Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/MTBpJrdq33jB-DPVYOipMmaWgsA.roa
File:                     MTBpJrdq33jB-DPVYOipMmaWgsA.roa (raw, json)
Hash identifier:          Y3/HDS/KgxpuIkN+DKm0vCHSXIqZZx8RiFhZ/CT7uNI=
Subject key identifier:   31:30:69:26:B7:6A:DF:78:C1:F8:33:D5:60:E8:A9:32:66:96:82:C0
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0E49
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/MTBpJrdq33jB-DPVYOipMmaWgsA.roa
Signing time:             Wed 29 Sep 2021 02:40:11 +0000
ROA not before:           Wed 29 Sep 2021 02:40:11 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     131591
IP address blocks:        103.231.50.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3657 (0xe49)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 29 02:40:11 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=31306926B76ADF78C1F833D560E8A932669682C0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:76:5d:49:1a:8a:b9:fc:f1:d3:6f:ef:73:48:
                    0a:c5:4e:6a:bd:4e:4e:46:c8:08:f8:f6:c8:e9:0d:
                    3b:f9:aa:13:5c:17:14:9b:f8:56:a9:d4:31:61:1a:
                    bc:c7:cb:8c:1b:57:8b:1f:f8:5a:09:42:1b:a8:b8:
                    10:21:65:62:48:ef:4d:23:a0:94:1e:97:6a:32:fc:
                    54:16:a5:a9:80:7c:8c:3b:00:38:ca:72:72:2e:6f:
                    3a:58:8f:c5:1d:97:d5:f8:98:9d:06:27:3c:92:68:
                    59:d6:70:eb:ff:1a:a5:fa:6a:ef:14:c9:fe:f5:5f:
                    6c:30:81:74:98:bb:bd:8b:10:4f:43:8b:f7:0a:f2:
                    cb:17:66:01:3d:35:2d:d9:12:dd:e0:6d:a1:9d:94:
                    3b:b5:ee:ff:b8:3a:55:dd:d7:09:ca:e5:af:17:80:
                    64:d7:a6:f7:fb:2d:f9:ad:17:36:b7:93:9c:3e:b0:
                    7f:95:9f:2a:3c:91:6d:6b:1f:11:b5:dd:fa:1a:38:
                    09:f3:a2:ed:f5:de:8a:53:ad:0c:22:cb:90:41:d2:
                    47:b4:68:aa:e8:82:c4:31:ec:2a:b1:61:48:6c:4f:
                    bd:cd:20:33:eb:17:e3:3e:90:ed:4a:26:cc:ff:e0:
                    25:2a:02:35:ef:e7:12:1c:5f:90:da:f7:80:cc:b2:
                    7e:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:30:69:26:B7:6A:DF:78:C1:F8:33:D5:60:E8:A9:32:66:96:82:C0
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/MTBpJrdq33jB-DPVYOipMmaWgsA.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.231.50.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:37:dd:9d:22:89:a5:7c:76:ee:74:ec:37:8e:cf:a6:ee:a5:
         bb:3e:ba:2a:04:a8:74:c9:ec:bf:7c:19:8e:0a:22:21:b5:06:
         9c:02:25:e0:f2:12:2e:0b:78:4f:ec:7b:01:b5:e8:0d:92:b1:
         dc:c8:49:f4:fb:59:78:c9:eb:76:2d:84:87:9c:41:f8:c7:08:
         43:3c:00:5e:ee:91:6a:69:d8:ee:96:4e:90:b2:53:73:9d:e7:
         ba:88:8d:91:2f:d3:eb:5e:ee:57:9e:61:d8:81:21:0a:77:63:
         74:14:09:cb:77:39:14:3c:74:a7:ca:47:97:e5:04:0a:2f:88:
         e6:17:d2:f6:08:5f:17:e3:4f:60:c7:48:44:a8:61:dc:14:7e:
         04:12:d6:cd:28:fc:db:d0:0c:80:bd:e4:93:8b:26:7f:d2:b5:
         61:b5:67:44:e8:35:84:9a:a8:2a:c1:ea:da:bc:80:23:77:91:
         c9:68:30:aa:6b:c9:8b:97:cc:a9:ff:cc:bd:d8:5a:ef:73:15:
         66:52:48:ed:cc:c4:5a:d5:81:79:77:ab:ea:b2:bf:51:52:c8:
         6f:da:fa:51:86:8c:2a:98:87:2a:18:e3:37:ee:ce:78:ed:a7:
         e9:ac:ae:86:0f:89:81:3b:30:85:52:44:26:5c:5f:e8:33:7a:
         58:d5:a2:91
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDkkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjQwMTFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDMxMzA2OTI2Qjc2QURG
NzhDMUY4MzNENTYwRThBOTMyNjY5NjgyQzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCudl1JGoq5/PHTb+9zSArFTmq9Tk5GyAj49sjpDTv5qhNcFxSb
+Fap1DFhGrzHy4wbV4sf+FoJQhuouBAhZWJI700joJQel2oy/FQWpamAfIw7ADjK
cnIubzpYj8Udl9X4mJ0GJzySaFnWcOv/GqX6au8Uyf71X2wwgXSYu72LEE9Di/cK
8ssXZgE9NS3ZEt3gbaGdlDu17v+4OlXd1wnK5a8XgGTXpvf7LfmtFza3k5w+sH+V
nyo8kW1rHxG13foaOAnzou313opTrQwiy5BB0ke0aKrogsQx7CqxYUhsT73NIDPr
F+M+kO1KJsz/4CUqAjXv5xIcX5Da94DMsn73AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUMTBpJrdq33jB+DPVYOipMmaWgsAwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvTVRCcEpyZHEzM2pCLURQVllPaXBN
bWFXZ3NBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGfnMjAN
BgkqhkiG9w0BAQsFAAOCAQEAgzfdnSKJpXx27nTsN47Ppu6luz66KgSodMnsv3wZ
jgoiIbUGnAIl4PISLgt4T+x7AbXoDZKx3MhJ9PtZeMnrdi2Eh5xB+McIQzwAXu6R
amnY7pZOkLJTc53nuoiNkS/T617uV55h2IEhCndjdBQJy3c5FDx0p8pHl+UECi+I
5hfS9ghfF+NPYMdIRKhh3BR+BBLWzSj829AMgL3kk4smf9K1YbVnROg1hJqoKsHq
2ryAI3eRyWgwqmvJi5fMqf/Mvdha73MVZlJI7czEWtWBeXer6rK/UVLIb9r6UYaM
KpiHKhjjN+7OeO2n6ayuhg+JgTswhVJEJlxf6DN6WNWikQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:00 2024 by rpki-client on console-ams.rpki-client.org