Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/6qzGveSVL_QvVw0rczlvy7vz1-o.roa
File:                     6qzGveSVL_QvVw0rczlvy7vz1-o.roa (raw, json)
Hash identifier:          qVxpxF9flYrJjKexwCoBYIP1I0lXNW6/WHLXzx2YUZg=
Subject key identifier:   EA:AC:C6:BD:E4:95:2F:F4:2F:57:0D:2B:73:39:6F:CB:BB:F3:D7:EA
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       12B6
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/6qzGveSVL_QvVw0rczlvy7vz1-o.roa
Signing time:             Fri 01 Sep 2023 08:04:54 +0000
ROA not before:           Fri 01 Sep 2023 08:04:54 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     24154
IP address blocks:        210.202.64.0/18 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4790 (0x12b6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep  1 08:04:54 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=EAACC6BDE4952FF42F570D2B73396FCBBBF3D7EA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:6c:11:82:d1:06:d1:2b:04:1d:9a:44:93:9f:
                    8a:0a:4b:9c:7b:e1:2b:89:48:3a:de:08:1b:ef:c3:
                    24:30:59:03:c9:bb:db:e5:24:d6:68:23:5e:b0:ea:
                    33:e9:f7:6d:ef:08:8b:1e:fe:d2:58:aa:9d:d2:03:
                    1d:0c:c7:0b:b1:33:c3:1a:c2:dd:01:28:0d:07:6a:
                    8f:ba:fa:03:c4:60:dd:7a:3c:f8:9d:d2:a8:b7:6d:
                    bc:34:32:77:d5:34:59:06:be:b8:d1:dd:b8:5b:ba:
                    97:3d:85:56:de:8c:7c:b1:2e:12:b6:1d:6a:0a:92:
                    d0:35:0c:da:9b:d8:44:19:da:32:97:d6:62:73:dc:
                    09:04:9c:7d:1a:bb:3e:5b:e7:8c:d1:14:81:80:c4:
                    b8:b4:ef:bb:28:af:3c:90:a8:71:b6:a1:68:5b:2a:
                    5f:26:9b:74:3e:05:18:96:73:31:d7:e6:a6:05:cb:
                    ac:3b:4b:85:0d:80:39:6d:b2:3b:8e:54:de:1c:e4:
                    db:72:86:49:42:d1:b6:23:7b:d5:dc:de:eb:b5:10:
                    bd:2b:49:fd:46:ad:6d:b2:05:59:ea:4e:24:06:22:
                    9e:0c:bd:f1:d6:93:1d:40:a3:12:28:b9:36:be:98:
                    68:66:de:98:a5:d5:0e:bc:05:65:65:57:26:70:f8:
                    f6:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:AC:C6:BD:E4:95:2F:F4:2F:57:0D:2B:73:39:6F:CB:BB:F3:D7:EA
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/6qzGveSVL_QvVw0rczlvy7vz1-o.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.202.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         b2:a1:fd:46:e1:c7:e0:1a:04:e3:45:f4:da:0b:8f:e7:d5:ff:
         1d:0a:51:52:c6:26:b7:b5:3a:a7:e6:19:8a:a7:02:04:0d:b1:
         8c:79:fe:84:ef:7c:e8:58:00:09:4a:c3:b4:3a:49:f5:cc:37:
         d9:e8:0e:f5:d0:1a:56:6e:b3:1e:79:3f:a7:e9:b7:00:fd:0a:
         c8:57:91:8f:ea:95:f9:66:4d:6e:8d:ac:f3:e0:ab:eb:0c:de:
         9f:64:55:34:51:75:bb:1c:ed:f3:60:8f:06:05:15:65:92:31:
         d8:5a:86:cf:74:49:66:6c:53:b9:00:76:a1:c5:42:72:92:3f:
         16:8a:45:5a:2c:00:50:ed:92:01:38:17:5b:09:22:55:c1:ff:
         f5:1d:45:b5:67:37:d4:67:23:72:45:f6:e6:bd:f4:52:78:6f:
         41:06:8e:23:73:c8:89:74:ee:43:7c:d1:38:ad:89:49:13:7a:
         c4:48:00:3e:64:bb:97:82:88:89:93:25:68:b1:4d:fd:ba:98:
         34:10:45:b3:31:e4:8f:ff:2f:f6:10:f2:8c:97:37:7a:16:25:
         14:05:79:d6:75:5a:92:5a:73:c9:b8:c2:f6:ca:17:6d:d0:10:
         73:fe:0b:5f:a4:d6:87:4a:fd:d6:38:82:45:9f:12:aa:2d:d3:
         2f:cf:9e:73
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICErYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0NTRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEVBQUNDNkJERTQ5NTJG
RjQyRjU3MEQyQjczMzk2RkNCQkJGM0Q3RUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgbBGC0QbRKwQdmkSTn4oKS5x74SuJSDreCBvvwyQwWQPJu9vl
JNZoI16w6jPp923vCIse/tJYqp3SAx0MxwuxM8Mawt0BKA0Hao+6+gPEYN16PPid
0qi3bbw0MnfVNFkGvrjR3bhbupc9hVbejHyxLhK2HWoKktA1DNqb2EQZ2jKX1mJz
3AkEnH0auz5b54zRFIGAxLi077sorzyQqHG2oWhbKl8mm3Q+BRiWczHX5qYFy6w7
S4UNgDltsjuOVN4c5NtyhklC0bYje9Xc3uu1EL0rSf1GrW2yBVnqTiQGIp4MvfHW
kx1AoxIouTa+mGhm3pil1Q68BWVlVyZw+PYpAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU6qzGveSVL/QvVw0rczlvy7vz1+owHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvNnF6R3ZlU1ZMX1F2VncwcmN6bHZ5
N3Z6MS1vLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBtLKQDAN
BgkqhkiG9w0BAQsFAAOCAQEAsqH9RuHH4BoE40X02guP59X/HQpRUsYmt7U6p+YZ
iqcCBA2xjHn+hO986FgACUrDtDpJ9cw32egO9dAaVm6zHnk/p+m3AP0KyFeRj+qV
+WZNbo2s8+Cr6wzen2RVNFF1uxzt82CPBgUVZZIx2FqGz3RJZmxTuQB2ocVCcpI/
FopFWiwAUO2SATgXWwkiVcH/9R1FtWc31GcjckX25r30UnhvQQaOI3PIiXTuQ3zR
OK2JSRN6xEgAPmS7l4KIiZMlaLFN/bqYNBBFszHkj/8v9hDyjJc3ehYlFAV51nVa
klpzybjC9soXbdAQc/4LX6TWh0r91jiCRZ8Sqi3TL8+ecw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org