Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/IONPpzXc5g6eGUchDipzK8ROOJU.roa
File:                     IONPpzXc5g6eGUchDipzK8ROOJU.roa (raw, json)
Hash identifier:          Q9zvB9vqwY//T1bYGWgTabE5IAjEi9QsvnFQWg214m8=
Subject key identifier:   20:E3:4F:A7:35:DC:E6:0E:9E:19:47:21:0E:2A:73:2B:C4:4E:38:95
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       12F0
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/IONPpzXc5g6eGUchDipzK8ROOJU.roa
Signing time:             Fri 01 Sep 2023 08:05:11 +0000
ROA not before:           Fri 01 Sep 2023 08:05:11 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     17709
IP address blocks:        103.36.116.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4848 (0x12f0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep  1 08:05:11 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=20E34FA735DCE60E9E1947210E2A732BC44E3895
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:e5:08:48:07:56:c3:27:8a:88:93:06:7f:50:
                    ac:fc:90:bc:7e:fa:e5:14:4e:9c:1e:26:b7:6f:55:
                    8e:e5:b2:14:54:eb:aa:5b:88:dd:d2:ee:9d:7a:77:
                    de:d0:42:b2:00:b0:6c:d1:1b:d5:c4:2a:83:83:35:
                    58:eb:78:54:02:e7:db:82:69:a9:d2:b5:f2:04:b1:
                    f7:b9:d4:50:f6:ed:87:64:dc:f5:d9:d3:20:47:88:
                    d8:b0:5c:a9:77:02:ed:ff:f4:30:ef:a5:76:45:a5:
                    bf:81:83:16:14:59:99:35:69:88:dd:9f:32:37:fd:
                    58:bb:a8:d9:db:90:0b:7e:49:01:00:a9:73:92:40:
                    e1:2b:85:90:92:5f:63:ce:b9:1e:70:57:9f:c0:d9:
                    c9:8c:2b:de:59:77:1a:1e:e3:ae:0b:dc:7b:74:e0:
                    1f:3e:da:2d:89:ea:11:8e:61:e0:d5:9a:90:7f:06:
                    73:99:31:89:e1:e6:50:e2:b3:81:ff:e8:6f:bc:9a:
                    31:e8:9d:10:6f:83:a2:e0:ff:ae:c2:dc:97:fe:de:
                    f4:36:74:83:93:c6:bd:4c:7c:e3:55:43:8b:46:11:
                    34:51:72:3c:a6:b5:28:64:23:68:44:fe:23:9f:a9:
                    b5:4a:24:45:6d:c8:0e:50:e6:16:08:ec:22:32:ed:
                    f0:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:E3:4F:A7:35:DC:E6:0E:9E:19:47:21:0E:2A:73:2B:C4:4E:38:95
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/IONPpzXc5g6eGUchDipzK8ROOJU.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.36.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         63:94:5a:e2:18:9d:98:68:cc:a2:e8:b1:ab:77:c4:43:f9:a7:
         c3:23:0f:17:e9:09:38:fc:a8:bf:84:cd:b6:d8:8e:10:31:c4:
         d1:19:2f:4f:7e:e7:56:71:ce:a1:12:ca:3b:09:e4:6d:ed:d6:
         2e:18:bc:c7:50:8a:52:f1:aa:1e:8f:db:83:72:89:5f:a1:df:
         dd:6f:68:23:75:24:3c:6c:7e:f5:a4:6a:ca:31:bf:35:62:fb:
         ac:61:e5:05:66:ea:8e:44:40:d5:90:e0:fb:3a:b2:22:24:35:
         18:97:3e:a0:3f:bf:7c:16:47:63:40:ea:7f:56:68:46:cc:9f:
         da:e0:71:cb:5a:bc:a0:a8:5a:76:e3:81:e2:7e:9d:f7:0f:73:
         06:73:2e:a4:fc:6f:a1:8c:d2:4e:e1:6d:3e:76:f6:c9:66:38:
         82:81:32:a0:63:9d:61:59:1d:88:d1:38:3b:e7:0d:8a:32:76:
         8c:63:a2:d8:a4:c3:f0:cb:61:9e:4d:5f:3f:f6:79:1d:a6:8a:
         2c:d5:60:cc:44:aa:e3:6f:eb:d1:23:1a:5a:e7:f1:79:cd:f7:
         5a:c7:50:f0:e1:07:f4:d5:56:d0:fd:95:8e:b7:3c:15:0a:99:
         33:a3:f5:b5:1b:73:50:f6:ad:02:03:23:0c:f7:8c:8f:f6:5c:
         71:af:c2:9a
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEvAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MTFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDIwRTM0RkE3MzVEQ0U2
MEU5RTE5NDcyMTBFMkE3MzJCQzQ0RTM4OTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCb5QhIB1bDJ4qIkwZ/UKz8kLx++uUUTpweJrdvVY7lshRU66pb
iN3S7p16d97QQrIAsGzRG9XEKoODNVjreFQC59uCaanStfIEsfe51FD27Ydk3PXZ
0yBHiNiwXKl3Au3/9DDvpXZFpb+BgxYUWZk1aYjdnzI3/Vi7qNnbkAt+SQEAqXOS
QOErhZCSX2POuR5wV5/A2cmMK95Zdxoe464L3Ht04B8+2i2J6hGOYeDVmpB/BnOZ
MYnh5lDis4H/6G+8mjHonRBvg6Lg/67C3Jf+3vQ2dIOTxr1MfONVQ4tGETRRcjym
tShkI2hE/iOfqbVKJEVtyA5Q5hYI7CIy7fBDAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUIONPpzXc5g6eGUchDipzK8ROOJUwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvSU9OUHB6WGM1ZzZlR1VjaERpcHpL
OFJPT0pVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmckdDAN
BgkqhkiG9w0BAQsFAAOCAQEAY5Ra4hidmGjMouixq3fEQ/mnwyMPF+kJOPyov4TN
ttiOEDHE0RkvT37nVnHOoRLKOwnkbe3WLhi8x1CKUvGqHo/bg3KJX6Hf3W9oI3Uk
PGx+9aRqyjG/NWL7rGHlBWbqjkRA1ZDg+zqyIiQ1GJc+oD+/fBZHY0Dqf1ZoRsyf
2uBxy1q8oKhaduOB4n6d9w9zBnMupPxvoYzSTuFtPnb2yWY4goEyoGOdYVkdiNE4
O+cNijJ2jGOi2KTD8Mthnk1fP/Z5HaaKLNVgzESq42/r0SMaWufxec33WsdQ8OEH
9NVW0P2Vjrc8FQqZM6P1tRtzUPatAgMjDPeMj/Zcca/Cmg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org