Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/ThHeufSBcJmtWCYDI0WwzLo3EWQ.roa
File:                     ThHeufSBcJmtWCYDI0WwzLo3EWQ.roa (raw, json)
Hash identifier:          fTWt4YPm6p77Z7TqmfIfOvLbSkxvJ9kcFxUZGMBpvCw=
Subject key identifier:   4E:11:DE:B9:F4:81:70:99:AD:58:26:03:23:45:B0:CC:BA:37:11:64
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0E3D
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/ThHeufSBcJmtWCYDI0WwzLo3EWQ.roa
Signing time:             Wed 29 Sep 2021 02:40:08 +0000
ROA not before:           Wed 29 Sep 2021 02:40:08 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     17709
IP address blocks:        2404:0:1000::/36 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3645 (0xe3d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 29 02:40:08 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=4E11DEB9F4817099AD5826032345B0CCBA371164
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:63:d5:a1:96:d1:63:4f:c9:3f:46:f6:e3:a1:
                    03:84:cd:10:d9:ca:d4:40:1e:82:4d:ec:07:bc:6c:
                    cc:cf:cb:1c:70:15:68:6b:f5:6d:91:f0:ab:51:1d:
                    5e:02:d1:37:5e:ff:dc:fa:94:75:00:c4:e2:2e:12:
                    ad:f1:db:89:ce:44:57:41:cd:84:f7:3b:66:d4:c4:
                    65:c2:3d:ba:ba:1b:81:aa:e7:c2:82:bf:30:cd:cd:
                    dc:d0:49:10:fb:61:22:f2:5e:8b:2a:79:39:19:07:
                    dc:eb:14:8f:0c:fb:d2:5e:97:59:2d:c9:f3:66:98:
                    00:a7:72:1f:6f:61:62:8a:62:5e:0c:d7:8d:39:65:
                    41:22:74:2f:39:fc:f2:a5:db:c4:18:4f:6a:21:92:
                    bd:b5:f4:e6:f7:50:79:e9:6a:a3:28:c3:11:1c:de:
                    90:95:3d:23:a2:17:43:89:54:02:c2:79:ea:82:da:
                    47:94:af:71:94:95:dd:64:09:3f:3e:bb:4e:0c:3e:
                    82:c4:2b:bf:40:a8:6b:a2:4a:b5:65:55:33:b9:90:
                    34:c4:b8:73:b1:8e:1c:c8:61:b4:48:6c:dd:0c:39:
                    b7:9a:e7:d9:65:43:db:d3:f0:fd:7c:04:72:d8:03:
                    89:d9:13:32:e4:45:40:d5:73:b4:4b:f8:3b:76:fb:
                    d3:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:11:DE:B9:F4:81:70:99:AD:58:26:03:23:45:B0:CC:BA:37:11:64
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/ThHeufSBcJmtWCYDI0WwzLo3EWQ.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:0:1000::/36

    Signature Algorithm: sha256WithRSAEncryption
         a8:44:71:b6:f5:ea:ac:9b:d1:41:2f:c0:41:c5:24:2c:b8:63:
         2f:2c:b2:bc:f2:ce:d9:dc:16:5b:5a:f8:f9:da:59:b0:1f:88:
         44:8e:49:a1:7b:3a:64:e8:fb:a1:62:44:0d:f8:73:7a:42:be:
         0a:dc:c6:d7:ec:b1:50:30:24:08:3a:4b:2c:87:42:cc:b9:61:
         b6:e5:f9:bd:ae:6f:d3:e4:70:bb:69:93:a5:a5:6a:92:5b:f3:
         98:1d:47:fb:99:2b:72:86:37:8c:72:88:2e:06:6b:a5:9b:cf:
         79:bc:3f:6b:18:c8:88:38:0c:0c:73:66:69:e6:02:c1:f5:fa:
         cb:ec:7c:db:b3:e1:d8:89:20:ce:f4:10:77:6e:9f:81:9f:e9:
         79:c1:9f:48:01:c5:8d:a4:47:77:ce:97:44:33:3b:f2:c0:73:
         c6:d2:0d:7b:44:46:9b:d3:d8:43:7a:dc:e5:84:32:35:6a:d4:
         90:08:c8:f9:02:a9:5c:d9:06:ed:0f:ae:ed:83:6e:eb:8d:4a:
         a7:fb:fd:aa:72:80:21:f1:bf:97:45:31:be:03:49:41:90:b9:
         f5:5e:9d:01:ab:ad:f8:97:74:74:0c:4c:41:4a:23:1c:e3:14:
         eb:eb:cc:32:89:5a:61:47:85:c5:d5:e3:85:26:c4:24:6c:bd:
         46:bf:34:6a
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDj0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjQwMDhaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDRFMTFERUI5RjQ4MTcw
OTlBRDU4MjYwMzIzNDVCMENDQkEzNzExNjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRY9WhltFjT8k/RvbjoQOEzRDZytRAHoJN7Ae8bMzPyxxwFWhr
9W2R8KtRHV4C0Tde/9z6lHUAxOIuEq3x24nORFdBzYT3O2bUxGXCPbq6G4Gq58KC
vzDNzdzQSRD7YSLyXosqeTkZB9zrFI8M+9Jel1ktyfNmmACnch9vYWKKYl4M1405
ZUEidC85/PKl28QYT2ohkr219Ob3UHnpaqMowxEc3pCVPSOiF0OJVALCeeqC2keU
r3GUld1kCT8+u04MPoLEK79AqGuiSrVlVTO5kDTEuHOxjhzIYbRIbN0MObea59ll
Q9vT8P18BHLYA4nZEzLkRUDVc7RL+Dt2+9O/AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUThHeufSBcJmtWCYDI0WwzLo3EWQwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvVGhIZXVmU0JjSm10V0NZREkwV3d6
TG8zRVdRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCQEAAAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCoRHG29eqsm9FBL8BBxSQsuGMvLLK88s7Z3BZb
Wvj52lmwH4hEjkmhezpk6PuhYkQN+HN6Qr4K3MbX7LFQMCQIOkssh0LMuWG25fm9
rm/T5HC7aZOlpWqSW/OYHUf7mStyhjeMcoguBmulm895vD9rGMiIOAwMc2Zp5gLB
9frL7Hzbs+HYiSDO9BB3bp+Bn+l5wZ9IAcWNpEd3zpdEMzvywHPG0g17REab09hD
etzlhDI1atSQCMj5Aqlc2QbtD67tg27rjUqn+/2qcoAh8b+XRTG+A0lBkLn1Xp0B
q634l3R0DExBSiMc4xTr68wyiVphR4XF1eOFJsQkbL1GvzRq
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org