Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/49wevQy3LTpG_TnAUlynzuvBwSw.roa
File:                     49wevQy3LTpG_TnAUlynzuvBwSw.roa (raw, json)
Hash identifier:          F63JxvnKe8rB/Y0YrYZpBI30vUcqx4Z7SHMQR7qGVGQ=
Subject key identifier:   E3:DC:1E:BD:0C:B7:2D:3A:46:FD:39:C0:52:5C:A7:CE:EB:C1:C1:2C
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0F63
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/49wevQy3LTpG_TnAUlynzuvBwSw.roa
Signing time:             Thu 15 Sep 2022 02:40:25 +0000
ROA not before:           Thu 15 Sep 2022 02:40:25 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     7482
IP address blocks:        210.201.192.0/18 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3939 (0xf63)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 15 02:40:25 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=E3DC1EBD0CB72D3A46FD39C0525CA7CEEBC1C12C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:7d:c7:69:4a:41:34:c7:dd:a3:d3:1a:f7:95:
                    dc:73:f4:71:31:1d:70:fb:3f:9a:90:5f:40:83:22:
                    a9:af:8e:60:c1:24:6e:0d:6c:b4:0e:bd:1d:e8:de:
                    23:41:ad:e1:7b:35:a2:8b:cd:84:f9:f8:d4:b0:d6:
                    3c:61:34:b9:38:a6:da:e3:19:0b:9e:de:86:97:2c:
                    eb:c3:36:e1:14:c1:2a:bc:f2:63:8c:89:7f:db:23:
                    c0:56:a5:38:8d:2e:cf:27:23:a4:ae:96:1e:04:91:
                    18:8f:76:b8:dd:03:9d:9f:fe:89:9e:f7:8f:9a:ae:
                    92:ea:d1:e5:7a:f3:23:9f:97:71:94:a9:4b:22:d8:
                    da:d4:26:8c:24:14:fe:d8:0f:68:64:0b:14:bf:d2:
                    ba:f5:c6:d6:aa:fe:d5:c8:ca:56:f2:52:5e:ec:fb:
                    e5:86:6c:b5:80:7c:98:c2:0b:16:d1:4f:98:ea:26:
                    74:33:fe:41:45:0e:e5:7e:6f:2a:f0:03:ef:31:19:
                    d5:84:3e:00:2e:ad:3f:f8:0f:22:62:7a:0c:71:02:
                    60:f1:dd:80:5f:b0:63:06:f0:dd:0b:3c:9a:ee:7c:
                    de:9c:16:6b:7f:ff:78:d8:75:01:7d:cd:26:25:6a:
                    81:f7:5f:4a:4a:6d:eb:55:09:09:4f:58:c2:93:9c:
                    8d:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:DC:1E:BD:0C:B7:2D:3A:46:FD:39:C0:52:5C:A7:CE:EB:C1:C1:2C
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/49wevQy3LTpG_TnAUlynzuvBwSw.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.201.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         2a:41:58:ad:a9:44:3c:a6:a9:b4:bd:8d:73:61:45:7e:a7:dc:
         b2:f5:1c:44:a6:53:4b:b3:ab:38:94:4d:e5:bb:17:b0:97:0e:
         25:8a:f8:ad:03:8e:f8:e2:e0:dd:2c:ac:99:ba:84:cc:30:81:
         92:3a:26:1e:f2:f0:df:4d:bc:59:ab:60:a4:79:5e:63:97:b5:
         3e:08:36:40:74:53:7f:63:9a:5b:51:bd:67:4a:f7:c7:5d:54:
         c3:23:91:16:cf:33:a9:3e:49:89:96:b2:db:23:57:e1:bc:fe:
         a2:a9:c1:2b:8f:42:0c:e8:7b:b8:1c:d8:cc:ce:3e:ab:46:e4:
         a8:9d:d5:d7:f6:51:86:bc:ab:04:6a:df:91:9b:51:e5:ec:3d:
         d1:96:af:36:e8:ee:4f:54:ef:f8:3c:68:6b:8f:b6:7e:ab:38:
         1d:fe:ce:c2:da:a5:df:b1:59:a7:1f:05:0b:eb:dc:0c:e8:8a:
         fc:5c:ef:ab:12:33:94:13:ab:0d:bd:70:df:f5:11:c2:59:2f:
         ff:45:37:19:85:3f:85:dc:f2:8b:c9:b2:2f:b6:b4:e4:90:17:
         9f:d7:71:11:95:1f:ab:58:09:11:ff:b1:3f:47:0c:9e:ad:6e:
         1b:d0:08:cd:76:7c:67:ae:2e:4f:9a:64:94:15:58:f4:6c:e1:
         f3:db:2e:db
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICD2MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMjA5MTUw
MjQwMjVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEUzREMxRUJEMENCNzJE
M0E0NkZEMzlDMDUyNUNBN0NFRUJDMUMxMkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmfcdpSkE0x92j0xr3ldxz9HExHXD7P5qQX0CDIqmvjmDBJG4N
bLQOvR3o3iNBreF7NaKLzYT5+NSw1jxhNLk4ptrjGQue3oaXLOvDNuEUwSq88mOM
iX/bI8BWpTiNLs8nI6Sulh4EkRiPdrjdA52f/ome94+arpLq0eV68yOfl3GUqUsi
2NrUJowkFP7YD2hkCxS/0rr1xtaq/tXIylbyUl7s++WGbLWAfJjCCxbRT5jqJnQz
/kFFDuV+byrwA+8xGdWEPgAurT/4DyJiegxxAmDx3YBfsGMG8N0LPJrufN6cFmt/
/3jYdQF9zSYlaoH3X0pKbetVCQlPWMKTnI1TAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU49wevQy3LTpG/TnAUlynzuvBwSwwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvNDl3ZXZReTNMVHBHX1RuQVVseW56
dXZCd1N3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBtLJwDAN
BgkqhkiG9w0BAQsFAAOCAQEAKkFYralEPKaptL2Nc2FFfqfcsvUcRKZTS7OrOJRN
5bsXsJcOJYr4rQOO+OLg3SysmbqEzDCBkjomHvLw3028WatgpHleY5e1Pgg2QHRT
f2OaW1G9Z0r3x11UwyORFs8zqT5JiZay2yNX4bz+oqnBK49CDOh7uBzYzM4+q0bk
qJ3V1/ZRhryrBGrfkZtR5ew90ZavNujuT1Tv+Dxoa4+2fqs4Hf7Owtql37FZpx8F
C+vcDOiK/FzvqxIzlBOrDb1w3/URwlkv/0U3GYU/hdzyi8myL7a05JAXn9dxEZUf
q1gJEf+xP0cMnq1uG9AIzXZ8Z64uT5pklBVY9Gzh89su2w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:59:59 2024 by rpki-client on console-ams.rpki-client.org