Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/LEEjLXIjHq72t4NMrN4VmDAq3p0.roa
File:                     LEEjLXIjHq72t4NMrN4VmDAq3p0.roa (raw, json)
Hash identifier:          +5G3bh0FgpI4Ut2gM/zn/WZWJTuUiRUoHvHUeYVH91k=
Subject key identifier:   2C:41:23:2D:72:23:1E:AE:F6:B7:83:4C:AC:DE:15:98:30:2A:DE:9D
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       1292
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/LEEjLXIjHq72t4NMrN4VmDAq3p0.roa
Signing time:             Fri 01 Sep 2023 08:04:38 +0000
ROA not before:           Fri 01 Sep 2023 08:04:38 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     17709
IP address blocks:        210.58.104.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4754 (0x1292)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep  1 08:04:38 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=2C41232D72231EAEF6B7834CACDE1598302ADE9D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:c4:b1:a5:54:e7:d6:64:5a:bf:cd:8e:47:e1:
                    1f:e8:07:45:0b:fe:ee:17:38:f6:60:a2:bd:6f:55:
                    78:36:4b:bd:56:f3:a2:13:9c:bb:f0:e0:06:3f:34:
                    5c:91:9c:39:bb:57:3f:03:67:ef:ab:95:5d:63:a8:
                    7d:9f:25:f1:d9:7d:98:6f:33:1c:e9:9d:3f:48:8a:
                    c3:c4:c1:6c:6f:0b:a8:47:97:45:b6:c7:da:f8:37:
                    b7:c3:40:a3:1d:c1:d5:33:da:b3:90:6d:76:0d:9b:
                    20:cc:21:77:d9:72:45:79:ba:a4:e6:96:a0:bd:37:
                    09:d2:22:72:99:df:2a:70:3a:d0:c5:51:76:67:3c:
                    d2:99:11:12:3e:ac:2d:ab:ac:83:b9:6d:c3:fb:8b:
                    9b:3f:3d:a9:d7:8a:47:c0:33:98:e4:23:e2:76:41:
                    d3:1f:a3:a2:ce:8c:63:8d:b6:cd:37:85:86:44:93:
                    d8:56:e2:99:2f:1f:10:24:25:da:87:a2:6d:82:79:
                    e6:9b:9e:e3:f9:34:c8:bb:e9:b4:01:7c:b8:2a:4d:
                    60:97:c5:02:1d:f7:c0:2d:07:b8:00:12:e0:e1:41:
                    35:c7:89:d1:2d:79:bd:1c:5d:df:ff:cc:75:14:b4:
                    aa:67:0b:c2:71:4e:24:32:b0:a2:c7:5c:71:a8:26:
                    12:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:41:23:2D:72:23:1E:AE:F6:B7:83:4C:AC:DE:15:98:30:2A:DE:9D
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/LEEjLXIjHq72t4NMrN4VmDAq3p0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.58.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2e:e0:6d:d8:23:a2:92:12:3b:fa:62:f3:b9:88:b3:d2:e0:7e:
         4f:d3:56:95:d1:2a:be:6d:11:c5:76:84:f7:19:9a:55:81:54:
         6f:df:50:1c:88:22:dd:58:ce:84:34:2e:84:23:a2:10:3e:04:
         47:af:01:be:53:1d:c3:52:69:89:2c:3f:d2:88:3f:5f:33:e9:
         18:6b:03:e2:0c:81:8c:6f:1c:7f:d9:a3:8a:91:5e:d5:6d:e6:
         06:7d:1f:22:77:e7:da:b9:4e:70:72:e0:d2:c7:7a:a4:a6:2b:
         68:c2:77:b8:13:93:8b:f3:ad:b5:31:9f:bf:8b:49:7f:75:94:
         3b:73:4b:54:e2:b7:e9:a3:f2:4a:b6:e7:b8:d8:75:5a:1e:ef:
         f6:d5:d8:37:a5:81:d7:f0:1c:bb:42:85:d7:7e:3c:ac:00:22:
         fd:29:f6:3d:b3:d8:d0:95:ec:58:88:df:b4:56:44:35:e2:a4:
         52:d0:d6:c8:b4:26:db:0b:96:c7:13:0b:37:04:07:5e:81:ba:
         f5:96:e6:65:9e:b9:2a:cc:83:53:8b:33:81:23:fa:70:94:e0:
         68:8b:31:60:2f:95:c7:e7:07:b1:52:c4:7d:06:de:92:45:6c:
         f8:ab:b6:52:8c:e4:72:b7:0b:04:c6:de:a2:13:51:3d:32:cb:
         4c:81:1f:57
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEpIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0MzhaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDJDNDEyMzJENzIyMzFF
QUVGNkI3ODM0Q0FDREUxNTk4MzAyQURFOUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCbxLGlVOfWZFq/zY5H4R/oB0UL/u4XOPZgor1vVXg2S71W86IT
nLvw4AY/NFyRnDm7Vz8DZ++rlV1jqH2fJfHZfZhvMxzpnT9IisPEwWxvC6hHl0W2
x9r4N7fDQKMdwdUz2rOQbXYNmyDMIXfZckV5uqTmlqC9NwnSInKZ3ypwOtDFUXZn
PNKZERI+rC2rrIO5bcP7i5s/PanXikfAM5jkI+J2QdMfo6LOjGONts03hYZEk9hW
4pkvHxAkJdqHom2CeeabnuP5NMi76bQBfLgqTWCXxQId98AtB7gAEuDhQTXHidEt
eb0cXd//zHUUtKpnC8JxTiQysKLHXHGoJhLXAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQULEEjLXIjHq72t4NMrN4VmDAq3p0wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvTEVFakxYSWpIcTcydDROTXJONFZt
REFxM3AwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtI6aDAN
BgkqhkiG9w0BAQsFAAOCAQEALuBt2COikhI7+mLzuYiz0uB+T9NWldEqvm0RxXaE
9xmaVYFUb99QHIgi3VjOhDQuhCOiED4ER68BvlMdw1JpiSw/0og/XzPpGGsD4gyB
jG8cf9mjipFe1W3mBn0fInfn2rlOcHLg0sd6pKYraMJ3uBOTi/OttTGfv4tJf3WU
O3NLVOK36aPySrbnuNh1Wh7v9tXYN6WB1/Acu0KF1348rAAi/Sn2PbPY0JXsWIjf
tFZENeKkUtDWyLQm2wuWxxMLNwQHXoG69ZbmZZ65KsyDU4szgSP6cJTgaIsxYC+V
x+cHsVLEfQbekkVs+Ku2UozkcrcLBMbeohNRPTLLTIEfVw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org