Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/UrJZfR6OK-DUIRBr8laBrc_-r5M.roa
File:                     UrJZfR6OK-DUIRBr8laBrc_-r5M.roa (raw, json)
Hash identifier:          XXCkh0P1qIkWuIyPQ1TOx2O7zQn39gHYZDwvlNUB51M=
Subject key identifier:   52:B2:59:7D:1E:8E:2B:E0:D4:21:10:6B:F2:56:81:AD:CF:FE:AF:93
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0E15
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/UrJZfR6OK-DUIRBr8laBrc_-r5M.roa
Signing time:             Wed 29 Sep 2021 02:39:57 +0000
ROA not before:           Wed 29 Sep 2021 02:39:57 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     131142
IP address blocks:        223.22.16.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3605 (0xe15)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 29 02:39:57 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=52B2597D1E8E2BE0D421106BF25681ADCFFEAF93
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:7e:a2:7a:70:37:02:2d:e6:d8:7c:2f:2a:ec:
                    78:4b:86:be:8f:fd:e5:5b:32:27:7c:0b:28:55:0b:
                    5a:f1:2f:9d:23:ef:9b:7d:57:52:e8:70:9f:45:6b:
                    a9:07:39:1e:7d:94:58:79:a6:9c:77:e8:59:bd:89:
                    b9:d0:5d:9b:69:81:8c:56:f4:67:25:e2:8b:83:8c:
                    76:e2:20:2d:e4:f4:ff:b5:80:09:72:15:e6:6b:26:
                    b1:8a:96:79:be:ca:7a:4b:d1:b6:c8:69:3d:9f:1d:
                    6b:d4:5c:f3:06:d2:4f:d5:3b:8b:19:74:7c:fa:cc:
                    49:12:d3:60:69:94:66:93:ab:3f:1b:55:4a:26:47:
                    0d:0d:1e:96:60:62:48:c5:9d:b6:be:38:cb:44:f4:
                    24:c8:02:6a:3a:af:c1:25:e7:b8:80:21:36:c0:37:
                    7e:b2:d0:e9:e1:07:3f:e7:7c:53:8d:33:f3:af:5e:
                    32:f6:d9:ca:5e:71:32:68:13:fb:62:12:66:0d:4c:
                    e1:ca:ea:87:9e:bf:c6:83:bd:a6:1c:f2:ca:93:87:
                    66:6d:24:ee:4f:7d:4a:01:ee:ae:4c:2a:d8:a3:8c:
                    4f:4e:9e:c4:0b:db:89:f3:f2:81:20:6c:33:fc:da:
                    d4:b8:63:5c:ad:40:7f:2a:63:74:7d:0f:65:4e:46:
                    ea:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:B2:59:7D:1E:8E:2B:E0:D4:21:10:6B:F2:56:81:AD:CF:FE:AF:93
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/UrJZfR6OK-DUIRBr8laBrc_-r5M.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  223.22.16.0/22

    Signature Algorithm: sha256WithRSAEncryption
         88:4e:3f:66:18:9f:1c:7d:77:bf:24:49:60:9f:aa:78:ae:dd:
         fd:8f:46:ed:7d:c8:3a:f9:2b:34:43:a0:e8:85:fe:08:bc:36:
         dc:bd:81:6e:f3:aa:57:74:98:1b:02:25:e4:63:f5:cc:1a:53:
         ad:d3:aa:e9:7f:e3:af:b1:c5:b5:5a:5c:16:ff:9c:6a:49:31:
         57:54:13:3e:85:af:2a:a5:29:74:65:10:ad:7c:54:f9:a6:b0:
         08:43:c7:e6:da:8b:a9:01:fc:c2:96:3c:a5:68:d4:ee:7e:01:
         b9:53:20:c9:03:a1:1a:52:60:cb:41:88:db:a2:a5:ea:ba:b6:
         79:59:44:34:32:fb:7b:35:9f:98:20:74:f3:de:0e:b5:3b:53:
         6e:bc:7b:10:f9:e6:c6:ab:f7:fc:83:33:20:cb:ba:e4:d7:04:
         34:bc:62:16:b8:d1:a3:2c:b9:71:58:b5:28:2d:24:0b:53:be:
         e2:43:db:0e:af:72:6e:01:70:bc:0d:ca:ca:c0:3e:0a:5a:3e:
         a4:c2:44:29:de:33:1a:e8:1a:76:e8:08:36:8c:3b:e6:9b:65:
         83:66:26:bf:70:88:af:fa:b1:0b:5d:46:28:c5:ce:99:3a:7f:
         f6:10:d7:57:56:c8:b6:12:86:5e:10:d7:d5:3a:7b:41:6e:21:
         c7:ec:2e:21
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDhUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5NTdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDUyQjI1OTdEMUU4RTJC
RTBENDIxMTA2QkYyNTY4MUFEQ0ZGRUFGOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8fqJ6cDcCLebYfC8q7HhLhr6P/eVbMid8CyhVC1rxL50j75t9
V1LocJ9Fa6kHOR59lFh5ppx36Fm9ibnQXZtpgYxW9Gcl4ouDjHbiIC3k9P+1gAly
FeZrJrGKlnm+ynpL0bbIaT2fHWvUXPMG0k/VO4sZdHz6zEkS02BplGaTqz8bVUom
Rw0NHpZgYkjFnba+OMtE9CTIAmo6r8El57iAITbAN36y0OnhBz/nfFONM/OvXjL2
2cpecTJoE/tiEmYNTOHK6oeev8aDvaYc8sqTh2ZtJO5PfUoB7q5MKtijjE9OnsQL
24nz8oEgbDP82tS4Y1ytQH8qY3R9D2VORuqzAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUUrJZfR6OK+DUIRBr8laBrc/+r5MwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvVXJKWmZSNk9LLURVSVJCcjhsYUJy
Y18tcjVNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAt8WEDAN
BgkqhkiG9w0BAQsFAAOCAQEAiE4/ZhifHH13vyRJYJ+qeK7d/Y9G7X3IOvkrNEOg
6IX+CLw23L2BbvOqV3SYGwIl5GP1zBpTrdOq6X/jr7HFtVpcFv+cakkxV1QTPoWv
KqUpdGUQrXxU+aawCEPH5tqLqQH8wpY8pWjU7n4BuVMgyQOhGlJgy0GI26Kl6rq2
eVlENDL7ezWfmCB0894OtTtTbrx7EPnmxqv3/IMzIMu65NcENLxiFrjRoyy5cVi1
KC0kC1O+4kPbDq9ybgFwvA3KysA+Clo+pMJEKd4zGugadugINow75ptlg2Ymv3CI
r/qxC11GKMXOmTp/9hDXV1bIthKGXhDX1Tp7QW4hx+wuIQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:01 2024 by rpki-client on console-ams.rpki-client.org