Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/OYag5aOCeRXwKCDy-s8iPVYV2Y4.roa
File:                     OYag5aOCeRXwKCDy-s8iPVYV2Y4.roa (raw, json)
Hash identifier:          TyxL1yLF/iuzm6NaMHsuPAscHXa/S1cAWHlniGjSiMY=
Subject key identifier:   39:86:A0:E5:A3:82:79:15:F0:28:20:F2:FA:CF:22:3D:56:15:D9:8E
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       10DE
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/OYag5aOCeRXwKCDy-s8iPVYV2Y4.roa
Signing time:             Tue 16 May 2023 08:36:45 +0000
ROA not before:           Tue 16 May 2023 08:36:45 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     18419
IP address blocks:        124.218.104.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4318 (0x10de)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: May 16 08:36:45 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=3986A0E5A3827915F02820F2FACF223D5615D98E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:f3:c5:52:65:ef:ee:a9:e3:92:f4:a0:3f:df:
                    d2:91:48:ad:3f:7d:3c:7e:47:16:70:76:39:1f:69:
                    29:1a:b5:af:8f:97:02:cb:c0:54:05:83:54:f5:ea:
                    99:08:cd:10:bc:8c:68:99:b2:10:40:39:f7:02:9d:
                    f7:cf:4b:da:58:3a:26:e8:21:3d:57:c3:cf:95:3f:
                    d9:54:ce:41:c7:51:37:d8:b2:7a:95:9b:ed:77:5b:
                    88:c8:d5:2b:b2:57:3d:b2:8e:51:a4:d4:2e:24:0e:
                    54:59:7b:be:24:e8:05:5c:03:8f:a7:ae:f4:a3:25:
                    c5:11:6b:99:84:f5:b4:0a:56:7e:9f:b5:6d:a8:51:
                    e1:27:ab:f1:58:45:ff:51:61:85:f4:ce:56:34:b7:
                    c3:89:cb:00:d5:7c:0c:50:b6:9e:d6:4a:70:9b:7a:
                    18:88:55:c8:16:fb:58:4f:ac:c7:be:d6:27:60:cc:
                    5c:e6:3e:ee:69:4b:b2:50:a1:89:2f:5e:f5:ea:c6:
                    31:8e:7b:bf:a3:9a:58:2a:96:4d:81:a0:05:0b:6b:
                    05:25:48:a3:37:9a:63:2e:dd:76:af:0b:76:40:e5:
                    cf:75:5f:8e:8b:f1:02:4a:1d:e4:61:c5:fc:de:fe:
                    83:4e:51:35:e7:7b:56:37:5e:5c:47:a6:d6:28:bc:
                    3c:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:86:A0:E5:A3:82:79:15:F0:28:20:F2:FA:CF:22:3D:56:15:D9:8E
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/OYag5aOCeRXwKCDy-s8iPVYV2Y4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  124.218.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         71:69:8d:6b:e0:bd:38:fe:59:4c:51:85:87:0f:23:62:18:59:
         7c:40:15:4b:09:00:4c:d5:78:7f:4f:c6:13:4b:89:35:c9:4a:
         45:f4:26:93:1e:aa:0b:06:80:5a:d4:14:cb:38:c3:03:68:1a:
         f7:c4:d9:27:a3:f7:f4:ec:1d:3e:9f:da:54:f1:92:c9:c0:e6:
         73:97:c3:2d:25:a2:f3:ef:04:2a:cf:77:f6:bf:bc:8a:03:2f:
         a8:05:47:08:43:d4:cc:61:15:23:f1:0f:6f:cc:54:f7:c9:f1:
         f9:94:60:da:cd:d7:b9:1c:34:f6:c2:93:a9:e4:8d:1e:93:05:
         45:b2:e6:91:57:62:29:76:28:ca:86:31:fd:87:e9:56:ea:4e:
         85:35:84:ba:98:1e:27:3b:49:e3:60:b0:c5:9b:43:e5:fa:ff:
         56:90:22:47:4e:da:6d:a3:df:85:36:05:e5:2d:2e:ec:de:6e:
         8a:42:8a:f8:89:32:39:b0:c5:0f:fe:bf:33:95:f2:2f:48:3d:
         1c:11:b8:e9:b7:89:f3:63:85:63:1b:60:52:3f:77:5e:3d:b9:
         14:a3:c3:aa:d0:06:47:d0:b0:bc:eb:da:8c:9e:3d:bd:0a:2d:
         db:37:ed:51:d9:04:6c:1e:e9:4f:4a:3b:57:b5:08:87:0e:8d:
         b0:9a:22:f3
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEN4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2NDVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDM5ODZBMEU1QTM4Mjc5
MTVGMDI4MjBGMkZBQ0YyMjNENTYxNUQ5OEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDA88VSZe/uqeOS9KA/39KRSK0/fTx+RxZwdjkfaSkata+PlwLL
wFQFg1T16pkIzRC8jGiZshBAOfcCnffPS9pYOiboIT1Xw8+VP9lUzkHHUTfYsnqV
m+13W4jI1SuyVz2yjlGk1C4kDlRZe74k6AVcA4+nrvSjJcURa5mE9bQKVn6ftW2o
UeEnq/FYRf9RYYX0zlY0t8OJywDVfAxQtp7WSnCbehiIVcgW+1hPrMe+1idgzFzm
Pu5pS7JQoYkvXvXqxjGOe7+jmlgqlk2BoAULawUlSKM3mmMu3XavC3ZA5c91X46L
8QJKHeRhxfze/oNOUTXne1Y3XlxHptYovDybAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUOYag5aOCeRXwKCDy+s8iPVYV2Y4wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvT1lhZzVhT0NlUlh3S0NEeS1zOGlQ
VllWMlk0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAnzaaDAN
BgkqhkiG9w0BAQsFAAOCAQEAcWmNa+C9OP5ZTFGFhw8jYhhZfEAVSwkATNV4f0/G
E0uJNclKRfQmkx6qCwaAWtQUyzjDA2ga98TZJ6P39OwdPp/aVPGSycDmc5fDLSWi
8+8EKs939r+8igMvqAVHCEPUzGEVI/EPb8xU98nx+ZRg2s3XuRw09sKTqeSNHpMF
RbLmkVdiKXYoyoYx/YfpVupOhTWEupgeJztJ42CwxZtD5fr/VpAiR07abaPfhTYF
5S0u7N5uikKK+IkyObDFD/6/M5XyL0g9HBG46beJ82OFYxtgUj93Xj25FKPDqtAG
R9CwvOvajJ49vQot2zftUdkEbB7pT0o7V7UIhw6NsJoi8w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:00 2024 by rpki-client on console-ams.rpki-client.org