Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/CwKQXQ7NAbT-2LZkXbS04c3BPdA.roa
File:                     CwKQXQ7NAbT-2LZkXbS04c3BPdA.roa (raw, json)
Hash identifier:          rRzTvHNVZYbnSqAXNLpIaOBkDH42qRRa6rGWzX10OJU=
Subject key identifier:   0B:02:90:5D:0E:CD:01:B4:FE:D8:B6:64:5D:B4:B4:E1:CD:C1:3D:D0
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       08EA
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/CwKQXQ7NAbT-2LZkXbS04c3BPdA.roa
Signing time:             Tue 29 Sep 2020 10:01:14 +0000
ROA not before:           Tue 29 Sep 2020 10:01:14 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     17709
IP address blocks:        218.35.0.0/16 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2282 (0x8ea)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 29 10:01:14 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=0B02905D0ECD01B4FED8B6645DB4B4E1CDC13DD0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:d8:56:82:b6:49:c7:98:22:ff:b9:77:90:7d:
                    23:5b:14:93:fc:91:e1:43:35:5b:95:c9:82:9b:c8:
                    92:21:fd:43:9b:74:46:67:92:be:e4:78:93:7c:10:
                    34:43:65:f3:71:39:0d:41:92:0a:2c:4c:4b:e8:99:
                    3e:9a:9e:a0:23:c1:61:06:35:d9:93:b6:46:b5:42:
                    f8:bb:37:aa:81:e1:b4:89:d2:e1:bc:7a:fa:93:9f:
                    62:aa:1e:63:db:4b:40:ce:62:b0:e2:39:5e:c5:35:
                    c3:c4:12:4f:f4:7c:87:84:a6:8e:ef:4f:8e:aa:02:
                    4e:69:ea:d6:40:7f:54:2e:b1:66:0b:9c:75:fa:f1:
                    6c:df:63:33:ed:12:40:98:c6:fa:13:9b:16:76:05:
                    6f:90:67:f6:49:ac:c5:3a:9e:2b:1b:15:69:c5:44:
                    73:fe:3e:15:b8:e8:89:18:18:e6:7d:5a:8b:50:37:
                    ca:e1:96:f2:c3:5b:17:c5:d7:40:d2:34:f6:2b:af:
                    5d:f0:71:44:02:10:59:ea:d3:0d:c9:1f:f3:95:c3:
                    30:e7:a9:89:e1:1b:55:46:39:f2:25:2a:71:78:8a:
                    44:30:2b:ca:a0:a1:60:3a:0f:20:18:92:11:4b:92:
                    cf:7d:e6:86:83:62:c6:de:b3:d0:0a:3b:ff:9f:85:
                    f9:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:02:90:5D:0E:CD:01:B4:FE:D8:B6:64:5D:B4:B4:E1:CD:C1:3D:D0
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/CwKQXQ7NAbT-2LZkXbS04c3BPdA.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  218.35.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         b5:70:3f:d9:32:cc:a9:a0:30:3c:d4:e8:ad:8d:4c:35:31:30:
         aa:00:8d:0d:fd:46:7f:eb:32:5a:e2:b8:c8:50:35:8f:da:75:
         53:7a:a1:72:c6:06:0b:d3:cf:e0:9d:00:3a:3a:86:98:22:14:
         9d:97:cc:8d:77:31:e3:23:33:1a:c6:4b:12:4c:81:ba:ed:d8:
         32:aa:e8:0e:61:30:aa:bd:29:00:27:48:12:77:96:a0:5d:e4:
         c3:e9:f8:f7:83:81:b1:cd:e1:ae:5d:4f:ed:cc:dc:ff:5e:cf:
         75:d8:3f:f1:42:3d:a3:89:16:c9:e0:85:7f:a4:46:ce:38:bf:
         4f:c8:4f:97:89:dc:8b:dc:a2:44:a5:b4:52:c0:1b:72:86:c2:
         1e:e0:73:9d:a7:e6:ad:81:49:ee:bb:2d:0e:53:e9:4d:c4:65:
         ba:9b:7b:d7:04:1b:76:51:67:bb:13:bd:37:6f:a2:98:e1:75:
         6b:c4:b3:85:59:23:7a:c0:6b:d4:93:8d:70:e0:48:2a:2f:09:
         78:49:78:21:24:c3:28:cf:ae:ad:dc:de:cd:6e:aa:eb:a3:04:
         47:c8:dd:f3:4c:4a:a7:fc:9b:e5:53:ea:11:a2:a7:30:d8:6f:
         2b:63:2f:b6:ee:ee:e5:67:d0:3a:95:cd:3d:81:6a:e9:c4:76:
         6d:78:a3:62
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICCOowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMDA5Mjkx
MDAxMTRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDBCMDI5MDVEMEVDRDAx
QjRGRUQ4QjY2NDVEQjRCNEUxQ0RDMTNERDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/2FaCtknHmCL/uXeQfSNbFJP8keFDNVuVyYKbyJIh/UObdEZn
kr7keJN8EDRDZfNxOQ1BkgosTEvomT6anqAjwWEGNdmTtka1Qvi7N6qB4bSJ0uG8
evqTn2KqHmPbS0DOYrDiOV7FNcPEEk/0fIeEpo7vT46qAk5p6tZAf1QusWYLnHX6
8WzfYzPtEkCYxvoTmxZ2BW+QZ/ZJrMU6nisbFWnFRHP+PhW46IkYGOZ9WotQN8rh
lvLDWxfF10DSNPYrr13wcUQCEFnq0w3JH/OVwzDnqYnhG1VGOfIlKnF4ikQwK8qg
oWA6DyAYkhFLks995oaDYsbes9AKO/+fhfl9AgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUCwKQXQ7NAbT+2LZkXbS04c3BPdAwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvQ3dLUVhRN05BYlQtMkxaa1hiUzA0
YzNCUGRBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANojMA0G
CSqGSIb3DQEBCwUAA4IBAQC1cD/ZMsypoDA81OitjUw1MTCqAI0N/UZ/6zJa4rjI
UDWP2nVTeqFyxgYL08/gnQA6OoaYIhSdl8yNdzHjIzMaxksSTIG67dgyqugOYTCq
vSkAJ0gSd5agXeTD6fj3g4GxzeGuXU/tzNz/Xs912D/xQj2jiRbJ4IV/pEbOOL9P
yE+XidyL3KJEpbRSwBtyhsIe4HOdp+atgUnuuy0OU+lNxGW6m3vXBBt2UWe7E703
b6KY4XVrxLOFWSN6wGvUk41w4EgqLwl4SXghJMMoz66t3N7NbqrrowRHyN3zTEqn
/JvlU+oRoqcw2G8rYy+27u7lZ9A6lc09gWrpxHZteKNi
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:00 2024 by rpki-client on console-ams.rpki-client.org