Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/42b0W_9VcKyQeXLfcifFmK_93g0.roa
File:                     42b0W_9VcKyQeXLfcifFmK_93g0.roa (raw, json)
Hash identifier:          vuT+6rQ7famOlHaSpsSw6M5RqXS32vasve3V1cna4Jg=
Subject key identifier:   E3:66:F4:5B:FF:55:70:AC:90:79:72:DF:72:27:C5:98:AF:FD:DE:0D
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0E09
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/42b0W_9VcKyQeXLfcifFmK_93g0.roa
Signing time:             Wed 29 Sep 2021 02:39:53 +0000
ROA not before:           Wed 29 Sep 2021 02:39:53 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     7482
IP address blocks:        222.156.0.0/16 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3593 (0xe09)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 29 02:39:53 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=E366F45BFF5570AC907972DF7227C598AFFDDE0D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:15:55:b8:14:6f:77:c6:b7:d3:ee:c8:88:8a:
                    f7:92:75:c6:2f:1d:79:2f:d9:b3:87:7d:28:7e:a1:
                    d1:41:5c:d7:00:b5:dd:2b:f7:17:69:8b:c2:1f:9a:
                    3a:d3:31:5c:9f:c0:3b:b1:e4:c1:29:d6:bc:90:16:
                    95:45:45:1e:93:d8:ac:ea:50:11:6b:92:2f:96:7e:
                    f1:9d:d0:7e:d2:3e:01:86:55:90:41:2c:07:cc:df:
                    a9:8b:f6:f4:87:ba:f0:5b:06:24:d6:9c:28:09:ab:
                    a5:a1:3a:91:8d:69:23:f5:68:5b:e8:4a:ea:e1:0b:
                    cb:32:a2:62:23:6a:8c:34:8c:cc:e5:d2:d6:8d:b4:
                    64:5c:e1:20:f0:e0:b7:9f:e2:4c:c5:e6:09:70:28:
                    c1:4c:f4:a4:9b:65:c8:da:fd:49:9a:b2:7b:a7:a7:
                    5a:de:e9:81:fb:31:25:20:e7:1b:c4:36:aa:1b:72:
                    f6:98:63:b5:27:4f:17:22:f3:2b:e3:87:1e:17:79:
                    2c:2f:0a:2f:60:d1:90:a3:94:e6:cd:f8:ce:bf:8c:
                    5e:be:a1:5b:7e:90:9f:5d:78:89:d9:9b:59:c1:23:
                    58:b4:cb:2e:df:05:17:1d:10:45:7d:df:9d:ed:bc:
                    c3:08:dc:ad:61:38:fb:5d:91:23:af:96:d0:2d:d9:
                    55:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:66:F4:5B:FF:55:70:AC:90:79:72:DF:72:27:C5:98:AF:FD:DE:0D
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/42b0W_9VcKyQeXLfcifFmK_93g0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  222.156.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         85:b2:a5:58:5c:e3:60:60:68:82:d2:30:b8:05:20:bc:e4:be:
         95:18:41:fd:67:cd:60:37:59:5b:5a:22:f5:ec:d4:5d:17:fb:
         aa:c8:fb:76:71:c2:47:2e:31:b9:60:c0:9c:8f:dd:d2:13:0c:
         92:3d:c0:71:8b:95:ea:55:37:14:78:a8:ca:84:b7:53:62:c1:
         2e:27:72:ca:d3:f1:b9:8e:f3:c2:6e:9d:ca:0b:cd:17:6f:81:
         9f:82:6e:3b:ec:4d:8a:fc:15:d8:5c:e1:d2:44:90:21:0d:0e:
         85:b1:c8:3e:c1:74:ec:6a:2f:5a:18:d3:0d:43:a1:83:65:3a:
         a9:f3:e8:48:0c:e8:27:4c:09:ab:54:19:84:1f:55:96:5d:e5:
         8a:ae:c7:6a:66:ff:9b:03:9a:0a:d2:d9:6c:80:f6:38:80:d4:
         54:6f:a0:9c:a6:8d:0d:f7:75:e6:f3:da:b0:43:c7:59:a6:a0:
         a0:62:65:c7:44:90:4d:92:24:cb:50:6e:e8:11:7f:05:cb:72:
         13:10:b6:2a:5d:39:b6:26:4c:85:2a:b7:5c:85:29:ea:43:9b:
         13:83:91:d5:60:b8:7a:6f:3c:9d:bf:fc:4f:7d:81:74:ca:3b:
         d2:ca:32:1f:4e:f1:be:c8:e6:6e:bc:32:c9:0b:b1:cf:f2:2a:
         eb:46:7c:f2
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICDgkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5NTNaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEUzNjZGNDVCRkY1NTcw
QUM5MDc5NzJERjcyMjdDNTk4QUZGRERFMEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuFVW4FG93xrfT7siIiveSdcYvHXkv2bOHfSh+odFBXNcAtd0r
9xdpi8IfmjrTMVyfwDux5MEp1ryQFpVFRR6T2KzqUBFrki+WfvGd0H7SPgGGVZBB
LAfM36mL9vSHuvBbBiTWnCgJq6WhOpGNaSP1aFvoSurhC8syomIjaow0jMzl0taN
tGRc4SDw4Lef4kzF5glwKMFM9KSbZcja/Umasnunp1re6YH7MSUg5xvENqobcvaY
Y7UnTxci8yvjhx4XeSwvCi9g0ZCjlObN+M6/jF6+oVt+kJ9deInZm1nBI1i0yy7f
BRcdEEV9353tvMMI3K1hOPtdkSOvltAt2VWXAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQU42b0W/9VcKyQeXLfcifFmK/93g0wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvNDJiMFdfOVZjS3lRZVhMZmNpZkZt
S185M2cwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAN6cMA0G
CSqGSIb3DQEBCwUAA4IBAQCFsqVYXONgYGiC0jC4BSC85L6VGEH9Z81gN1lbWiL1
7NRdF/uqyPt2ccJHLjG5YMCcj93SEwySPcBxi5XqVTcUeKjKhLdTYsEuJ3LK0/G5
jvPCbp3KC80Xb4Gfgm477E2K/BXYXOHSRJAhDQ6Fscg+wXTsai9aGNMNQ6GDZTqp
8+hIDOgnTAmrVBmEH1WWXeWKrsdqZv+bA5oK0tlsgPY4gNRUb6Ccpo0N93Xm89qw
Q8dZpqCgYmXHRJBNkiTLUG7oEX8Fy3ITELYqXTm2JkyFKrdchSnqQ5sTg5HVYLh6
bzydv/xPfYF0yjvSyjIfTvG+yOZuvDLJC7HP8irrRnzy
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org