Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/UJhrVTnaO18IcJ18S7oFqNhkolE.roa
File:                     UJhrVTnaO18IcJ18S7oFqNhkolE.roa (raw, json)
Hash identifier:          5JLG5fmrRei6Sh1X3MbFTRNShI/XsaQA5l1fT8CWkoI=
Subject key identifier:   50:98:6B:55:39:DA:3B:5F:08:70:9D:7C:4B:BA:05:A8:D8:64:A2:51
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0F63
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/UJhrVTnaO18IcJ18S7oFqNhkolE.roa
Signing time:             Thu 15 Sep 2022 02:40:24 +0000
ROA not before:           Thu 15 Sep 2022 02:40:24 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     17709
IP address blocks:        222.251.0.0/17 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3939 (0xf63)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 15 02:40:24 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=50986B5539DA3B5F08709D7C4BBA05A8D864A251
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:0b:03:ec:3f:7d:cd:fa:50:36:0d:67:d1:10:
                    dd:96:60:8c:05:fb:6a:a0:4c:c9:d7:0e:ee:bd:6a:
                    61:b2:2a:5b:a5:ad:f8:82:f8:fc:16:2e:ec:d2:09:
                    24:77:64:fe:2f:05:1f:a3:a6:ff:13:a9:c4:76:58:
                    8a:31:1d:94:07:e6:e2:88:8d:44:40:d8:7b:77:37:
                    07:dd:e4:f2:39:b8:42:13:8d:76:88:ca:1a:2c:44:
                    e2:23:a4:e5:97:1c:34:f9:6f:8f:30:32:c6:eb:54:
                    f1:bf:e8:1b:22:de:ac:b3:21:8d:7b:c7:60:e8:af:
                    69:b3:b0:9e:6e:07:2c:44:0a:2f:6a:22:21:8c:a7:
                    c6:bf:b7:6a:fb:3d:be:f6:55:40:4a:7f:8e:92:87:
                    2c:00:02:e5:86:17:93:e6:2a:a1:35:01:ef:11:83:
                    35:b6:34:55:f0:8c:f5:cc:8e:cf:9c:4b:f4:f2:32:
                    ac:2c:c1:0e:ea:8c:09:ff:b7:d3:05:8e:95:47:e1:
                    b0:c4:e4:d4:48:82:58:9d:50:b3:d0:69:09:62:2a:
                    29:0e:ed:44:07:5e:64:10:00:87:9a:ec:9c:37:05:
                    e7:10:46:b8:14:3a:61:15:e7:68:a8:15:21:d2:ee:
                    6f:e5:e0:ae:8b:c0:fb:7f:54:0c:38:46:6a:2a:43:
                    98:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:98:6B:55:39:DA:3B:5F:08:70:9D:7C:4B:BA:05:A8:D8:64:A2:51
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/UJhrVTnaO18IcJ18S7oFqNhkolE.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  222.251.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         8f:3a:d4:74:ad:62:f0:81:0b:11:9f:25:90:ae:00:71:66:bb:
         29:0b:30:67:5a:fb:2d:a8:64:2e:d2:d0:e5:77:fb:21:54:e1:
         e8:bd:47:aa:a2:30:7b:82:b5:e9:07:ba:8d:eb:0f:9f:03:0b:
         11:d9:bc:55:9b:7d:ee:8c:d1:f3:ef:64:89:34:4e:42:2b:e6:
         a8:4c:47:88:bf:3b:62:c4:00:ad:da:54:7a:16:09:bb:1d:2b:
         4e:d5:52:42:40:62:60:c6:88:a9:d6:f1:ca:5d:5f:38:f3:f8:
         55:8b:88:01:46:26:a1:98:60:b6:d8:e5:9e:f8:b5:33:64:c2:
         8d:ea:33:54:80:59:3c:c5:cb:69:48:de:8c:57:58:07:8e:27:
         bd:de:2d:3b:45:08:a2:c2:39:5f:82:6e:b1:c3:c9:b2:1f:08:
         d5:e8:0d:ad:cf:a8:7f:91:fc:0c:d7:40:0d:ba:3c:48:9a:ea:
         c5:ea:3b:e7:a8:c0:90:97:22:c8:6b:c7:62:3f:4c:07:ad:87:
         7a:fc:48:ca:5a:f7:31:5f:ce:8c:2f:c2:5c:79:88:15:7f:8d:
         22:e4:a4:04:cc:7a:07:e3:d0:6f:44:81:c5:1d:42:30:6b:c3:
         ea:34:31:15:9d:65:79:af:72:aa:79:4f:88:41:c6:52:ff:d3:
         69:34:62:aa
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICD2MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMjA5MTUw
MjQwMjRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDUwOTg2QjU1MzlEQTNC
NUYwODcwOUQ3QzRCQkEwNUE4RDg2NEEyNTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDECwPsP33N+lA2DWfREN2WYIwF+2qgTMnXDu69amGyKlulrfiC
+PwWLuzSCSR3ZP4vBR+jpv8TqcR2WIoxHZQH5uKIjURA2Ht3Nwfd5PI5uEITjXaI
yhosROIjpOWXHDT5b48wMsbrVPG/6Bsi3qyzIY17x2Dor2mzsJ5uByxECi9qIiGM
p8a/t2r7Pb72VUBKf46ShywAAuWGF5PmKqE1Ae8RgzW2NFXwjPXMjs+cS/TyMqws
wQ7qjAn/t9MFjpVH4bDE5NRIglidULPQaQliKikO7UQHXmQQAIea7Jw3BecQRrgU
OmEV52ioFSHS7m/l4K6LwPt/VAw4RmoqQ5gXAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUUJhrVTnaO18IcJ18S7oFqNhkolEwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvVUpoclZUbmFPMThJY0oxOFM3b0Zx
Tmhrb2xFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB977ADAN
BgkqhkiG9w0BAQsFAAOCAQEAjzrUdK1i8IELEZ8lkK4AcWa7KQswZ1r7LahkLtLQ
5Xf7IVTh6L1HqqIwe4K16Qe6jesPnwMLEdm8VZt97ozR8+9kiTROQivmqExHiL87
YsQArdpUehYJux0rTtVSQkBiYMaIqdbxyl1fOPP4VYuIAUYmoZhgttjlnvi1M2TC
jeozVIBZPMXLaUjejFdYB44nvd4tO0UIosI5X4JuscPJsh8I1egNrc+of5H8DNdA
Dbo8SJrqxeo756jAkJciyGvHYj9MB62HevxIylr3MV/OjC/CXHmIFX+NIuSkBMx6
B+PQb0SBxR1CMGvD6jQxFZ1lea9yqnlPiEHGUv/TaTRiqg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org