Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/UM9XMqovFQfb-RkAMisjfb7ikQY.roa
File:                     UM9XMqovFQfb-RkAMisjfb7ikQY.roa (raw, json)
Hash identifier:          KyAHoxoDyWuxmlctPWw3UvAAskZrGkJ1ZmCjys3qRcY=
Subject key identifier:   50:CF:57:32:AA:2F:15:07:DB:F9:19:00:32:2B:23:7D:BE:E2:91:06
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       108C
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/UM9XMqovFQfb-RkAMisjfb7ikQY.roa
Signing time:             Tue 16 May 2023 08:36:20 +0000
ROA not before:           Tue 16 May 2023 08:36:20 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     7482
IP address blocks:        210.203.0.0/18 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4236 (0x108c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: May 16 08:36:20 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=50CF5732AA2F1507DBF91900322B237DBEE29106
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:e0:27:6d:73:06:cf:7a:f5:0f:7d:92:d2:26:
                    0d:fe:0f:ba:ac:33:53:49:ec:28:22:fa:39:cb:67:
                    31:80:ac:60:be:52:5b:d0:1a:b6:df:5c:24:fb:db:
                    01:11:7e:e6:9b:06:ac:70:c7:b3:c4:a3:19:52:9e:
                    7d:40:ae:a5:e3:fe:1a:d6:e8:3d:36:04:96:7e:7f:
                    aa:7a:cc:f4:7d:35:db:f3:d2:27:4b:f2:f3:d9:d6:
                    a1:a4:d0:ff:a4:39:24:93:40:b9:21:22:47:29:5d:
                    17:df:89:9d:d8:ec:7d:e8:50:59:d9:8b:86:eb:25:
                    c7:f8:8a:6c:a1:d1:21:03:18:17:26:3c:2d:aa:f9:
                    b9:f3:03:54:57:3c:a1:02:20:e2:a1:67:74:0c:b9:
                    42:28:7c:ba:97:a8:34:72:69:9d:35:19:28:ed:d0:
                    43:1b:70:8f:5f:46:a6:f4:7c:fe:31:ec:f6:3d:de:
                    ab:74:e5:f7:50:61:d3:54:dc:d9:87:48:05:97:3f:
                    b8:a2:b5:5e:d5:58:15:c2:1f:cd:69:37:3e:f1:3c:
                    58:b9:f2:f5:e2:e6:dc:ee:52:5b:f3:08:6d:51:ea:
                    ea:0e:0b:59:d2:7f:b1:46:42:50:69:44:61:d5:42:
                    36:ba:0b:f0:0c:60:6a:56:62:21:8b:b4:4b:2f:aa:
                    51:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:CF:57:32:AA:2F:15:07:DB:F9:19:00:32:2B:23:7D:BE:E2:91:06
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/UM9XMqovFQfb-RkAMisjfb7ikQY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.203.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         0f:08:bf:d9:2a:44:c3:c3:9d:c2:53:cc:fe:19:40:ca:8f:da:
         55:ff:5d:2a:f7:e0:33:77:94:d1:e7:3c:ae:0c:4a:0c:46:9a:
         1e:01:d3:c8:ba:30:f3:53:42:7a:f7:9d:24:26:55:4a:7b:df:
         d2:79:ca:d3:b0:10:bc:bd:eb:75:05:92:d1:15:52:62:cb:a8:
         9f:29:1e:71:72:da:d3:26:a1:7c:e2:27:b0:30:32:1a:3c:10:
         c4:54:db:21:78:f4:31:f9:3e:bc:58:b5:cd:42:09:70:07:61:
         6d:2d:8b:10:04:26:b9:49:94:f5:68:c5:f0:54:d9:c1:00:0b:
         5f:3d:d4:fa:bc:d6:12:e8:85:8f:a2:4f:64:07:7b:da:62:08:
         31:57:c9:31:18:6f:43:60:24:0d:05:f5:38:ba:dc:03:04:7d:
         7d:63:48:e0:d1:c7:ee:97:1a:31:f5:0e:b8:fc:42:ae:d9:5f:
         bf:85:a9:bc:a3:75:6e:6d:9c:bd:0a:1f:1c:0d:ce:5d:be:d0:
         6d:dd:8b:64:45:29:b3:83:84:1b:b7:c9:c7:95:56:43:c6:9e:
         cc:5a:13:cd:cc:d3:0e:f1:68:9d:a2:c0:22:ee:39:a2:5e:63:
         24:f0:93:b1:16:d6:e6:52:c8:fe:a3:a8:e8:24:78:af:3c:25:
         6d:26:7b:0d
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEIwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2MjBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDUwQ0Y1NzMyQUEyRjE1
MDdEQkY5MTkwMDMyMkIyMzdEQkVFMjkxMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDL4CdtcwbPevUPfZLSJg3+D7qsM1NJ7Cgi+jnLZzGArGC+UlvQ
GrbfXCT72wERfuabBqxwx7PEoxlSnn1ArqXj/hrW6D02BJZ+f6p6zPR9Ndvz0idL
8vPZ1qGk0P+kOSSTQLkhIkcpXRffiZ3Y7H3oUFnZi4brJcf4imyh0SEDGBcmPC2q
+bnzA1RXPKECIOKhZ3QMuUIofLqXqDRyaZ01GSjt0EMbcI9fRqb0fP4x7PY93qt0
5fdQYdNU3NmHSAWXP7iitV7VWBXCH81pNz7xPFi58vXi5tzuUlvzCG1R6uoOC1nS
f7FGQlBpRGHVQja6C/AMYGpWYiGLtEsvqlGzAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUUM9XMqovFQfb+RkAMisjfb7ikQYwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvVU05WE1xb3ZGUWZiLVJrQU1pc2pm
Yjdpa1FZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBtLLADAN
BgkqhkiG9w0BAQsFAAOCAQEADwi/2SpEw8OdwlPM/hlAyo/aVf9dKvfgM3eU0ec8
rgxKDEaaHgHTyLow81NCevedJCZVSnvf0nnK07AQvL3rdQWS0RVSYsuonykecXLa
0yahfOInsDAyGjwQxFTbIXj0Mfk+vFi1zUIJcAdhbS2LEAQmuUmU9WjF8FTZwQAL
Xz3U+rzWEuiFj6JPZAd72mIIMVfJMRhvQ2AkDQX1OLrcAwR9fWNI4NHH7pcaMfUO
uPxCrtlfv4WpvKN1bm2cvQofHA3OXb7Qbd2LZEUps4OEG7fJx5VWQ8aezFoTzczT
DvFonaLAIu45ol5jJPCTsRbW5lLI/qOo6CR4rzwlbSZ7DQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:00 2024 by rpki-client on console-ams.rpki-client.org