Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/5w91yr2uXzXHgFPHugH8za9eNV4.roa
File:                     5w91yr2uXzXHgFPHugH8za9eNV4.roa (raw, json)
Hash identifier:          lXu2T81TU++v/SgMYueHHLVFyPwbAX1G1LwPgPE4B4U=
Subject key identifier:   E7:0F:75:CA:BD:AE:5F:35:C7:80:53:C7:BA:01:FC:CD:AF:5E:35:5E
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0985
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/5w91yr2uXzXHgFPHugH8za9eNV4.roa
Signing time:             Tue 29 Sep 2020 10:01:56 +0000
ROA not before:           Tue 29 Sep 2020 10:01:56 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     17709
IP address blocks:        223.22.0.0/16 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2437 (0x985)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 29 10:01:56 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=E70F75CABDAE5F35C78053C7BA01FCCDAF5E355E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:20:a7:3d:9e:2e:dc:2e:c8:26:26:0f:71:29:
                    07:10:f7:99:4d:d6:eb:3a:28:66:d6:ce:ac:a1:f7:
                    b4:ac:c8:96:55:7d:65:eb:3e:73:37:f4:df:f7:ea:
                    46:f1:92:5d:18:aa:35:0e:a5:d6:94:5f:7f:be:f1:
                    40:19:cd:2e:66:e1:ab:17:cc:2a:ab:8d:ad:ca:c7:
                    2d:62:4e:63:3b:9e:45:db:78:ee:6c:af:84:2b:0a:
                    db:87:d2:5f:4c:2e:d0:12:d0:1f:35:96:54:05:e5:
                    89:99:2c:35:7a:4d:46:ac:89:ff:4d:f5:c0:11:d9:
                    b5:a0:39:64:76:cb:d6:39:7f:49:6a:06:db:48:7f:
                    8c:6b:fd:e2:07:79:9f:86:38:ae:bc:52:6b:30:39:
                    6f:91:4f:65:b9:01:91:60:d5:ee:07:2f:4a:dc:df:
                    57:f5:1b:7a:e8:9a:a6:28:fc:d0:06:7a:6e:38:9f:
                    3b:9e:cf:40:2d:46:01:99:7e:3c:aa:50:bc:a7:47:
                    97:18:f0:19:be:ec:a2:25:d2:05:53:20:d2:38:46:
                    00:2f:8b:ab:6e:d4:e6:39:b7:e0:8c:45:9a:6d:39:
                    a2:46:ac:f3:33:c4:17:9a:a1:01:6d:5e:84:dd:5c:
                    4c:d2:2e:bd:4e:6c:55:8b:05:0b:06:4c:53:b0:c0:
                    58:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:0F:75:CA:BD:AE:5F:35:C7:80:53:C7:BA:01:FC:CD:AF:5E:35:5E
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/5w91yr2uXzXHgFPHugH8za9eNV4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  223.22.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         4e:d1:27:39:09:f9:34:33:79:3c:69:00:7a:51:d6:31:38:77:
         05:13:d0:70:6f:88:a6:24:fe:9c:18:55:26:90:21:b1:98:cc:
         15:c1:f7:da:87:2f:c5:f7:d5:dd:ea:35:66:0b:e3:3f:84:8e:
         d3:50:7c:4e:74:97:93:dc:f1:83:9c:41:1b:ac:c7:be:69:c7:
         14:af:f3:8c:aa:8a:78:71:3b:13:da:3a:1e:4e:a9:fe:13:6a:
         6d:6a:c1:a4:cd:dd:d6:93:b6:09:88:e8:c1:f2:77:ad:12:4f:
         1c:2f:05:1e:1a:51:9e:28:da:38:08:d8:e1:45:ce:fd:4c:78:
         25:19:30:9f:f2:4f:c9:bd:e3:8f:c4:f3:56:64:02:e4:ff:f2:
         76:63:1d:4c:d5:3b:5a:5b:87:98:87:8c:f3:4e:d4:85:eb:43:
         be:38:13:e3:b6:3e:5f:6a:47:85:d4:7b:51:70:c7:38:0e:36:
         72:43:fb:e2:59:52:1d:71:f9:0b:36:ef:80:9e:99:9f:f0:ab:
         a1:a4:40:a7:9d:19:86:ec:ef:23:f9:65:b0:32:ae:18:dd:0c:
         19:e3:b5:28:7b:ae:f1:20:53:69:37:77:c6:52:87:90:73:ca:
         e4:7b:a3:22:e2:7e:10:94:df:7a:ec:55:6f:ee:0f:52:4d:89:
         e7:c8:02:5a
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICCYUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMDA5Mjkx
MDAxNTZaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEU3MEY3NUNBQkRBRTVG
MzVDNzgwNTNDN0JBMDFGQ0NEQUY1RTM1NUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6IKc9ni7cLsgmJg9xKQcQ95lN1us6KGbWzqyh97SsyJZVfWXr
PnM39N/36kbxkl0YqjUOpdaUX3++8UAZzS5m4asXzCqrja3Kxy1iTmM7nkXbeO5s
r4QrCtuH0l9MLtAS0B81llQF5YmZLDV6TUasif9N9cAR2bWgOWR2y9Y5f0lqBttI
f4xr/eIHeZ+GOK68UmswOW+RT2W5AZFg1e4HL0rc31f1G3romqYo/NAGem44nzue
z0AtRgGZfjyqULynR5cY8Bm+7KIl0gVTINI4RgAvi6tu1OY5t+CMRZptOaJGrPMz
xBeaoQFtXoTdXEzSLr1ObFWLBQsGTFOwwFgjAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQU5w91yr2uXzXHgFPHugH8za9eNV4wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvNXc5MXlyMnVYelhIZ0ZQSHVnSDh6
YTllTlY0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAN8WMA0G
CSqGSIb3DQEBCwUAA4IBAQBO0Sc5Cfk0M3k8aQB6UdYxOHcFE9Bwb4imJP6cGFUm
kCGxmMwVwffahy/F99Xd6jVmC+M/hI7TUHxOdJeT3PGDnEEbrMe+accUr/OMqop4
cTsT2joeTqn+E2ptasGkzd3Wk7YJiOjB8netEk8cLwUeGlGeKNo4CNjhRc79THgl
GTCf8k/JveOPxPNWZALk//J2Yx1M1TtaW4eYh4zzTtSF60O+OBPjtj5fakeF1HtR
cMc4DjZyQ/viWVIdcfkLNu+Anpmf8KuhpECnnRmG7O8j+WWwMq4Y3QwZ47Uoe67x
IFNpN3fGUoeQc8rke6Mi4n4QlN967FVv7g9STYnnyAJa
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org