Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/TZI3inol7LA8hawzDQZ0Aw74QXU.roa
File:                     TZI3inol7LA8hawzDQZ0Aw74QXU.roa (raw, json)
Hash identifier:          NU9Y74V/ws0Sa9Pw8pw9UY897f6cjhD4wWgMQS7BOTQ=
Subject key identifier:   4D:92:37:8A:7A:25:EC:B0:3C:85:AC:33:0D:06:74:03:0E:F8:41:75
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0DAE
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/TZI3inol7LA8hawzDQZ0Aw74QXU.roa
Signing time:             Wed 29 Sep 2021 02:39:26 +0000
ROA not before:           Wed 29 Sep 2021 02:39:26 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     17709
IP address blocks:        60.244.0.0/17 maxlen: 17

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3502 (0xdae)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 29 02:39:26 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=4D92378A7A25ECB03C85AC330D0674030EF84175
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:d9:41:69:da:d1:7a:45:9f:26:e4:c3:be:f5:
                    98:24:4d:66:ef:08:1f:9d:43:b7:a9:88:7b:b0:b4:
                    11:62:08:bb:99:b9:81:82:92:ef:ec:b0:56:f7:f8:
                    70:42:ea:8e:da:88:22:f7:5c:ae:22:59:6a:ed:2f:
                    26:cb:6c:94:e2:97:99:f0:2b:17:2b:85:24:53:f0:
                    ea:be:a8:96:0c:66:96:7d:89:4e:ef:e8:ba:af:35:
                    ea:b1:27:4c:bb:85:ab:ae:a3:e4:c7:2f:42:ad:e9:
                    3e:3c:c4:bb:47:2c:b7:0d:39:fd:85:0b:30:fb:ea:
                    7d:33:73:32:94:a7:03:82:cc:ce:83:e5:5a:cc:58:
                    4f:41:0a:47:fb:3c:f2:be:5d:83:d4:42:30:01:e8:
                    b8:9d:2b:c1:9e:13:b5:c0:a9:ca:aa:dc:5d:8b:8e:
                    80:71:36:91:3f:7f:06:c7:aa:64:bb:76:b6:66:5c:
                    8a:7e:2d:3d:8c:fa:b8:d7:d6:f6:b4:95:b6:66:d5:
                    4e:05:19:a1:19:05:f8:fe:5b:f7:06:fe:73:1b:ae:
                    44:dc:11:31:f2:2c:59:c3:41:53:72:90:ed:e0:15:
                    c0:fc:2b:70:32:dd:92:9c:b8:59:6b:7d:95:ae:1c:
                    a2:d8:4f:67:5c:67:99:aa:27:9a:2f:ae:3e:fb:87:
                    97:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:92:37:8A:7A:25:EC:B0:3C:85:AC:33:0D:06:74:03:0E:F8:41:75
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/TZI3inol7LA8hawzDQZ0Aw74QXU.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  60.244.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         90:62:a0:ac:1f:ed:db:d3:d2:03:82:b6:ac:e7:83:d3:ec:a5:
         2c:d1:35:04:0e:ac:0f:57:4a:66:90:b2:c8:a7:11:1b:41:03:
         00:5f:12:9b:6b:86:be:4c:69:60:2b:96:54:e0:e6:b9:0a:ba:
         52:2b:c1:d3:12:9d:7b:d0:0a:0f:08:00:2d:f6:f1:44:49:12:
         e3:d4:9d:9f:33:b5:be:11:e5:97:ee:0c:a0:fb:89:b6:90:ce:
         f6:1a:3a:df:41:88:f6:66:1e:cc:24:5e:94:9f:93:7a:f0:30:
         1a:9e:1b:24:f6:e5:c5:b3:58:0c:c9:0d:f5:0a:62:43:08:e9:
         72:d3:28:4e:f3:b3:45:33:71:6a:e1:e7:73:a2:d3:1e:32:69:
         5e:c9:cb:74:41:23:21:48:39:c5:ea:c6:67:9f:59:4c:02:c6:
         86:b3:26:1b:d3:8c:ae:9a:6e:61:0c:92:6c:3e:94:db:1b:23:
         03:04:cd:7d:2e:14:12:1c:0e:d7:d3:f9:0f:44:b0:b3:48:38:
         3a:4a:9b:5e:f0:ef:cb:9a:71:62:cf:3f:7e:eb:2c:5c:ec:83:
         8b:fb:34:da:92:ee:80:91:0b:d5:9a:c0:b8:8f:36:26:b8:af:
         15:16:44:fb:12:db:36:ca:68:af:74:39:a2:ff:c4:10:e7:96:
         b6:ad:c3:85
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDa4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5MjZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDREOTIzNzhBN0EyNUVD
QjAzQzg1QUMzMzBEMDY3NDAzMEVGODQxNzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCn2UFp2tF6RZ8m5MO+9ZgkTWbvCB+dQ7epiHuwtBFiCLuZuYGC
ku/ssFb3+HBC6o7aiCL3XK4iWWrtLybLbJTil5nwKxcrhSRT8Oq+qJYMZpZ9iU7v
6LqvNeqxJ0y7hauuo+THL0Kt6T48xLtHLLcNOf2FCzD76n0zczKUpwOCzM6D5VrM
WE9BCkf7PPK+XYPUQjAB6LidK8GeE7XAqcqq3F2LjoBxNpE/fwbHqmS7drZmXIp+
LT2M+rjX1va0lbZm1U4FGaEZBfj+W/cG/nMbrkTcETHyLFnDQVNykO3gFcD8K3Ay
3ZKcuFlrfZWuHKLYT2dcZ5mqJ5ovrj77h5eJAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUTZI3inol7LA8hawzDQZ0Aw74QXUwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvVFpJM2lub2w3TEE4aGF3ekRRWjBB
dzc0UVhVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBzz0ADAN
BgkqhkiG9w0BAQsFAAOCAQEAkGKgrB/t29PSA4K2rOeD0+ylLNE1BA6sD1dKZpCy
yKcRG0EDAF8Sm2uGvkxpYCuWVODmuQq6UivB0xKde9AKDwgALfbxREkS49SdnzO1
vhHll+4MoPuJtpDO9ho630GI9mYezCRelJ+TevAwGp4bJPblxbNYDMkN9QpiQwjp
ctMoTvOzRTNxauHnc6LTHjJpXsnLdEEjIUg5xerGZ59ZTALGhrMmG9OMrppuYQyS
bD6U2xsjAwTNfS4UEhwO19P5D0Sws0g4OkqbXvDvy5pxYs8/fussXOyDi/s02pLu
gJEL1ZrAuI82JrivFRZE+xLbNspor3Q5ov/EEOeWtq3DhQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org