Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/EXcgW-M7No3aFBaU8JvZviKBWa8.roa
File:                     EXcgW-M7No3aFBaU8JvZviKBWa8.roa (raw, json)
Hash identifier:          C4Zvz4Qh5gRkXfo+vG+q/W3CMGrGG73qXn8GhBalgck=
Subject key identifier:   11:77:20:5B:E3:3B:36:8D:DA:14:16:94:F0:9B:D9:BE:22:81:59:AF
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       094A
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/EXcgW-M7No3aFBaU8JvZviKBWa8.roa
Signing time:             Tue 29 Sep 2020 10:01:40 +0000
ROA not before:           Tue 29 Sep 2020 10:01:40 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     131597
IP address blocks:        218.35.64.0/19 maxlen: 21

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2378 (0x94a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 29 10:01:40 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=1177205BE33B368DDA141694F09BD9BE228159AF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:9a:d6:31:15:e4:d2:36:73:de:e3:0c:6a:39:
                    b7:7f:48:e8:b5:80:98:00:5b:b0:13:d6:ad:cc:10:
                    56:cd:7e:11:a0:ca:fe:c8:07:e0:ad:89:47:dd:58:
                    ae:26:ca:a4:d1:24:29:de:fb:fc:8b:d4:19:b2:d2:
                    80:c2:9d:01:18:10:c0:65:b9:57:cc:76:95:4d:5b:
                    2f:f8:33:8a:e4:e3:e9:c3:ba:ea:c7:3b:95:71:b7:
                    a1:4d:bb:de:d3:81:6e:50:fb:d9:47:62:4c:6c:8d:
                    40:71:8b:18:09:61:a4:0f:91:66:e4:57:e6:e8:15:
                    80:f5:9c:75:67:07:b2:e2:d6:e7:60:e3:84:b9:f7:
                    c1:e1:8d:f0:94:32:f3:e7:04:25:32:ba:cc:3a:8f:
                    7f:8e:73:7a:80:52:c9:ca:fd:24:83:2d:1b:15:e0:
                    9a:bd:d8:b4:8b:af:bd:4d:fe:d0:50:00:33:f4:02:
                    ca:e0:2d:09:6e:98:bc:73:ee:ba:5c:a7:76:81:36:
                    5e:76:ba:14:9b:9f:84:03:d1:15:b9:96:06:ec:7a:
                    c6:6c:fc:d8:0d:c7:52:3b:33:47:2a:8e:a7:28:d3:
                    a0:68:d1:07:6c:73:30:be:b0:29:fa:58:63:73:86:
                    0d:93:62:1c:f9:76:00:a7:b5:02:ee:13:85:2b:2d:
                    43:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:77:20:5B:E3:3B:36:8D:DA:14:16:94:F0:9B:D9:BE:22:81:59:AF
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/EXcgW-M7No3aFBaU8JvZviKBWa8.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  218.35.64.0/19

    Signature Algorithm: sha256WithRSAEncryption
         39:4d:b6:39:cc:75:cf:89:50:60:75:53:49:a7:2e:e7:0c:7c:
         ac:e1:0e:84:d9:70:e5:3d:bc:6c:cd:74:64:2e:c7:06:f8:79:
         b7:59:b9:d9:90:63:77:a9:bc:90:7e:f4:3a:88:8b:de:39:7f:
         8e:0f:78:a1:a5:85:20:a9:99:5a:6d:f9:ca:df:4f:06:74:0e:
         ff:81:6f:92:5d:4e:bb:bf:df:64:35:ed:17:a9:56:3a:e1:74:
         05:34:49:fb:76:75:d8:84:7c:bc:bb:19:ed:38:18:3b:bf:25:
         b2:a3:14:b9:34:f1:e0:56:6d:29:b2:f6:4e:dd:54:42:8e:2a:
         09:9d:54:f9:1a:5d:48:d0:6c:1f:06:78:91:95:62:d9:1a:17:
         33:c6:e8:00:cd:e7:07:3b:3c:2c:ac:d5:07:da:d4:98:6d:0d:
         06:84:dc:2b:29:42:b1:c4:83:1e:d9:eb:e2:e3:95:e4:d3:40:
         d9:bd:71:ae:af:2d:d7:bd:56:ae:9f:b3:97:ae:2f:d4:9a:d5:
         18:60:9e:50:5b:cf:79:51:cb:9b:3f:9e:8d:2d:0f:c3:70:25:
         8a:23:d9:a6:76:96:e2:e7:2a:f5:2c:74:a6:ff:de:01:f0:4b:
         56:41:c7:e4:26:84:b6:04:61:13:34:58:a4:16:78:bd:be:f1:
         38:67:aa:40
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCUowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMDA5Mjkx
MDAxNDBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDExNzcyMDVCRTMzQjM2
OEREQTE0MTY5NEYwOUJEOUJFMjI4MTU5QUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwmtYxFeTSNnPe4wxqObd/SOi1gJgAW7AT1q3MEFbNfhGgyv7I
B+CtiUfdWK4myqTRJCne+/yL1Bmy0oDCnQEYEMBluVfMdpVNWy/4M4rk4+nDuurH
O5Vxt6FNu97TgW5Q+9lHYkxsjUBxixgJYaQPkWbkV+boFYD1nHVnB7Li1udg44S5
98HhjfCUMvPnBCUyusw6j3+Oc3qAUsnK/SSDLRsV4Jq92LSLr71N/tBQADP0Asrg
LQlumLxz7rpcp3aBNl52uhSbn4QD0RW5lgbsesZs/NgNx1I7M0cqjqco06Bo0Qds
czC+sCn6WGNzhg2TYhz5dgCntQLuE4UrLUNpAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUEXcgW+M7No3aFBaU8JvZviKBWa8wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvRVhjZ1ctTTdObzNhRkJhVThKdlp2
aUtCV2E4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdojQDAN
BgkqhkiG9w0BAQsFAAOCAQEAOU22Ocx1z4lQYHVTSacu5wx8rOEOhNlw5T28bM10
ZC7HBvh5t1m52ZBjd6m8kH70OoiL3jl/jg94oaWFIKmZWm35yt9PBnQO/4Fvkl1O
u7/fZDXtF6lWOuF0BTRJ+3Z12IR8vLsZ7TgYO78lsqMUuTTx4FZtKbL2Tt1UQo4q
CZ1U+RpdSNBsHwZ4kZVi2RoXM8boAM3nBzs8LKzVB9rUmG0NBoTcKylCscSDHtnr
4uOV5NNA2b1xrq8t171Wrp+zl64v1JrVGGCeUFvPeVHLmz+ejS0Pw3AliiPZpnaW
4ucq9Sx0pv/eAfBLVkHH5CaEtgRhEzRYpBZ4vb7xOGeqQA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:00 2024 by rpki-client on console-ams.rpki-client.org