Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/MDMraIRmA_pPPcuSgxMgZAvnds0.roa
File:                     MDMraIRmA_pPPcuSgxMgZAvnds0.roa (raw, json)
Hash identifier:          aZglmvV2Pyp/N21XP8v/BQ3MfdNxoMdTAlsmjX5MO/A=
Subject key identifier:   30:33:2B:68:84:66:03:FA:4F:3D:CB:92:83:13:20:64:0B:E7:76:CD
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       10C4
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/MDMraIRmA_pPPcuSgxMgZAvnds0.roa
Signing time:             Tue 16 May 2023 08:36:36 +0000
ROA not before:           Tue 16 May 2023 08:36:36 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     17709
IP address blocks:        210.58.112.0/20 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4292 (0x10c4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: May 16 08:36:36 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=30332B68846603FA4F3DCB92831320640BE776CD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:27:9f:9a:fe:1f:f6:8e:25:88:1d:32:91:36:
                    15:e5:68:ca:4e:2a:a5:40:cc:6e:2b:89:ea:ac:fd:
                    e1:16:0e:4e:f8:c0:c8:bd:a4:28:1b:fc:88:be:3d:
                    b5:e1:cc:0d:21:ac:80:da:6c:b0:82:a2:f5:84:58:
                    97:e2:4a:e5:4a:35:22:07:22:f7:b4:c6:e3:f8:a2:
                    24:e1:27:a9:aa:8a:91:47:2a:d3:7f:04:82:71:cc:
                    92:ab:27:6f:a5:58:4a:bc:c6:17:8f:2b:94:22:16:
                    1f:67:2c:81:eb:15:96:36:69:18:a9:1f:f5:d2:c3:
                    be:40:6f:58:50:e9:29:07:46:2b:c6:0d:87:02:01:
                    18:1a:23:2d:da:11:b8:3d:6a:40:a4:d0:f2:33:45:
                    c8:54:0d:d4:5e:f8:7e:bc:03:f2:96:bf:9a:51:31:
                    a0:7e:31:04:7b:c2:61:88:b0:2e:a6:0a:04:f2:53:
                    30:20:0d:ae:ef:94:b1:61:00:b8:0f:d2:45:ca:f0:
                    de:33:47:06:60:f2:de:1d:a9:73:af:1d:48:80:be:
                    63:7c:24:c6:44:89:03:06:a7:e9:8f:d3:67:ef:48:
                    48:23:07:ad:1e:a9:d2:10:35:e6:6c:f6:95:bb:8d:
                    85:f9:21:c2:b7:69:a6:e9:0e:69:2c:a6:7c:fc:03:
                    8b:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:33:2B:68:84:66:03:FA:4F:3D:CB:92:83:13:20:64:0B:E7:76:CD
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/MDMraIRmA_pPPcuSgxMgZAvnds0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.58.112.0/20

    Signature Algorithm: sha256WithRSAEncryption
         92:6b:8a:b7:87:cd:bf:9c:d2:b5:ee:36:23:61:42:fc:45:96:
         5b:9e:5f:47:ba:e2:8d:fa:ec:83:f0:d8:a2:2f:4f:b6:bc:c1:
         70:29:af:ba:42:6a:7b:76:55:8f:fe:da:63:e3:f2:6b:25:f7:
         7f:9e:68:68:54:02:01:a0:10:61:a4:3c:1a:b7:fd:97:22:0f:
         dd:7b:b1:c4:04:af:97:11:e2:d3:0f:ba:ed:a6:79:77:a9:98:
         c2:e7:e3:09:b3:27:4b:1d:86:c7:a3:27:6b:0e:2a:a3:e8:13:
         35:79:41:86:1d:2c:01:bc:8a:0c:cc:f7:d4:d5:93:6f:ba:f5:
         49:d0:99:59:bc:16:fb:3a:21:d9:b6:ec:b2:74:b0:05:20:b5:
         67:e3:0a:34:af:e9:97:f4:bc:91:64:a8:a5:b5:c5:04:a6:e5:
         2c:f4:09:75:5c:ee:76:3e:5f:a0:b8:c6:7d:9c:d9:44:d7:ec:
         0e:30:68:ba:25:8f:4c:30:bf:a3:ea:92:df:68:1c:8b:da:27:
         b4:c1:00:1f:de:17:0e:74:13:c6:86:2d:71:80:aa:64:a9:e9:
         91:ce:61:f8:05:62:bd:a8:ed:83:65:05:79:11:b8:04:2d:09:
         3e:3d:27:ef:27:16:b5:99:e6:f0:cd:c8:10:20:33:fc:87:5f:
         16:c3:ce:f2
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEMQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2MzZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDMwMzMyQjY4ODQ2NjAz
RkE0RjNEQ0I5MjgzMTMyMDY0MEJFNzc2Q0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5J5+a/h/2jiWIHTKRNhXlaMpOKqVAzG4rieqs/eEWDk74wMi9
pCgb/Ii+PbXhzA0hrIDabLCCovWEWJfiSuVKNSIHIve0xuP4oiThJ6mqipFHKtN/
BIJxzJKrJ2+lWEq8xhePK5QiFh9nLIHrFZY2aRipH/XSw75Ab1hQ6SkHRivGDYcC
ARgaIy3aEbg9akCk0PIzRchUDdRe+H68A/KWv5pRMaB+MQR7wmGIsC6mCgTyUzAg
Da7vlLFhALgP0kXK8N4zRwZg8t4dqXOvHUiAvmN8JMZEiQMGp+mP02fvSEgjB60e
qdIQNeZs9pW7jYX5IcK3aabpDmkspnz8A4uPAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUMDMraIRmA/pPPcuSgxMgZAvnds0wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvTURNcmFJUm1BX3BQUGN1U2d4TWda
QXZuZHMwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNI6cDAN
BgkqhkiG9w0BAQsFAAOCAQEAkmuKt4fNv5zSte42I2FC/EWWW55fR7rijfrsg/DY
oi9PtrzBcCmvukJqe3ZVj/7aY+PyayX3f55oaFQCAaAQYaQ8Grf9lyIP3XuxxASv
lxHi0w+67aZ5d6mYwufjCbMnSx2Gx6Mnaw4qo+gTNXlBhh0sAbyKDMz31NWTb7r1
SdCZWbwW+zoh2bbssnSwBSC1Z+MKNK/pl/S8kWSopbXFBKblLPQJdVzudj5foLjG
fZzZRNfsDjBouiWPTDC/o+qS32gci9ontMEAH94XDnQTxoYtcYCqZKnpkc5h+AVi
vajtg2UFeRG4BC0JPj0n7ycWtZnm8M3IECAz/IdfFsPO8g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org