Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/Nb9bDJ29tQg7HbMUyBOs79dIp88.roa
File:                     Nb9bDJ29tQg7HbMUyBOs79dIp88.roa (raw, json)
Hash identifier:          iClEMYWl74f9NNLggV3SZLZdnRsHvqCdRWyi28nqCHk=
Subject key identifier:   35:BF:5B:0C:9D:BD:B5:08:3B:1D:B3:14:C8:13:AC:EF:D7:48:A7:CF
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0C41
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Nb9bDJ29tQg7HbMUyBOs79dIp88.roa
Signing time:             Sun 07 Feb 2021 11:35:26 +0000
ROA not before:           Sun 07 Feb 2021 11:35:26 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     17709
IP address blocks:        218.187.0.0/16 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3137 (0xc41)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Feb  7 11:35:26 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=35BF5B0C9DBDB5083B1DB314C813ACEFD748A7CF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:85:95:66:82:9a:8d:a9:96:ef:b9:5a:7d:3f:
                    b4:53:62:12:3f:8b:fe:5e:26:14:fa:b9:e7:d5:c7:
                    f4:4a:01:f2:62:f4:e2:3a:4e:86:0a:ee:77:61:6e:
                    bb:7a:8d:df:db:ed:0b:a9:56:53:f1:75:fc:39:1a:
                    c2:a1:47:8c:41:79:d0:e8:55:fa:18:7f:8b:8d:1b:
                    8b:a6:4b:2b:af:bb:3b:9a:1c:10:d5:8a:ee:df:34:
                    80:e7:a0:7b:f1:90:6a:0f:4b:05:5a:2d:2a:8c:13:
                    da:4b:25:b4:35:9b:66:73:2f:22:7e:34:cf:2b:ce:
                    5c:6a:65:62:e7:9c:3c:45:be:cd:7e:9f:6d:51:2b:
                    53:ef:23:47:1c:9f:0b:18:96:fa:4c:28:d8:4c:16:
                    71:09:ef:53:9b:3b:9d:f0:07:11:1a:a4:fd:de:e6:
                    b9:6b:b8:8d:fe:0b:a9:a0:ad:aa:1c:f8:0d:63:1f:
                    1e:46:ba:c8:bb:d6:1b:9f:d4:1f:18:9f:d7:99:2b:
                    82:63:fc:1a:72:46:49:dd:f6:25:51:90:1f:4c:e1:
                    9e:14:19:25:b9:34:f7:01:ab:bd:bb:26:3e:ca:36:
                    01:64:75:13:77:48:4d:f5:ba:77:9f:c0:96:d5:f7:
                    ad:66:63:ce:28:45:57:32:01:16:58:ba:87:08:d1:
                    d3:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:BF:5B:0C:9D:BD:B5:08:3B:1D:B3:14:C8:13:AC:EF:D7:48:A7:CF
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Nb9bDJ29tQg7HbMUyBOs79dIp88.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  218.187.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         2b:10:74:22:4c:15:a7:cd:47:79:7c:a0:28:3c:a9:9c:dd:47:
         b2:33:94:5b:64:98:9d:ae:bd:bf:44:9a:ae:69:da:c8:42:13:
         c5:cc:3d:42:d7:18:7a:fd:56:69:b8:8c:2d:f0:0c:ac:e1:d2:
         6a:71:f2:53:96:c6:28:7b:83:db:c5:ed:1b:e8:f9:27:ee:e0:
         e7:77:99:dd:3c:df:53:89:74:a5:c1:de:a7:70:b2:5a:b7:ee:
         1f:f2:5a:27:8c:52:13:b2:2a:a9:a7:73:43:49:7c:43:05:2e:
         ab:01:14:cc:ff:63:81:f7:8a:f9:c5:77:5d:76:09:aa:2b:24:
         87:26:1f:cc:8e:0a:e3:1b:fb:48:83:89:4d:8d:8b:e1:c0:c6:
         ce:75:7d:36:a3:97:7b:c3:7b:5c:44:b7:8e:35:1a:df:1f:0a:
         56:42:bd:5d:94:f7:fa:87:6c:c0:5a:c1:0e:8e:7c:68:83:b8:
         f2:59:7e:a5:44:64:dd:1e:2e:e9:db:33:73:85:ad:ba:fc:0c:
         a9:34:ff:3b:9c:77:65:ad:fc:43:9e:bd:af:a6:c3:4c:86:4f:
         c5:e9:67:09:df:e6:6f:94:3e:e9:1b:ce:28:a5:04:fb:83:a0:
         f1:f7:70:77:1c:0a:03:a8:7a:10:03:3f:07:36:a9:09:bc:d2:
         4e:c9:ee:6e
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICDEEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAyMDcx
MTM1MjZaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDM1QkY1QjBDOURCREI1
MDgzQjFEQjMxNEM4MTNBQ0VGRDc0OEE3Q0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3hZVmgpqNqZbvuVp9P7RTYhI/i/5eJhT6uefVx/RKAfJi9OI6
ToYK7ndhbrt6jd/b7QupVlPxdfw5GsKhR4xBedDoVfoYf4uNG4umSyuvuzuaHBDV
iu7fNIDnoHvxkGoPSwVaLSqME9pLJbQ1m2ZzLyJ+NM8rzlxqZWLnnDxFvs1+n21R
K1PvI0ccnwsYlvpMKNhMFnEJ71ObO53wBxEapP3e5rlruI3+C6mgraoc+A1jHx5G
usi71huf1B8Yn9eZK4Jj/BpyRknd9iVRkB9M4Z4UGSW5NPcBq727Jj7KNgFkdRN3
SE31unefwJbV961mY84oRVcyARZYuocI0dMDAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUNb9bDJ29tQg7HbMUyBOs79dIp88wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvTmI5YkRKMjl0UWc3SGJNVXlCT3M3
OWRJcDg4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANq7MA0G
CSqGSIb3DQEBCwUAA4IBAQArEHQiTBWnzUd5fKAoPKmc3UeyM5RbZJidrr2/RJqu
adrIQhPFzD1C1xh6/VZpuIwt8Ays4dJqcfJTlsYoe4Pbxe0b6Pkn7uDnd5ndPN9T
iXSlwd6ncLJat+4f8lonjFITsiqpp3NDSXxDBS6rARTM/2OB94r5xXdddgmqKySH
Jh/MjgrjG/tIg4lNjYvhwMbOdX02o5d7w3tcRLeONRrfHwpWQr1dlPf6h2zAWsEO
jnxog7jyWX6lRGTdHi7p2zNzha26/AypNP87nHdlrfxDnr2vpsNMhk/F6WcJ3+Zv
lD7pG84opQT7g6Dx93B3HAoDqHoQAz8HNqkJvNJOye5u
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org