Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/BhJxklRt1NvWz53rofDwRxu1-AM.roa
File:                     BhJxklRt1NvWz53rofDwRxu1-AM.roa (raw, json)
Hash identifier:          ENTHzhwf7ytxRnqxBgR9Q+v9fA+m9v5Wo3f8Lelfr0U=
Subject key identifier:   06:12:71:92:54:6D:D4:DB:D6:CF:9D:EB:A1:F0:F0:47:1B:B5:F8:03
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       10E9
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/BhJxklRt1NvWz53rofDwRxu1-AM.roa
Signing time:             Tue 16 May 2023 08:36:48 +0000
ROA not before:           Tue 16 May 2023 08:36:48 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     131142
IP address blocks:        222.251.0.0/18 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4329 (0x10e9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: May 16 08:36:48 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=06127192546DD4DBD6CF9DEBA1F0F0471BB5F803
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:d2:ca:cb:69:3a:b8:2d:67:cc:05:47:34:2f:
                    94:3f:75:e3:9a:c7:cd:ec:8d:d3:86:01:25:f7:f8:
                    fa:de:97:71:c8:4b:94:c0:d8:d9:23:af:d1:00:14:
                    5f:0b:8b:8c:1d:8b:4c:54:cd:b6:09:b1:64:19:03:
                    9b:83:ee:4f:fb:3e:ec:b5:03:00:6e:15:41:a8:30:
                    b1:4f:f4:8b:a8:40:1e:7a:fe:bd:80:b3:3c:9f:8c:
                    30:8b:4b:4e:ac:98:01:35:3b:63:3f:f3:7b:82:58:
                    86:1d:67:ad:a3:c9:46:7a:73:3c:8c:07:ca:35:5f:
                    8d:83:33:9a:7d:ed:5a:83:a6:41:2e:34:48:12:64:
                    e4:ef:f4:86:e1:37:7b:3e:85:65:ac:f7:4e:e5:9d:
                    59:7f:a0:0d:f7:6e:e4:1b:3c:73:30:a8:39:fa:c7:
                    ae:ad:63:c9:78:42:8c:7f:4b:24:38:b6:6f:91:19:
                    23:a6:0a:87:35:22:24:0b:51:2c:21:66:cc:0a:a4:
                    55:13:03:75:8d:e8:1a:a8:d6:fc:a9:f7:ca:41:c0:
                    b8:bd:23:50:21:e1:71:5c:fd:29:4d:7f:09:80:d0:
                    fe:c0:f7:e2:5c:16:58:83:dd:45:22:7f:fb:8d:7d:
                    6e:a7:e4:cc:9f:ac:05:e7:b2:c7:7e:e0:05:69:9d:
                    06:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:12:71:92:54:6D:D4:DB:D6:CF:9D:EB:A1:F0:F0:47:1B:B5:F8:03
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/BhJxklRt1NvWz53rofDwRxu1-AM.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  222.251.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         95:b8:8c:f6:84:59:cd:58:f3:5b:c5:1d:f7:6c:e6:ba:87:e1:
         4b:e7:1c:aa:76:ce:69:b1:5a:ce:e9:70:a8:29:7a:98:f1:9a:
         6e:c7:03:37:69:fd:b1:65:4f:f1:d6:3d:00:ef:bd:85:75:e9:
         59:c2:eb:58:fa:a4:9c:c8:4e:05:ec:b3:7f:45:02:d1:c3:11:
         5f:aa:c7:80:71:10:11:22:13:6b:39:d2:81:50:81:c9:f0:39:
         95:47:9a:61:47:2d:40:ce:70:95:a9:8c:8e:fe:55:bc:a4:99:
         41:1e:5d:a1:36:fc:27:87:c2:d6:9e:35:35:cb:2b:70:64:fa:
         40:71:57:d9:d9:f7:6a:19:47:b8:ee:00:f1:95:2d:43:22:b9:
         45:5c:69:f5:2a:af:33:66:0c:87:e0:15:3c:76:69:c7:16:d3:
         82:6e:bd:e8:e1:f2:a6:79:ef:30:d5:2e:54:c5:f3:8a:e3:c4:
         6f:1b:1f:31:fa:a7:21:e8:f8:ce:88:51:68:79:f7:e4:a4:dd:
         4a:08:e7:d1:7b:f0:14:9f:d3:14:7f:be:3e:88:a9:00:4c:e5:
         3a:25:13:e3:86:7c:87:9a:90:09:64:80:5f:c1:88:57:a7:a1:
         b3:5e:e2:64:10:92:85:99:45:15:d6:74:7d:4e:2c:9f:ec:6a:
         b6:db:3d:26
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEOkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2NDhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDA2MTI3MTkyNTQ2REQ0
REJENkNGOURFQkExRjBGMDQ3MUJCNUY4MDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCa0srLaTq4LWfMBUc0L5Q/deOax83sjdOGASX3+Prel3HIS5TA
2Nkjr9EAFF8Li4wdi0xUzbYJsWQZA5uD7k/7Puy1AwBuFUGoMLFP9IuoQB56/r2A
szyfjDCLS06smAE1O2M/83uCWIYdZ62jyUZ6czyMB8o1X42DM5p97VqDpkEuNEgS
ZOTv9IbhN3s+hWWs907lnVl/oA33buQbPHMwqDn6x66tY8l4Qox/SyQ4tm+RGSOm
Coc1IiQLUSwhZswKpFUTA3WN6Bqo1vyp98pBwLi9I1Ah4XFc/SlNfwmA0P7A9+Jc
FliD3UUif/uNfW6n5MyfrAXnssd+4AVpnQa/AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUBhJxklRt1NvWz53rofDwRxu1+AMwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvQmhKeGtsUnQxTnZXejUzcm9mRHdS
eHUxLUFNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBt77ADAN
BgkqhkiG9w0BAQsFAAOCAQEAlbiM9oRZzVjzW8Ud92zmuofhS+ccqnbOabFazulw
qCl6mPGabscDN2n9sWVP8dY9AO+9hXXpWcLrWPqknMhOBeyzf0UC0cMRX6rHgHEQ
ESITaznSgVCByfA5lUeaYUctQM5wlamMjv5VvKSZQR5doTb8J4fC1p41NcsrcGT6
QHFX2dn3ahlHuO4A8ZUtQyK5RVxp9SqvM2YMh+AVPHZpxxbTgm696OHypnnvMNUu
VMXziuPEbxsfMfqnIej4zohRaHn35KTdSgjn0XvwFJ/TFH++PoipAEzlOiUT44Z8
h5qQCWSAX8GIV6ehs17iZBCShZlFFdZ0fU4sn+xqtts9Jg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org