Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/3tatSQJbpjVsu-jz7m0-LAvxHl8.roa
File:                     3tatSQJbpjVsu-jz7m0-LAvxHl8.roa (raw, json)
Hash identifier:          ypBriyIH87woI42dFTIqE+Z6dIzR0LcPv3WHD+EGbJQ=
Subject key identifier:   DE:D6:AD:49:02:5B:A6:35:6C:BB:E8:F3:EE:6D:3E:2C:0B:F1:1E:5F
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       10E4
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/3tatSQJbpjVsu-jz7m0-LAvxHl8.roa
Signing time:             Tue 16 May 2023 08:36:46 +0000
ROA not before:           Tue 16 May 2023 08:36:46 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     7482
IP address blocks:        210.201.0.0/16 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4324 (0x10e4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: May 16 08:36:46 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=DED6AD49025BA6356CBBE8F3EE6D3E2C0BF11E5F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:c1:c3:14:59:30:ab:1a:02:98:b7:61:86:9e:
                    f3:5e:b1:cb:01:a3:57:31:2f:46:15:80:ab:fc:79:
                    a6:d3:fb:14:21:02:f6:7d:ee:be:37:df:7a:cd:48:
                    78:f6:77:52:72:a9:8e:73:f4:6c:a1:77:8c:55:88:
                    a1:b0:aa:e5:73:16:3b:f7:63:2d:04:e9:f8:93:2e:
                    f8:3e:07:35:e9:78:22:ac:8a:8b:66:9e:52:47:4c:
                    42:fb:54:4b:d1:e1:dd:1e:2f:ac:81:79:b2:dc:d2:
                    f6:3a:ff:d9:dc:76:17:c5:c5:26:fb:69:71:58:96:
                    3a:10:66:77:ab:9a:76:b9:38:ba:ef:fd:35:b5:0c:
                    84:10:7f:9e:eb:90:73:3f:8a:2d:d7:a2:13:34:10:
                    f8:3c:46:8d:f2:4f:07:dd:ff:96:b3:e9:f1:f4:a2:
                    b5:99:57:01:e5:ff:da:1c:7d:e8:4d:eb:c5:a6:82:
                    e7:9f:64:b8:9e:67:85:a7:59:41:75:77:c5:a3:6c:
                    8b:72:56:ac:b6:5f:38:9a:47:61:f9:2d:4e:4b:4d:
                    83:37:3a:15:9b:ea:0d:c6:02:17:9e:34:5d:23:3b:
                    c8:fd:54:74:7b:e3:ee:d1:a9:9d:4e:0f:cf:8c:e9:
                    07:27:6e:84:ee:e8:4e:72:6b:aa:b4:ea:95:bd:8f:
                    d1:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:D6:AD:49:02:5B:A6:35:6C:BB:E8:F3:EE:6D:3E:2C:0B:F1:1E:5F
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/3tatSQJbpjVsu-jz7m0-LAvxHl8.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.201.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         21:b8:b1:2c:c2:c1:db:a9:3a:26:1e:b7:83:dd:30:52:57:e6:
         80:f4:b7:49:1b:a7:a5:39:bb:38:61:ac:c7:79:05:89:10:0c:
         8a:46:1d:0f:75:08:38:69:0e:bc:7a:43:86:07:f3:fe:e1:a1:
         84:61:e8:73:f5:e2:bc:80:6f:ba:48:b5:f3:eb:eb:82:5f:78:
         06:0e:31:90:ed:c1:88:2b:cf:0c:92:bc:ac:24:5d:13:88:2a:
         a6:eb:33:9b:1f:73:fe:f3:f4:1c:da:ee:36:1b:07:5c:a2:29:
         46:c5:98:9a:60:a1:3e:16:36:ee:6f:e5:2c:db:6e:e3:0c:1b:
         9c:a3:27:d4:5a:9e:27:78:7a:89:6d:6c:3c:fe:56:99:54:92:
         e0:80:54:ab:4d:3d:36:74:1a:fd:1c:63:63:d9:ce:36:4f:c9:
         b3:0f:d8:51:bd:02:8f:23:c8:85:6a:f8:46:f0:59:c1:2e:1b:
         b5:98:15:2d:7a:f7:33:21:32:36:ec:5f:b6:ca:c7:8b:a9:91:
         86:ab:9c:95:cb:61:5f:45:c7:76:62:46:3f:87:6a:3d:b1:e2:
         97:89:75:c1:4b:89:a7:9f:5b:89:b6:84:3d:d3:7c:11:36:f8:
         2b:73:74:8d:72:8c:f1:5a:b4:96:1d:c1:65:70:db:53:cd:29:
         7d:89:17:ce
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICEOQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2NDZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKERFRDZBRDQ5MDI1QkE2
MzU2Q0JCRThGM0VFNkQzRTJDMEJGMTFFNUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCywcMUWTCrGgKYt2GGnvNescsBo1cxL0YVgKv8eabT+xQhAvZ9
7r4333rNSHj2d1JyqY5z9Gyhd4xViKGwquVzFjv3Yy0E6fiTLvg+BzXpeCKsiotm
nlJHTEL7VEvR4d0eL6yBebLc0vY6/9ncdhfFxSb7aXFYljoQZnermna5OLrv/TW1
DIQQf57rkHM/ii3XohM0EPg8Ro3yTwfd/5az6fH0orWZVwHl/9ocfehN68Wmguef
ZLieZ4WnWUF1d8WjbItyVqy2XziaR2H5LU5LTYM3OhWb6g3GAheeNF0jO8j9VHR7
4+7RqZ1OD8+M6QcnboTu6E5ya6q06pW9j9GtAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQU3tatSQJbpjVsu+jz7m0+LAvxHl8wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvM3RhdFNRSmJwalZzdS1qejdtMC1M
QXZ4SGw4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANLJMA0G
CSqGSIb3DQEBCwUAA4IBAQAhuLEswsHbqTomHreD3TBSV+aA9LdJG6elObs4YazH
eQWJEAyKRh0PdQg4aQ68ekOGB/P+4aGEYehz9eK8gG+6SLXz6+uCX3gGDjGQ7cGI
K88MkrysJF0TiCqm6zObH3P+8/Qc2u42GwdcoilGxZiaYKE+Fjbub+Us227jDBuc
oyfUWp4neHqJbWw8/laZVJLggFSrTT02dBr9HGNj2c42T8mzD9hRvQKPI8iFavhG
8FnBLhu1mBUtevczITI27F+2yseLqZGGq5yVy2FfRcd2YkY/h2o9seKXiXXBS4mn
n1uJtoQ903wRNvgrc3SNcozxWrSWHcFlcNtTzSl9iRfO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:59:59 2024 by rpki-client on console-ams.rpki-client.org