Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/LFLLxtFXL8gsIxUTvzswGWbyzaA.roa
File:                     LFLLxtFXL8gsIxUTvzswGWbyzaA.roa (raw, json)
Hash identifier:          flYQIMTxRW5yu4YUgbEpAAPyIlNsxcJDPk6vhARt6xY=
Subject key identifier:   2C:52:CB:C6:D1:57:2F:C8:2C:23:15:13:BF:3B:30:19:66:F2:CD:A0
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0E37
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/LFLLxtFXL8gsIxUTvzswGWbyzaA.roa
Signing time:             Wed 29 Sep 2021 02:40:07 +0000
ROA not before:           Wed 29 Sep 2021 02:40:07 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     18419
IP address blocks:        124.218.0.0/18 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3639 (0xe37)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 29 02:40:07 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=2C52CBC6D1572FC82C231513BF3B301966F2CDA0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:f4:ee:62:ee:61:1b:bd:c1:5a:28:0a:a3:ce:
                    01:29:f9:ba:13:63:31:d5:de:48:d5:64:42:f1:3f:
                    c8:f4:60:09:b0:c3:5a:5c:45:39:1f:db:fd:60:09:
                    9c:53:15:cf:c9:b7:17:b8:b6:cc:f1:b6:d4:32:3d:
                    d8:b8:31:c0:5e:30:c4:ed:0a:0f:43:61:66:a2:c1:
                    9d:9f:44:21:04:e5:91:9b:87:83:1b:6d:45:e0:3e:
                    13:db:5d:f2:f9:8d:c2:f5:45:5e:1b:49:49:a3:a7:
                    1d:a5:47:0c:2a:08:92:95:78:0f:ad:83:12:b9:a3:
                    a4:4c:fe:53:3c:55:a3:de:3d:49:b4:13:45:80:71:
                    63:db:a5:f7:9e:70:fb:8f:16:d0:b6:96:ce:25:a7:
                    82:82:0d:41:10:4a:33:8f:c1:e0:88:c2:82:00:49:
                    fb:53:e5:ba:90:0b:15:6b:41:bf:d1:49:d1:b1:8b:
                    a6:36:bb:9c:da:b6:11:40:89:a4:40:4d:69:e3:c7:
                    85:ac:3a:c0:1b:f4:f5:3d:44:95:f5:a0:8c:00:05:
                    42:45:2c:20:e1:a6:46:a0:4a:de:36:f0:6f:23:20:
                    1a:8a:7c:40:cf:04:5e:94:d8:53:ed:d0:0c:a3:ae:
                    fb:c1:fd:8d:80:2d:d4:df:d4:0f:7d:c2:6c:fb:50:
                    ad:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:52:CB:C6:D1:57:2F:C8:2C:23:15:13:BF:3B:30:19:66:F2:CD:A0
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/LFLLxtFXL8gsIxUTvzswGWbyzaA.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  124.218.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         9f:5a:b2:2a:a1:d9:32:3c:6b:9b:c2:6e:4f:ad:8d:5b:9f:7b:
         5e:90:b7:65:a9:89:c8:b2:29:2e:d4:cf:78:a6:3b:78:1e:5e:
         57:91:ee:a6:4f:69:82:dc:df:08:85:a3:44:cc:67:60:4b:fc:
         cc:41:12:d1:bc:eb:9a:e1:94:39:9d:62:66:ef:02:1f:4b:f9:
         90:45:f5:d6:00:34:bf:f3:2a:3d:51:fa:0e:51:93:4c:8d:72:
         c0:f5:c5:74:cf:a5:be:e6:dd:bd:a0:fb:3b:36:8a:aa:f2:b5:
         11:19:d6:28:2d:e1:7d:bc:99:da:12:25:c7:38:0b:0d:3c:33:
         99:58:7a:39:64:03:b2:b3:0f:b3:61:30:46:ff:22:2f:ee:93:
         96:3e:dd:e0:a9:c2:d4:a3:b0:39:d0:5e:9a:80:bd:5c:da:8b:
         ad:38:1c:ab:37:01:3f:2c:cf:c2:1a:7b:7c:c0:8b:de:5c:41:
         61:e8:27:25:e2:da:d8:28:a7:9b:bd:a0:08:33:06:92:01:77:
         d6:fc:86:69:35:a2:ae:4f:45:19:4c:60:46:70:76:ed:1d:24:
         fe:a9:ec:f9:bf:41:ce:9d:6d:80:d6:7d:c4:71:48:24:4a:67:
         57:27:91:2e:f5:b7:6f:a7:57:7e:0b:a8:d4:97:6b:0b:f7:5f:
         dd:a4:f3:9c
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDjcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjQwMDdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDJDNTJDQkM2RDE1NzJG
QzgyQzIzMTUxM0JGM0IzMDE5NjZGMkNEQTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDP9O5i7mEbvcFaKAqjzgEp+boTYzHV3kjVZELxP8j0YAmww1pc
RTkf2/1gCZxTFc/Jtxe4tszxttQyPdi4McBeMMTtCg9DYWaiwZ2fRCEE5ZGbh4Mb
bUXgPhPbXfL5jcL1RV4bSUmjpx2lRwwqCJKVeA+tgxK5o6RM/lM8VaPePUm0E0WA
cWPbpfeecPuPFtC2ls4lp4KCDUEQSjOPweCIwoIASftT5bqQCxVrQb/RSdGxi6Y2
u5zathFAiaRATWnjx4WsOsAb9PU9RJX1oIwABUJFLCDhpkagSt428G8jIBqKfEDP
BF6U2FPt0AyjrvvB/Y2ALdTf1A99wmz7UK2zAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQULFLLxtFXL8gsIxUTvzswGWbyzaAwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvTEZMTHh0RlhMOGdzSXhVVHZ6c3dH
V2J5emFBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBnzaADAN
BgkqhkiG9w0BAQsFAAOCAQEAn1qyKqHZMjxrm8JuT62NW597XpC3ZamJyLIpLtTP
eKY7eB5eV5Hupk9pgtzfCIWjRMxnYEv8zEES0bzrmuGUOZ1iZu8CH0v5kEX11gA0
v/MqPVH6DlGTTI1ywPXFdM+lvubdvaD7OzaKqvK1ERnWKC3hfbyZ2hIlxzgLDTwz
mVh6OWQDsrMPs2EwRv8iL+6Tlj7d4KnC1KOwOdBemoC9XNqLrTgcqzcBPyzPwhp7
fMCL3lxBYegnJeLa2Cinm72gCDMGkgF31vyGaTWirk9FGUxgRnB27R0k/qns+b9B
zp1tgNZ9xHFIJEpnVyeRLvW3b6dXfguo1JdrC/df3aTznA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org