Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/EdXxqKAUetBWIV6ltzidfX1ZDH0.roa
File:                     EdXxqKAUetBWIV6ltzidfX1ZDH0.roa (raw, json)
Hash identifier:          Sn01riwy09XJX6vApPS6nQOTZxK4GjNbbyHS/oPnw0I=
Subject key identifier:   11:D5:F1:A8:A0:14:7A:D0:56:21:5E:A5:B7:38:9D:7D:7D:59:0C:7D
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0F63
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/EdXxqKAUetBWIV6ltzidfX1ZDH0.roa
Signing time:             Thu 15 Sep 2022 02:39:42 +0000
ROA not before:           Thu 15 Sep 2022 02:39:42 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     24154
IP address blocks:        222.156.246.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3939 (0xf63)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 15 02:39:42 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=11D5F1A8A0147AD056215EA5B7389D7D7D590C7D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:72:fa:11:a1:1e:d0:54:dc:9d:92:4e:d2:7e:
                    50:c3:1e:26:d3:57:58:50:12:08:03:03:04:3a:e8:
                    b1:2a:9e:0a:cb:63:50:97:44:57:de:52:ba:b3:58:
                    80:8c:02:7d:2b:79:0e:73:6c:f4:a7:e4:e6:51:3c:
                    85:6b:2c:0a:36:3f:ee:7c:84:53:ff:2c:97:56:4c:
                    cd:0d:9e:44:57:d8:c9:1b:51:b1:43:20:f6:ba:a8:
                    93:6a:01:41:90:00:d5:92:30:e1:de:73:55:b0:e1:
                    02:c4:cd:f7:2e:37:ed:3b:0c:11:01:97:49:fc:6a:
                    6b:6f:b3:fc:43:7f:dc:b0:5c:5e:10:f6:b8:42:fa:
                    44:bb:f9:c0:49:34:1d:3e:0c:f1:8f:2f:a4:4c:ce:
                    01:1c:e6:39:ba:8e:2f:9b:b7:43:df:76:e2:40:93:
                    b4:77:b4:b8:13:aa:66:19:1c:a3:a7:f8:32:10:03:
                    6d:c2:27:8e:31:0e:aa:73:41:bd:0e:6a:d3:1f:85:
                    14:38:9d:bd:66:d5:dc:8e:d1:6b:fe:1f:b7:60:cd:
                    1d:46:8b:78:88:be:29:92:28:54:b9:24:0d:90:80:
                    b1:35:e3:6d:08:68:22:f8:3e:d8:e5:cb:0a:a4:93:
                    74:09:9c:82:5f:e5:c6:6b:be:7b:de:77:e2:e3:ea:
                    60:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:D5:F1:A8:A0:14:7A:D0:56:21:5E:A5:B7:38:9D:7D:7D:59:0C:7D
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/EdXxqKAUetBWIV6ltzidfX1ZDH0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  222.156.246.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:7d:e6:c6:a8:e3:7e:a2:d2:02:f9:c5:b0:4e:d8:e1:7e:8b:
         c6:78:04:59:a8:a1:79:c6:8a:d7:ed:cd:49:8a:82:5b:4d:60:
         a9:65:83:cb:2d:c0:ba:bf:03:e7:f2:5e:ec:74:ce:d0:06:e0:
         58:79:15:d2:bb:82:86:e6:f4:b2:70:1b:bc:c0:c9:8e:ff:08:
         fe:18:45:6f:3c:b1:5f:33:fc:a6:b3:64:c0:88:be:be:e6:9d:
         23:53:c9:47:09:d8:d0:17:7d:61:0f:cb:bf:4d:2e:3b:1a:1c:
         d6:26:18:67:4c:24:42:40:af:4f:d6:a4:0b:2d:c7:72:4e:31:
         71:98:4f:c3:7a:42:17:87:23:98:41:46:21:a5:db:6f:16:99:
         ae:d0:2d:fd:f3:3f:ab:bb:85:79:ea:ff:5f:bd:f9:62:bc:35:
         b1:e3:44:c8:8f:90:ed:c5:e0:fa:4d:eb:a6:bc:73:4b:28:bf:
         23:94:9b:ca:72:9e:d9:4d:40:d3:51:63:ac:0a:2d:9d:4f:39:
         87:d1:da:2a:ad:31:ab:97:a4:b4:bf:47:c0:70:13:46:eb:92:
         18:5b:4c:79:bb:04:8c:34:3a:7a:fc:cb:ae:f8:18:b7:f3:1c:
         70:13:b4:53:31:93:fa:e7:b7:ad:64:39:31:fd:db:76:d8:da:
         4a:5e:02:ed
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICD2MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMjA5MTUw
MjM5NDJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDExRDVGMUE4QTAxNDdB
RDA1NjIxNUVBNUI3Mzg5RDdEN0Q1OTBDN0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5cvoRoR7QVNydkk7SflDDHibTV1hQEggDAwQ66LEqngrLY1CX
RFfeUrqzWICMAn0reQ5zbPSn5OZRPIVrLAo2P+58hFP/LJdWTM0NnkRX2MkbUbFD
IPa6qJNqAUGQANWSMOHec1Ww4QLEzfcuN+07DBEBl0n8amtvs/xDf9ywXF4Q9rhC
+kS7+cBJNB0+DPGPL6RMzgEc5jm6ji+bt0PfduJAk7R3tLgTqmYZHKOn+DIQA23C
J44xDqpzQb0OatMfhRQ4nb1m1dyO0Wv+H7dgzR1Gi3iIvimSKFS5JA2QgLE1420I
aCL4Ptjlywqkk3QJnIJf5cZrvnved+Lj6mDXAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUEdXxqKAUetBWIV6ltzidfX1ZDH0wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvRWRYeHFLQVVldEJXSVY2bHR6aWRm
WDFaREgwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN6c9jAN
BgkqhkiG9w0BAQsFAAOCAQEAnX3mxqjjfqLSAvnFsE7Y4X6LxngEWaihecaK1+3N
SYqCW01gqWWDyy3Aur8D5/Je7HTO0AbgWHkV0ruChub0snAbvMDJjv8I/hhFbzyx
XzP8prNkwIi+vuadI1PJRwnY0Bd9YQ/Lv00uOxoc1iYYZ0wkQkCvT9akCy3Hck4x
cZhPw3pCF4cjmEFGIaXbbxaZrtAt/fM/q7uFeer/X735Yrw1seNEyI+Q7cXg+k3r
prxzSyi/I5SbynKe2U1A01FjrAotnU85h9HaKq0xq5ektL9HwHATRuuSGFtMebsE
jDQ6evzLrvgYt/MccBO0UzGT+ue3rWQ5Mf3bdtjaSl4C7Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:00 2024 by rpki-client on console-ams.rpki-client.org