Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/BsPFW9KecLUWj83zx0dvdNzrbUU.roa
File:                     BsPFW9KecLUWj83zx0dvdNzrbUU.roa (raw, json)
Hash identifier:          tuBzpRZn5KcBEcOL+Ft2nuw7ZzzVbIiYuGeBbDIVq/U=
Subject key identifier:   06:C3:C5:5B:D2:9E:70:B5:16:8F:CD:F3:C7:47:6F:74:DC:EB:6D:45
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0B89
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/BsPFW9KecLUWj83zx0dvdNzrbUU.roa
Signing time:             Sun 07 Feb 2021 11:33:08 +0000
ROA not before:           Sun 07 Feb 2021 11:33:08 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     7482
IP address blocks:        60.244.0.0/17 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2953 (0xb89)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Feb  7 11:33:08 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=06C3C55BD29E70B5168FCDF3C7476F74DCEB6D45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:c1:56:45:5f:78:8f:2f:ef:eb:f5:15:5d:d2:
                    7b:40:47:cf:64:07:b5:70:ab:e9:3f:53:25:6f:4f:
                    75:2a:b6:87:97:48:3a:9d:78:d1:2f:26:58:cc:88:
                    d6:d9:fe:a8:24:cf:bc:82:0a:76:d1:79:88:3e:11:
                    27:54:64:4e:be:2e:69:4a:2d:48:5c:a1:0b:7b:ea:
                    f4:b3:6e:7c:48:ad:4d:8f:da:a8:0c:56:2a:67:14:
                    8a:84:c8:2a:e2:d1:60:93:7a:f8:f9:9c:a7:0c:f5:
                    8b:06:4f:66:aa:1f:60:1e:95:8b:ef:e5:11:91:cf:
                    8a:be:1a:3d:91:1b:69:c1:f5:db:0d:88:37:dd:46:
                    0e:a8:5e:0a:4c:00:01:57:dc:a9:75:1a:e4:4f:c7:
                    fc:c9:f0:d4:98:2e:02:8f:c5:5b:69:c3:81:06:bd:
                    5c:0a:4e:1b:43:48:de:7a:33:97:51:8a:ff:51:70:
                    70:44:3d:f9:89:5d:93:67:2e:7a:dd:6e:29:10:54:
                    48:b8:3b:1b:79:10:59:94:74:73:ef:f6:85:3f:2d:
                    10:d6:dd:c9:c2:51:42:f4:99:bd:ba:e6:02:97:c1:
                    6d:9b:fe:f0:ea:d1:a0:c1:b3:40:46:4c:7d:8e:03:
                    a4:27:4d:94:98:37:93:42:05:5e:aa:df:41:37:6f:
                    2f:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:C3:C5:5B:D2:9E:70:B5:16:8F:CD:F3:C7:47:6F:74:DC:EB:6D:45
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/BsPFW9KecLUWj83zx0dvdNzrbUU.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  60.244.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         a4:dd:25:55:03:7a:d2:d3:6d:d5:bc:67:b6:fc:ff:7e:61:bc:
         d7:df:cc:41:48:c8:e5:7e:ab:5a:10:92:77:75:4e:ed:48:72:
         ab:6e:5f:d1:38:a6:7c:4d:30:29:a5:87:63:65:40:ed:9d:3a:
         c3:c8:32:9d:00:93:34:53:66:97:24:83:32:50:3a:14:b6:64:
         6d:5c:82:74:cd:29:ff:f5:51:1b:75:5d:49:d2:a8:ae:a1:6f:
         99:d6:87:d5:4b:2a:77:81:58:02:55:90:dd:98:b4:b7:ea:2e:
         85:de:f2:ca:8b:8f:74:04:e1:da:57:ee:ac:c0:fc:48:60:56:
         f1:bf:c2:8b:00:13:ef:35:6a:63:93:78:e7:6c:18:fe:15:bf:
         a0:dd:3f:ad:9a:02:4f:bb:2f:dc:ff:eb:8a:a4:e1:d9:a7:86:
         07:82:1f:c6:5b:e9:11:b1:4c:cf:e9:a8:1b:98:50:27:51:36:
         dd:93:b8:65:ae:04:e2:91:bb:47:c6:2a:90:9a:c6:7d:bb:7c:
         1c:2d:35:5f:df:12:a6:b6:b1:c4:14:ee:b2:3d:3e:36:c8:f2:
         4f:a5:01:c7:aa:cf:f8:d7:42:07:74:5d:eb:a9:e6:fd:a5:58:
         3c:e0:90:35:1c:a2:c3:1b:fc:0b:7d:bf:17:62:50:b1:57:1b:
         34:92:9a:bb
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC4kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAyMDcx
MTMzMDhaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDA2QzNDNTVCRDI5RTcw
QjUxNjhGQ0RGM0M3NDc2Rjc0RENFQjZENDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1wVZFX3iPL+/r9RVd0ntAR89kB7Vwq+k/UyVvT3UqtoeXSDqd
eNEvJljMiNbZ/qgkz7yCCnbReYg+ESdUZE6+LmlKLUhcoQt76vSzbnxIrU2P2qgM
VipnFIqEyCri0WCTevj5nKcM9YsGT2aqH2AelYvv5RGRz4q+Gj2RG2nB9dsNiDfd
Rg6oXgpMAAFX3Kl1GuRPx/zJ8NSYLgKPxVtpw4EGvVwKThtDSN56M5dRiv9RcHBE
PfmJXZNnLnrdbikQVEi4Oxt5EFmUdHPv9oU/LRDW3cnCUUL0mb265gKXwW2b/vDq
0aDBs0BGTH2OA6QnTZSYN5NCBV6q30E3by9vAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUBsPFW9KecLUWj83zx0dvdNzrbUUwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvQnNQRlc5S2VjTFVXajgzengwZHZk
TnpyYlVVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBzz0ADAN
BgkqhkiG9w0BAQsFAAOCAQEApN0lVQN60tNt1bxntvz/fmG819/MQUjI5X6rWhCS
d3VO7Uhyq25f0TimfE0wKaWHY2VA7Z06w8gynQCTNFNmlySDMlA6FLZkbVyCdM0p
//VRG3VdSdKorqFvmdaH1Usqd4FYAlWQ3Zi0t+ouhd7yyouPdATh2lfurMD8SGBW
8b/CiwAT7zVqY5N452wY/hW/oN0/rZoCT7sv3P/riqTh2aeGB4IfxlvpEbFMz+mo
G5hQJ1E23ZO4Za4E4pG7R8YqkJrGfbt8HC01X98SpraxxBTusj0+NsjyT6UBx6rP
+NdCB3Rd66nm/aVYPOCQNRyiwxv8C32/F2JQsVcbNJKauw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org