Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/NgY5sKe4zUhUxOIzLOjKQoMJj7g.roa
File:                     NgY5sKe4zUhUxOIzLOjKQoMJj7g.roa (raw, json)
Hash identifier:          mI+BOIIWYsoCJDe7MnVlCDlD9oG2ifSlEScnKhZm/+0=
Subject key identifier:   36:06:39:B0:A7:B8:CD:48:54:C4:E2:33:2C:E8:CA:42:83:09:8F:B8
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0944
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/NgY5sKe4zUhUxOIzLOjKQoMJj7g.roa
Signing time:             Tue 29 Sep 2020 10:01:39 +0000
ROA not before:           Tue 29 Sep 2020 10:01:39 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     7482
IP address blocks:        203.79.192.0/18 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2372 (0x944)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 29 10:01:39 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=360639B0A7B8CD4854C4E2332CE8CA4283098FB8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:30:86:d1:63:d5:14:b3:3a:8b:a1:49:e1:28:
                    01:ca:f8:96:ed:ab:65:a3:2d:d7:ba:91:e8:f8:20:
                    ac:d2:3b:f0:4a:20:ae:af:7b:df:e1:88:9a:7e:f1:
                    3e:a2:cc:dc:57:bd:c5:cc:13:eb:c7:4b:a5:11:7c:
                    75:b2:e1:4d:a4:e9:49:c9:1d:b8:5c:97:79:c0:aa:
                    82:4a:42:68:e5:70:ea:32:0a:3b:5a:23:be:cb:45:
                    cc:68:b2:56:1b:3e:ed:04:11:a7:00:d0:a7:c5:2c:
                    67:83:c8:71:b1:34:ae:b0:9a:11:d2:84:5f:5f:3a:
                    c6:df:bd:c1:a2:fb:29:a9:33:20:4f:0d:7a:fc:ce:
                    17:61:72:a1:42:6d:18:72:a0:5a:ea:7d:15:74:4c:
                    c1:f3:89:ee:10:54:97:ca:e6:aa:cd:7d:9e:3d:5e:
                    49:f0:db:a9:62:e3:95:14:7a:3e:7e:cf:41:c4:44:
                    e8:9a:1e:97:2d:64:58:06:44:1c:13:7e:d2:01:8e:
                    98:36:f8:5d:c0:79:d3:4a:f7:1e:6d:b0:1f:5a:27:
                    c4:8c:d5:76:99:e2:95:fd:63:dd:df:ca:ce:9e:bb:
                    50:55:77:bd:bf:94:c1:fb:ad:95:2c:cc:dd:5b:b3:
                    7f:1a:24:70:6c:61:ef:36:4f:15:f4:a0:16:c2:43:
                    d8:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:06:39:B0:A7:B8:CD:48:54:C4:E2:33:2C:E8:CA:42:83:09:8F:B8
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/NgY5sKe4zUhUxOIzLOjKQoMJj7g.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.79.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         13:2f:17:00:c5:67:21:a7:d2:19:a9:aa:67:84:af:af:b8:8a:
         79:cf:f6:6a:65:13:a3:65:80:90:02:fc:d1:98:84:26:43:9a:
         c8:12:11:b8:8d:79:72:8e:75:ae:1b:c5:bf:e6:ca:10:63:09:
         d7:d2:1a:5e:c2:10:5e:6b:63:ed:37:f0:51:9e:e4:2f:22:0a:
         84:69:1c:b9:cb:b7:bb:fb:c5:5b:b6:5d:24:9e:90:1c:b0:48:
         6d:0a:b1:76:74:6a:5b:b9:ae:62:40:98:eb:a8:1f:d9:ab:8d:
         6f:74:31:67:2d:9c:0a:d9:d7:91:3e:a7:71:3d:03:93:d7:f5:
         ac:17:f1:4e:68:49:9c:05:74:66:d5:3f:05:7e:e0:62:95:4b:
         d6:42:50:ac:7c:1d:3b:97:e4:19:10:04:90:09:ab:40:b5:f6:
         ae:54:06:d7:4f:8b:b5:9f:ab:4f:7a:75:95:58:49:41:74:71:
         61:4c:d8:31:56:0a:0d:90:b2:b4:4a:5c:82:d7:82:03:7d:d5:
         3a:1d:54:54:6e:b7:3e:29:81:8d:ce:4c:0c:49:b2:31:b4:d2:
         f4:48:c4:fd:81:34:72:cf:77:dd:e1:5d:0a:7e:b3:8a:76:92:
         25:e5:ce:19:65:b4:65:6c:7a:58:31:67:17:9f:6c:df:58:4d:
         6c:83:d5:9e
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCUQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMDA5Mjkx
MDAxMzlaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDM2MDYzOUIwQTdCOENE
NDg1NEM0RTIzMzJDRThDQTQyODMwOThGQjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmMIbRY9UUszqLoUnhKAHK+Jbtq2WjLde6kej4IKzSO/BKIK6v
e9/hiJp+8T6izNxXvcXME+vHS6URfHWy4U2k6UnJHbhcl3nAqoJKQmjlcOoyCjta
I77LRcxoslYbPu0EEacA0KfFLGeDyHGxNK6wmhHShF9fOsbfvcGi+ympMyBPDXr8
zhdhcqFCbRhyoFrqfRV0TMHzie4QVJfK5qrNfZ49Xknw26li45UUej5+z0HEROia
HpctZFgGRBwTftIBjpg2+F3AedNK9x5tsB9aJ8SM1XaZ4pX9Y93fys6eu1BVd72/
lMH7rZUszN1bs38aJHBsYe82TxX0oBbCQ9gnAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUNgY5sKe4zUhUxOIzLOjKQoMJj7gwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvTmdZNXNLZTR6VWhVeE9JekxPaktR
b01KajdnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBstPwDAN
BgkqhkiG9w0BAQsFAAOCAQEAEy8XAMVnIafSGamqZ4Svr7iKec/2amUTo2WAkAL8
0ZiEJkOayBIRuI15co51rhvFv+bKEGMJ19IaXsIQXmtj7TfwUZ7kLyIKhGkcucu3
u/vFW7ZdJJ6QHLBIbQqxdnRqW7muYkCY66gf2auNb3QxZy2cCtnXkT6ncT0Dk9f1
rBfxTmhJnAV0ZtU/BX7gYpVL1kJQrHwdO5fkGRAEkAmrQLX2rlQG10+LtZ+rT3p1
lVhJQXRxYUzYMVYKDZCytEpcgteCA33VOh1UVG63PimBjc5MDEmyMbTS9EjE/YE0
cs933eFdCn6zinaSJeXOGWW0ZWx6WDFnF59s31hNbIPVng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org