Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/LVCPhWoErSgwX25IfdAzK38vmms.roa
File:                     LVCPhWoErSgwX25IfdAzK38vmms.roa (raw, json)
Hash identifier:          7i5c0csL/bNvXscpJtnpwr8tvj4WT09K+mZuP+oPw+w=
Subject key identifier:   2D:50:8F:85:6A:04:AD:28:30:5F:6E:48:7D:D0:33:2B:7F:2F:9A:6B
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       1061
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/LVCPhWoErSgwX25IfdAzK38vmms.roa
Signing time:             Tue 16 May 2023 08:36:07 +0000
ROA not before:           Tue 16 May 2023 08:36:07 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     131591
IP address blocks:        223.22.32.0/19 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4193 (0x1061)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: May 16 08:36:07 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=2D508F856A04AD28305F6E487DD0332B7F2F9A6B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:81:92:d7:cc:58:3d:f5:cb:b8:03:4b:b0:c2:
                    4f:ff:83:57:9b:1b:cd:2a:b4:9d:b9:d8:e8:a2:b4:
                    4e:0e:71:df:65:25:a7:33:3d:5b:d3:a7:57:d8:7b:
                    09:36:82:62:90:d9:de:74:51:a1:d1:40:9b:30:f7:
                    e5:5b:82:b2:b4:c2:28:c0:47:25:6e:4d:0c:93:6b:
                    a4:f4:1e:98:9f:99:10:9e:5e:04:48:e4:34:c1:da:
                    f6:6a:37:99:00:42:89:00:c7:ac:ea:80:cc:10:71:
                    b2:4c:37:cd:9f:4a:c5:a3:bc:46:80:a2:1a:4a:ee:
                    e9:7a:ce:3d:bc:ee:42:10:22:96:15:65:f8:f5:41:
                    81:5c:c2:33:11:15:1c:8f:84:94:6d:1d:27:22:38:
                    99:eb:d6:19:3c:9a:f6:19:bb:e8:f2:31:0b:b0:8c:
                    a8:be:1e:e1:c2:7e:e6:fb:b2:64:ba:e2:11:75:07:
                    9d:c5:94:35:5c:fd:e0:bf:77:fb:b6:82:19:d6:66:
                    0d:36:cf:93:fd:ef:eb:fc:c3:20:f6:db:e1:af:3c:
                    76:37:42:3c:a3:c7:f1:26:cd:fe:b6:7a:15:bf:ad:
                    98:e2:2f:29:43:62:15:f9:b9:e0:50:74:d3:d8:a3:
                    8e:62:be:53:57:ed:a7:7b:b8:41:ac:56:8f:da:c6:
                    60:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:50:8F:85:6A:04:AD:28:30:5F:6E:48:7D:D0:33:2B:7F:2F:9A:6B
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/LVCPhWoErSgwX25IfdAzK38vmms.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  223.22.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         bc:46:bb:7b:fd:41:21:09:c1:39:b8:de:db:93:2b:a1:47:ab:
         6a:52:cb:a2:12:c5:70:5b:9d:91:10:bd:2f:6c:70:b7:73:b9:
         b0:df:ae:f2:93:3e:d5:a1:86:34:91:a3:8a:8e:5f:12:92:9c:
         01:d3:fc:d2:ad:4f:4e:a5:06:66:ca:ab:6f:5b:84:b2:45:4c:
         6f:44:41:cb:df:63:b3:0f:96:c6:3e:26:3e:41:21:9f:9b:47:
         df:b3:25:c0:e9:e3:60:a0:81:43:b4:93:41:55:d5:47:8a:b7:
         7c:5c:1f:f7:c0:e1:af:75:07:97:66:79:d1:ac:29:ef:5f:0a:
         0f:ea:e8:a3:f5:04:47:57:b9:74:8b:01:ae:6a:d3:64:5d:e5:
         2c:e1:3a:2a:0a:49:97:7e:54:d2:21:29:cb:d4:d2:9e:ff:ba:
         56:27:11:5d:fb:ae:65:51:ba:f1:be:31:a5:ee:45:44:98:e5:
         16:63:67:e0:5a:8e:9e:1a:00:ce:6b:17:c1:d2:db:aa:0d:92:
         ca:b1:38:4b:fb:58:d2:0c:e7:83:ee:d9:1b:b4:59:9f:ad:01:
         7e:33:af:a2:34:5b:9c:46:83:bc:d4:19:98:bf:3f:af:cc:de:
         43:40:89:77:bc:11:a0:21:52:81:a4:96:4e:b6:44:fa:d4:86:
         44:17:07:e3
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEGEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2MDdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDJENTA4Rjg1NkEwNEFE
MjgzMDVGNkU0ODdERDAzMzJCN0YyRjlBNkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4gZLXzFg99cu4A0uwwk//g1ebG80qtJ252OiitE4Ocd9lJacz
PVvTp1fYewk2gmKQ2d50UaHRQJsw9+VbgrK0wijARyVuTQyTa6T0HpifmRCeXgRI
5DTB2vZqN5kAQokAx6zqgMwQcbJMN82fSsWjvEaAohpK7ul6zj287kIQIpYVZfj1
QYFcwjMRFRyPhJRtHSciOJnr1hk8mvYZu+jyMQuwjKi+HuHCfub7smS64hF1B53F
lDVc/eC/d/u2ghnWZg02z5P97+v8wyD22+GvPHY3Qjyjx/Emzf62ehW/rZjiLylD
YhX5ueBQdNPYo45ivlNX7ad7uEGsVo/axmBlAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQULVCPhWoErSgwX25IfdAzK38vmmswHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvTFZDUGhXb0VyU2d3WDI1SWZkQXpL
Mzh2bW1zLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBd8WIDAN
BgkqhkiG9w0BAQsFAAOCAQEAvEa7e/1BIQnBObje25MroUeralLLohLFcFudkRC9
L2xwt3O5sN+u8pM+1aGGNJGjio5fEpKcAdP80q1PTqUGZsqrb1uEskVMb0RBy99j
sw+Wxj4mPkEhn5tH37MlwOnjYKCBQ7STQVXVR4q3fFwf98Dhr3UHl2Z50awp718K
D+roo/UER1e5dIsBrmrTZF3lLOE6KgpJl35U0iEpy9TSnv+6VicRXfuuZVG68b4x
pe5FRJjlFmNn4FqOnhoAzmsXwdLbqg2SyrE4S/tY0gzng+7ZG7RZn60BfjOvojRb
nEaDvNQZmL8/r8zeQ0CJd7wRoCFSgaSWTrZE+tSGRBcH4w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:00 2024 by rpki-client on console-ams.rpki-client.org