Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/M09X1vIeVurBHcscD0UBabxriTI.roa
File:                     M09X1vIeVurBHcscD0UBabxriTI.roa (raw, json)
Hash identifier:          7fr6S1Yv/WNcYVAYEpztFBQ0kuxzvWvpwNKjekuL1vs=
Subject key identifier:   33:4F:57:D6:F2:1E:56:EA:C1:1D:CB:1C:0F:45:01:69:BC:6B:89:32
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       1031
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/M09X1vIeVurBHcscD0UBabxriTI.roa
Signing time:             Tue 16 May 2023 08:35:52 +0000
ROA not before:           Tue 16 May 2023 08:35:52 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     17709
IP address blocks:        222.156.0.0/16 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4145 (0x1031)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: May 16 08:35:52 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=334F57D6F21E56EAC11DCB1C0F450169BC6B8932
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:be:e5:77:5c:48:35:cb:9f:90:ca:d3:97:e8:
                    2f:09:f7:8b:71:df:de:82:e8:62:85:ac:99:dd:86:
                    d3:55:12:33:d8:5b:fe:b4:11:0c:68:b3:8e:7d:d1:
                    35:11:a6:9e:b5:95:fd:c4:44:d2:a7:d4:d8:88:b5:
                    85:99:aa:b2:eb:24:ba:1e:d4:8c:c1:56:3b:5b:d7:
                    8b:aa:74:ee:53:46:2b:c5:98:9e:8b:80:a7:50:af:
                    e1:8b:80:b6:f7:5b:51:e2:ea:bc:6a:0c:c1:6b:dd:
                    d8:89:f4:d8:31:e9:28:ef:dc:44:e3:af:50:81:e9:
                    b4:7c:e7:5b:6d:08:2b:92:da:07:70:a3:3a:78:88:
                    68:b8:e0:46:3b:e1:b7:29:7a:35:57:3c:9e:8f:15:
                    47:ba:97:88:75:7d:e9:4b:e4:37:f2:75:0d:6b:1b:
                    24:6e:55:d7:ab:69:1e:05:9b:58:62:5b:0d:1a:e6:
                    ee:74:f2:65:c6:4c:a3:ab:c0:c4:33:81:fc:37:ad:
                    c4:21:f6:42:a9:09:5c:a7:5c:e4:78:75:47:98:d5:
                    0e:0f:1c:d1:58:0a:0e:72:16:7f:0d:12:2a:f7:f5:
                    8e:dd:79:d6:5a:58:5c:1f:96:12:48:8b:72:f8:ef:
                    28:8e:5d:7a:35:e3:d5:ab:71:a7:57:8b:4a:b0:33:
                    bb:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:4F:57:D6:F2:1E:56:EA:C1:1D:CB:1C:0F:45:01:69:BC:6B:89:32
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/M09X1vIeVurBHcscD0UBabxriTI.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  222.156.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         b6:b0:bf:d5:d4:10:94:46:57:e9:53:10:dc:b3:3d:60:bb:aa:
         74:ba:7d:cc:77:24:bb:15:ec:4f:9d:25:74:93:4f:77:a1:04:
         73:7c:26:6e:de:47:0d:b5:24:34:74:4c:7e:c6:21:46:6c:7c:
         ee:23:8d:18:76:f6:03:1e:6b:ce:ad:48:43:6f:5a:e6:f4:0b:
         b9:24:2d:16:e8:9b:d9:73:16:64:e0:32:d1:98:1b:da:28:eb:
         6b:5f:f9:f6:fc:7a:54:e5:96:c3:c3:9a:bd:74:96:61:22:48:
         47:25:48:bd:46:b3:4b:43:1c:54:45:89:a6:75:ef:55:38:ef:
         89:0e:15:fd:8c:c1:f2:67:33:eb:ea:15:e0:a6:2b:b3:02:ff:
         4d:de:e9:2a:be:fb:08:fd:9b:6d:fd:be:8b:0b:3f:95:62:3f:
         ff:0e:fb:98:3c:77:97:f4:ea:40:07:06:24:bd:81:93:39:14:
         e9:b3:00:41:1e:85:6b:44:bd:5e:74:d0:2d:a1:cc:37:4e:23:
         c6:e7:9e:a7:8a:11:93:41:26:65:8b:89:14:92:b4:62:cb:cd:
         e0:78:e1:2a:e4:af:09:98:8d:e9:dd:35:16:16:ab:3c:48:27:
         b6:5d:dc:39:6d:2a:93:22:a6:10:ea:24:fd:29:87:84:7a:ac:
         bc:16:77:a6
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICEDEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM1NTJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDMzNEY1N0Q2RjIxRTU2
RUFDMTFEQ0IxQzBGNDUwMTY5QkM2Qjg5MzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJvuV3XEg1y5+QytOX6C8J94tx396C6GKFrJndhtNVEjPYW/60
EQxos4590TURpp61lf3ERNKn1NiItYWZqrLrJLoe1IzBVjtb14uqdO5TRivFmJ6L
gKdQr+GLgLb3W1Hi6rxqDMFr3diJ9Ngx6Sjv3ETjr1CB6bR851ttCCuS2gdwozp4
iGi44EY74bcpejVXPJ6PFUe6l4h1felL5DfydQ1rGyRuVderaR4Fm1hiWw0a5u50
8mXGTKOrwMQzgfw3rcQh9kKpCVynXOR4dUeY1Q4PHNFYCg5yFn8NEir39Y7dedZa
WFwflhJIi3L47yiOXXo149WrcadXi0qwM7tdAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUM09X1vIeVurBHcscD0UBabxriTIwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvTTA5WDF2SWVWdXJCSGNzY0QwVUJh
YnhyaVRJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAN6cMA0G
CSqGSIb3DQEBCwUAA4IBAQC2sL/V1BCURlfpUxDcsz1gu6p0un3MdyS7FexPnSV0
k093oQRzfCZu3kcNtSQ0dEx+xiFGbHzuI40YdvYDHmvOrUhDb1rm9Au5JC0W6JvZ
cxZk4DLRmBvaKOtrX/n2/HpU5ZbDw5q9dJZhIkhHJUi9RrNLQxxURYmmde9VOO+J
DhX9jMHyZzPr6hXgpiuzAv9N3ukqvvsI/Ztt/b6LCz+VYj//DvuYPHeX9OpABwYk
vYGTORTpswBBHoVrRL1edNAtocw3TiPG556nihGTQSZli4kUkrRiy83geOEq5K8J
mI3p3TUWFqs8SCe2Xdw5bSqTIqYQ6iT9KYeEeqy8Fnem
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:00 2024 by rpki-client on console-ams.rpki-client.org