Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/VBq8jk0qKXh4bZpQSSO2Fu9YoJg.roa
File:                     VBq8jk0qKXh4bZpQSSO2Fu9YoJg.roa (raw, json)
Hash identifier:          CvxOAGTTbTiAQjefKlwidV9O585+6puKyXaKRc0hfzY=
Subject key identifier:   54:1A:BC:8E:4D:2A:29:78:78:6D:9A:50:49:23:B6:16:EF:58:A0:98
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0916
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/VBq8jk0qKXh4bZpQSSO2Fu9YoJg.roa
Signing time:             Tue 29 Sep 2020 10:01:27 +0000
ROA not before:           Tue 29 Sep 2020 10:01:27 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     17709
IP address blocks:        222.250.0.0/16 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2326 (0x916)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 29 10:01:27 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=541ABC8E4D2A2978786D9A504923B616EF58A098
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:c7:8c:5c:93:5a:ef:6c:88:92:fc:f9:23:be:
                    0f:66:6c:72:12:cb:de:8c:50:81:e7:31:1c:b9:98:
                    2c:8c:b7:76:2c:fb:a1:7a:b1:8a:37:2d:3f:6f:23:
                    86:28:9d:b5:28:d8:a5:b7:65:2f:16:92:9c:ec:a5:
                    be:6b:c6:cd:7c:c7:6a:51:6b:78:49:37:c0:c0:3b:
                    07:4a:b9:96:0d:1e:4d:55:bc:9d:0b:a4:07:8f:70:
                    5e:7c:ac:02:cd:9c:98:58:64:f9:8b:dc:df:91:07:
                    aa:29:92:38:32:ae:4b:c8:f7:28:10:24:4c:99:38:
                    72:b8:2c:53:fe:41:f0:db:18:4e:52:01:ea:fa:1a:
                    8a:c1:af:ec:7d:f5:a4:9c:8e:ff:e7:54:1e:bc:fb:
                    63:6d:10:65:b5:05:89:87:79:d3:87:91:14:c9:42:
                    24:0f:fc:b6:65:a0:84:26:c5:7a:1e:f7:98:73:98:
                    39:c8:2b:12:62:90:6d:44:5e:2f:b2:c7:54:bd:d3:
                    aa:6f:4f:0f:46:2e:16:ea:c3:62:7d:49:92:98:29:
                    e4:b9:70:a6:08:c7:59:fd:6f:6b:e3:a4:67:f2:d5:
                    3b:0b:e6:13:fe:d2:8c:fb:67:0c:59:c1:85:38:a5:
                    83:ff:3c:f7:9f:75:68:11:8b:53:86:46:87:92:83:
                    81:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:1A:BC:8E:4D:2A:29:78:78:6D:9A:50:49:23:B6:16:EF:58:A0:98
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/VBq8jk0qKXh4bZpQSSO2Fu9YoJg.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  222.250.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         42:df:bd:e1:8a:d2:86:8e:eb:ab:ba:d5:b0:b0:5d:b6:32:af:
         26:fc:3a:7f:bc:04:5f:93:ef:15:e0:bd:bf:2f:37:a7:e7:ae:
         b3:94:bc:1f:18:1b:a9:58:4a:17:a6:aa:16:1c:bf:60:36:9e:
         21:cb:de:18:9e:f0:3d:5a:59:70:b5:11:41:58:02:48:ee:10:
         1c:bf:2b:60:d6:62:c7:0b:bd:62:03:d1:69:69:30:ea:74:6b:
         3c:6c:91:f1:20:5f:8e:1c:57:6a:dc:5d:99:54:3f:26:d4:4e:
         29:58:d9:f2:6e:e3:b5:25:24:61:0d:06:c3:5b:c0:75:10:f2:
         d3:fe:76:a2:69:34:75:86:9e:ef:e2:b2:b4:11:46:c0:ac:88:
         c5:88:42:45:f4:2a:6f:81:ed:f8:40:3f:7c:f5:b6:64:1c:10:
         79:ff:72:58:f1:f1:e7:ef:0f:c8:f3:b2:84:d2:c4:7e:4e:65:
         c5:90:4b:ee:d2:29:9b:b2:fb:e8:79:5d:14:44:7f:bd:06:16:
         b6:5d:fd:f7:88:15:00:55:cd:b4:c4:88:07:20:de:75:00:6a:
         fa:ad:9a:91:d4:cc:32:76:ed:29:25:f5:15:31:b1:84:3d:3d:
         45:79:59:89:6f:ba:dd:c5:9e:21:14:ed:52:66:b0:13:69:ab:
         ae:21:72:4c
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICCRYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMDA5Mjkx
MDAxMjdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDU0MUFCQzhFNEQyQTI5
Nzg3ODZEOUE1MDQ5MjNCNjE2RUY1OEEwOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTx4xck1rvbIiS/Pkjvg9mbHISy96MUIHnMRy5mCyMt3Ys+6F6
sYo3LT9vI4YonbUo2KW3ZS8Wkpzspb5rxs18x2pRa3hJN8DAOwdKuZYNHk1VvJ0L
pAePcF58rALNnJhYZPmL3N+RB6opkjgyrkvI9ygQJEyZOHK4LFP+QfDbGE5SAer6
GorBr+x99aScjv/nVB68+2NtEGW1BYmHedOHkRTJQiQP/LZloIQmxXoe95hzmDnI
KxJikG1EXi+yx1S906pvTw9GLhbqw2J9SZKYKeS5cKYIx1n9b2vjpGfy1TsL5hP+
0oz7ZwxZwYU4pYP/PPefdWgRi1OGRoeSg4FnAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUVBq8jk0qKXh4bZpQSSO2Fu9YoJgwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvVkJxOGprMHFLWGg0YlpwUVNTTzJG
dTlZb0pnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAN76MA0G
CSqGSIb3DQEBCwUAA4IBAQBC373hitKGjuurutWwsF22Mq8m/Dp/vARfk+8V4L2/
Lzen566zlLwfGBupWEoXpqoWHL9gNp4hy94YnvA9WllwtRFBWAJI7hAcvytg1mLH
C71iA9FpaTDqdGs8bJHxIF+OHFdq3F2ZVD8m1E4pWNnybuO1JSRhDQbDW8B1EPLT
/naiaTR1hp7v4rK0EUbArIjFiEJF9Cpvge34QD989bZkHBB5/3JY8fHn7w/I87KE
0sR+TmXFkEvu0imbsvvoeV0URH+9Bha2Xf33iBUAVc20xIgHIN51AGr6rZqR1Mwy
du0pJfUVMbGEPT1FeVmJb7rdxZ4hFO1SZrATaauuIXJM
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org