Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/8MkTqk8ZXshZOP8OPHCkXgCJqeE.roa
File:                     8MkTqk8ZXshZOP8OPHCkXgCJqeE.roa (raw, json)
Hash identifier:          Qh+DDdyZur/HR1lp7lEXjGG5sJnCOvYq6mZozPucUyE=
Subject key identifier:   F0:C9:13:AA:4F:19:5E:C8:59:38:FF:0E:3C:70:A4:5E:00:89:A9:E1
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0F63
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/8MkTqk8ZXshZOP8OPHCkXgCJqeE.roa
Signing time:             Thu 15 Sep 2022 02:39:52 +0000
ROA not before:           Thu 15 Sep 2022 02:39:52 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     17709
IP address blocks:        210.201.0.0/16 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3939 (0xf63)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 15 02:39:52 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=F0C913AA4F195EC85938FF0E3C70A45E0089A9E1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:fd:a5:54:17:5a:d2:3b:a2:81:86:cc:75:9e:
                    c1:03:2b:b0:ae:fa:c6:cc:c4:51:75:e5:16:97:8b:
                    d0:71:11:cf:64:b2:a8:5b:cc:c6:32:a9:67:25:79:
                    f3:ae:34:8a:3b:b5:f9:e3:6a:a0:cd:6c:dc:35:42:
                    7c:09:73:a5:7c:2c:87:f5:01:32:20:26:1f:4c:d1:
                    8e:0c:5b:5e:df:61:5f:00:64:81:1e:1c:c7:83:39:
                    fe:2c:81:8f:53:7f:1f:d7:ee:f7:79:20:6d:59:ef:
                    d6:ca:e1:da:2b:0a:1a:08:2e:56:30:f5:fe:1a:e8:
                    3d:7f:76:af:49:4e:c6:7a:f1:51:8d:74:4b:6b:99:
                    42:08:80:3c:5b:9d:6f:20:43:cd:cb:81:ce:2c:93:
                    ac:13:d9:0c:e3:08:08:38:d0:be:e5:90:35:63:7f:
                    e7:6e:10:2a:eb:b0:aa:ee:a4:83:e5:e0:d0:8c:88:
                    41:8d:06:29:e9:ee:c2:5f:48:8e:6a:fa:d1:3a:c5:
                    24:1e:c0:84:68:2b:4a:6f:d2:49:14:12:54:26:0a:
                    fe:3c:9d:55:21:d3:31:4c:24:a9:03:49:a5:fd:b4:
                    72:c7:1c:06:18:5e:d9:3e:ce:de:28:8c:3f:b3:72:
                    01:eb:68:99:28:5f:a5:ea:9e:08:de:64:ea:b8:9c:
                    99:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:C9:13:AA:4F:19:5E:C8:59:38:FF:0E:3C:70:A4:5E:00:89:A9:E1
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/8MkTqk8ZXshZOP8OPHCkXgCJqeE.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.201.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         36:72:d8:bf:e3:09:fc:6b:53:ff:a9:fe:1b:fe:59:5b:7f:80:
         dd:77:d3:dd:ca:5c:d3:58:4b:3a:47:d6:3e:49:c8:ee:36:e3:
         a3:7d:bb:73:c4:b8:6d:f6:56:6a:ab:db:91:85:23:12:24:95:
         95:41:b0:2c:1a:4c:74:64:d2:06:08:dd:83:98:37:86:92:b4:
         30:29:30:bc:b1:51:7b:23:5d:9c:f5:a6:06:22:47:0d:2f:e3:
         25:de:36:ca:8d:1f:f2:a3:b8:db:4d:90:fa:d7:6b:ed:ba:c3:
         5e:75:00:24:90:1d:ab:c2:60:44:dc:a3:6c:6d:24:41:84:09:
         23:00:dd:64:48:c3:9b:bf:0e:98:8b:ae:e5:ef:65:4d:91:fe:
         9b:60:bc:ce:14:e2:44:fb:2f:fa:19:1a:cf:ae:1c:0f:df:9b:
         2b:c9:e2:55:da:61:e9:49:ec:e7:71:07:af:ec:fe:3f:8b:bd:
         ee:25:93:cb:a2:ba:eb:1f:e4:9f:fe:9c:4d:fd:7f:ad:b5:00:
         9d:eb:ab:0b:e3:22:dd:f5:73:34:fe:51:5e:17:f9:72:a6:4b:
         f0:44:ae:3e:03:c8:37:96:fa:14:ca:47:4b:95:49:53:82:dc:
         c6:27:ee:c8:36:59:cc:3b:2b:d0:0e:5e:7c:29:1e:2b:d2:a3:
         c6:23:16:3d
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICD2MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMjA5MTUw
MjM5NTJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEYwQzkxM0FBNEYxOTVF
Qzg1OTM4RkYwRTNDNzBBNDVFMDA4OUE5RTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCf/aVUF1rSO6KBhsx1nsEDK7Cu+sbMxFF15RaXi9BxEc9ksqhb
zMYyqWclefOuNIo7tfnjaqDNbNw1QnwJc6V8LIf1ATIgJh9M0Y4MW17fYV8AZIEe
HMeDOf4sgY9Tfx/X7vd5IG1Z79bK4dorChoILlYw9f4a6D1/dq9JTsZ68VGNdEtr
mUIIgDxbnW8gQ83Lgc4sk6wT2QzjCAg40L7lkDVjf+duECrrsKrupIPl4NCMiEGN
Binp7sJfSI5q+tE6xSQewIRoK0pv0kkUElQmCv48nVUh0zFMJKkDSaX9tHLHHAYY
Xtk+zt4ojD+zcgHraJkoX6XqngjeZOq4nJlHAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQU8MkTqk8ZXshZOP8OPHCkXgCJqeEwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvOE1rVHFrOFpYc2haT1A4T1BIQ2tY
Z0NKcWVFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANLJMA0G
CSqGSIb3DQEBCwUAA4IBAQA2cti/4wn8a1P/qf4b/llbf4Ddd9PdylzTWEs6R9Y+
ScjuNuOjfbtzxLht9lZqq9uRhSMSJJWVQbAsGkx0ZNIGCN2DmDeGkrQwKTC8sVF7
I12c9aYGIkcNL+Ml3jbKjR/yo7jbTZD612vtusNedQAkkB2rwmBE3KNsbSRBhAkj
AN1kSMObvw6Yi67l72VNkf6bYLzOFOJE+y/6GRrPrhwP35sryeJV2mHpSezncQev
7P4/i73uJZPLorrrH+Sf/pxN/X+ttQCd66sL4yLd9XM0/lFeF/lypkvwRK4+A8g3
lvoUykdLlUlTgtzGJ+7INlnMOyvQDl58KR4r0qPGIxY9
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org