04:92:2D
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/2XAnE_HyI-ycY5tOFKt2W2AEki0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.58.96.0/21

    Signature Algorithm: sha256WithRSAEncryption
         92:86:5d:82:ac:a5:d8:ad:2b:0d:19:e9:92:a4:17:fd:36:bb:
         b1:ac:e9:a2:27:fc:2d:b2:a7:da:34:da:77:bd:86:22:e4:0c:
         07:7b:fd:f0:bb:f0:eb:8e:b1:38:ec:b3:9e:10:db:73:a0:32:
         26:ca:e5:ba:53:58:30:a7:bf:c3:7f:b3:6e:86:69:6a:f1:a5:
         66:a4:9e:d9:63:d4:33:c0:22:f4:86:10:0e:50:79:44:99:bd:
         10:db:62:ae:f4:03:ac:0a:d9:c3:dc:72:82:4b:75:4d:49:48:
         2f:30:b4:38:22:df:4f:61:7a:7a:c2:20:76:88:d9:14:d1:16:
         95:e8:5a:59:2e:06:12:7e:58:3e:bb:c8:de:d3:e2:54:c9:eb:
         d4:c1:ed:b2:6a:dd:48:1c:df:41:1d:e5:0e:d5:63:0d:43:1b:
         9c:ca:d3:3f:00:27:ce:a4:f3:5d:91:67:95:bf:df:1a:79:46:
         f4:7f:f2:d6:47:49:5d:ad:ff:67:cd:8e:56:79:62:76:29:6c:
         95:bc:1b:b0:62:fc:4a:bb:e8:a0:06:83:37:3f:6e:99:57:90:
         f6:49:98:fe:8f:94:37:18:1f:55:47:53:ef:d4:ec:25:06:21:
         20:db:c8:11:fd:ad:85:ab:ee:f5:61:c4:88:96:79:f1:8a:bf:
         36:f2:43:82
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEpgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0NDBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEQ5NzAyNzEzRjFGMjIz
RUM5QzYzOUI0RTE0QUI3NjVCNjAwNDkyMkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCreeI84RqzFqevOHvSnq9B4z5gunNJvgP0DXOHMEYmxSOUe3Yz
rJJCVp/jzg1IH8no/fso8R9kVzPfIEZMxxW29MEnBz9t+AH+6X1hTsNP/tUPUy08
LaeNHb8IherMo9KehOGqk+Iit2uqwaG1R4At+QrIkg8S2kDZPguQAhTQn6fZS7gC
ir83kwVailIQtcWA0rhP5Z7ne0KZXFE1QzuHWrlzEGyDlwDnFWHO1tdAO1sgDbAN
/miwDdm7LFnYn/E48rGp9Tv7fQu+dNFMjsJaNcMdKlyaxiILAnZvXfga7A7nIjKP
QXoMpI6a4lQdZ3LMpWNnmiJsWJ0qGVR/fGrFAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU2XAnE/HyI+ycY5tOFKt2W2AEki0wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvMlhBbkVfSHlJLXljWTV0T0ZLdDJX
MkFFa2kwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA9I6YDAN
BgkqhkiG9w0BAQsFAAOCAQEAkoZdgqyl2K0rDRnpkqQX/Ta7sazpoif8LbKn2jTa
d72GIuQMB3v98Lvw646xOOyznhDbc6AyJsrlulNYMKe/w3+zboZpavGlZqSe2WPU
M8Ai9IYQDlB5RJm9ENtirvQDrArZw9xygkt1TUlILzC0OCLfT2F6esIgdojZFNEW
lehaWS4GEn5YPrvI3tPiVMnr1MHtsmrdSBzfQR3lDtVjDUMbnMrTPwAnzqTzXZFn
lb/fGnlG9H/y1kdJXa3/Z82OVnlidilslbwbsGL8SrvooAaDNz9umVeQ9kmY/o+U
NxgfVUdT79TsJQYhINvIEf2thavu9WHEiJZ58Yq/NvJDgg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:59:59 2024 by rpki-client on console-ams.rpki-client.org