Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/Ho3LlFkWGbxDsb-TD818-d15g3I.roa
File:                     Ho3LlFkWGbxDsb-TD818-d15g3I.roa (raw, json)
Hash identifier:          HKTFfoXZj9QOxtu/ruBXlLPxf6MjKfzS1n25/PfMpNU=
Subject key identifier:   1E:8D:CB:94:59:16:19:BC:43:B1:BF:93:0F:CD:7C:F9:DD:79:83:72
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       12E0
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Ho3LlFkWGbxDsb-TD818-d15g3I.roa
Signing time:             Fri 01 Sep 2023 08:05:06 +0000
ROA not before:           Fri 01 Sep 2023 08:05:06 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     9311
IP address blocks:        203.79.235.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4832 (0x12e0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep  1 08:05:06 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=1E8DCB94591619BC43B1BF930FCD7CF9DD798372
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:36:d1:61:48:05:6f:a3:e6:24:03:77:70:ed:
                    fa:f5:28:3b:39:c5:92:49:c0:ed:e9:f4:75:22:4a:
                    b1:47:44:5f:de:2a:79:00:61:42:d1:1c:a8:2c:a0:
                    80:d6:e7:4c:e9:88:a3:7c:a0:fd:bb:e1:af:5e:c6:
                    3b:25:c0:c0:07:74:81:43:b9:5f:0c:d9:83:c2:70:
                    21:c5:a4:07:ce:0c:82:f8:b4:22:e0:55:9d:07:68:
                    24:82:75:39:7b:6a:f7:fa:7a:cd:9c:74:60:a1:e3:
                    7f:63:6d:ee:9b:d0:1f:ca:a1:c9:44:99:cb:52:de:
                    d3:cc:1a:7f:13:d7:96:67:65:f4:19:32:cc:b6:77:
                    a6:23:b3:02:b3:73:40:28:15:8c:b9:c1:99:28:f7:
                    41:f6:76:2d:50:0b:33:62:a9:bd:85:65:0e:10:c6:
                    8b:b1:41:1a:3a:35:df:b4:4e:a5:4e:47:db:ea:f9:
                    b2:0b:eb:1a:87:b8:c3:1b:d8:15:2e:ab:0c:d1:90:
                    c2:2d:bb:e5:4d:1f:56:bf:ba:72:9d:dd:df:1d:48:
                    45:a8:08:05:3b:34:eb:70:23:ac:07:5c:9b:e0:36:
                    ec:eb:3e:0c:e8:bb:63:cc:72:af:b2:6e:6f:4d:3d:
                    6f:02:ae:eb:78:de:4c:da:63:eb:02:2c:c8:9f:04:
                    24:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:8D:CB:94:59:16:19:BC:43:B1:BF:93:0F:CD:7C:F9:DD:79:83:72
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Ho3LlFkWGbxDsb-TD818-d15g3I.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.79.235.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:23:af:58:86:67:75:09:de:3f:a3:5d:cf:33:75:87:60:f2:
         61:19:71:62:d3:12:99:77:d4:5b:3a:7d:d8:46:2b:42:84:52:
         46:b4:e7:c3:2c:e7:7f:f3:30:3b:9c:95:c6:2b:c7:de:c9:be:
         fa:7e:18:04:db:6f:24:1c:28:d0:d4:00:30:18:83:39:29:c8:
         22:b7:c5:87:b7:a1:3a:70:ec:6d:68:97:85:9c:b0:90:c5:5b:
         d1:70:ca:75:d1:71:7d:b6:6a:7c:2f:84:05:e8:15:fe:ed:3b:
         4d:94:1d:92:f1:e7:a8:2c:1c:c2:aa:5e:82:bb:0e:9b:bb:af:
         5c:a3:61:01:1c:b3:66:74:c5:8b:01:3e:83:ae:96:c2:4d:cf:
         4c:09:89:90:7b:e4:d3:e2:fc:2e:d2:aa:94:78:9b:20:fd:ec:
         9d:84:07:17:a7:3b:b0:5c:e4:d6:5e:ff:e2:19:a3:9d:a1:a3:
         30:97:84:09:86:d1:8f:d5:ec:04:96:5a:01:07:06:30:a5:1b:
         8b:57:09:7a:6b:e5:61:13:7d:ab:d4:c6:04:c5:06:40:7e:c9:
         5b:8c:05:d7:1b:ab:bb:ed:9a:86:af:4d:d7:28:0d:9a:15:74:
         63:cf:08:0e:c6:19:70:a6:49:0d:75:1d:00:55:4a:68:e3:76:
         b3:2b:e7:15
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEuAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MDZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDFFOERDQjk0NTkxNjE5
QkM0M0IxQkY5MzBGQ0Q3Q0Y5REQ3OTgzNzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtNtFhSAVvo+YkA3dw7fr1KDs5xZJJwO3p9HUiSrFHRF/eKnkA
YULRHKgsoIDW50zpiKN8oP274a9exjslwMAHdIFDuV8M2YPCcCHFpAfODIL4tCLg
VZ0HaCSCdTl7avf6es2cdGCh439jbe6b0B/KoclEmctS3tPMGn8T15ZnZfQZMsy2
d6YjswKzc0AoFYy5wZko90H2di1QCzNiqb2FZQ4QxouxQRo6Nd+0TqVOR9vq+bIL
6xqHuMMb2BUuqwzRkMItu+VNH1a/unKd3d8dSEWoCAU7NOtwI6wHXJvgNuzrPgzo
u2PMcq+ybm9NPW8Crut43kzaY+sCLMifBCRpAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUHo3LlFkWGbxDsb+TD818+d15g3IwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvSG8zTGxGa1dHYnhEc2ItVEQ4MTgt
ZDE1ZzNJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMtP6zAN
BgkqhkiG9w0BAQsFAAOCAQEAZiOvWIZndQneP6NdzzN1h2DyYRlxYtMSmXfUWzp9
2EYrQoRSRrTnwyznf/MwO5yVxivH3sm++n4YBNtvJBwo0NQAMBiDOSnIIrfFh7eh
OnDsbWiXhZywkMVb0XDKddFxfbZqfC+EBegV/u07TZQdkvHnqCwcwqpegrsOm7uv
XKNhARyzZnTFiwE+g66Wwk3PTAmJkHvk0+L8LtKqlHibIP3snYQHF6c7sFzk1l7/
4hmjnaGjMJeECYbRj9XsBJZaAQcGMKUbi1cJemvlYRN9q9TGBMUGQH7JW4wF1xur
u+2ahq9N1ygNmhV0Y88IDsYZcKZJDXUdAFVKaON2syvnFQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:00 2024 by rpki-client on console-ams.rpki-client.org