Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/X7gtdRbORsT5JWY0ZEJz2k_5sCg.roa
File:                     X7gtdRbORsT5JWY0ZEJz2k_5sCg.roa (raw, json)
Hash identifier:          A8T2KabxT+Q1SWcVJPAWdQtWzgg+UtRAgq6ZSAg+ynI=
Subject key identifier:   5F:B8:2D:75:16:CE:46:C4:F9:25:66:34:64:42:73:DA:4F:F9:B0:28
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       1099
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/X7gtdRbORsT5JWY0ZEJz2k_5sCg.roa
Signing time:             Tue 16 May 2023 08:36:23 +0000
ROA not before:           Tue 16 May 2023 08:36:23 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     17709
IP address blocks:        222.157.0.0/16 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4249 (0x1099)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: May 16 08:36:23 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=5FB82D7516CE46C4F9256634644273DA4FF9B028
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:32:e5:3f:3e:43:b5:60:81:7f:2e:ae:ab:4a:
                    c9:3c:70:d3:23:c1:2f:fc:d2:48:78:c6:89:3a:9b:
                    fe:c5:38:85:40:05:11:8b:6e:e2:60:02:93:e5:81:
                    75:3e:c8:62:d4:cf:d9:0e:38:45:66:6c:75:c3:9f:
                    3e:3e:79:fb:27:21:7e:e1:8f:f9:72:e5:f4:a8:17:
                    8d:0b:87:3d:45:c6:ea:e6:2e:26:a7:85:a7:84:0a:
                    17:02:51:16:cb:e9:3f:40:12:98:84:54:40:8d:ea:
                    9e:1d:55:4a:50:b9:32:91:17:f7:ed:1e:7d:c3:25:
                    03:9c:a2:60:83:51:92:7a:ad:ef:e1:78:29:94:ae:
                    63:dc:e7:8d:8e:43:a8:c5:89:dc:f0:f2:a1:31:86:
                    d3:66:2d:1c:fb:73:bf:aa:5f:e6:eb:aa:dc:93:17:
                    e8:a6:f2:2a:d9:6d:74:93:bf:d3:02:5e:a7:8f:4c:
                    cb:69:dd:1b:29:1d:8b:d2:e0:33:bd:c0:13:3a:c1:
                    5d:a1:4b:45:31:fc:9e:49:e3:82:94:21:32:84:b5:
                    e0:3a:3e:11:45:9d:a1:c2:95:e0:1b:86:a2:24:cc:
                    cd:29:93:e4:d0:77:37:ba:e4:4a:cc:60:88:06:86:
                    09:ee:eb:e2:34:cb:5f:85:e8:2e:36:20:77:82:8d:
                    58:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:B8:2D:75:16:CE:46:C4:F9:25:66:34:64:42:73:DA:4F:F9:B0:28
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/X7gtdRbORsT5JWY0ZEJz2k_5sCg.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  222.157.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         05:32:df:0a:72:cf:a8:3e:7c:44:ec:6f:04:b5:64:e2:c0:77:
         2b:41:67:ae:4d:0d:2d:19:de:08:77:6b:63:3f:77:52:74:f8:
         f6:bf:51:e4:7c:0e:3f:51:a0:6e:82:44:e3:0c:66:1a:0f:f2:
         b0:a4:70:e5:0c:00:3b:59:47:35:05:0b:d4:bc:6e:36:3f:99:
         12:a1:9b:b0:38:49:d3:83:cf:86:8c:7f:57:d6:c9:93:e8:b4:
         c1:47:68:09:da:c8:b3:3c:be:75:75:04:3b:1b:70:36:37:9a:
         59:83:bc:24:27:3c:98:22:b6:4f:c3:fc:aa:cd:f5:c8:77:8d:
         a4:8f:06:c0:82:15:d3:ad:31:bf:6b:1d:26:30:2e:a3:5c:42:
         3b:ee:a0:92:b1:4c:98:d4:31:dd:04:5b:0a:29:4c:58:52:44:
         ab:06:1b:be:6a:05:73:f4:ce:f4:a8:29:a2:84:49:a5:31:97:
         1e:de:28:2f:19:81:de:de:c1:b0:66:98:0d:9b:71:51:1e:8a:
         73:61:09:7c:57:39:38:56:71:8b:14:0e:d1:73:e7:2c:c8:10:
         fb:ed:0b:de:cd:b3:80:4a:2c:96:db:ff:65:7c:02:ff:9a:de:
         b5:a1:08:ce:36:7d:f7:c9:8a:ef:d5:31:03:01:e2:3b:76:12:
         fa:38:f2:0e
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICEJkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2MjNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDVGQjgyRDc1MTZDRTQ2
QzRGOTI1NjYzNDY0NDI3M0RBNEZGOUIwMjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKMuU/PkO1YIF/Lq6rSsk8cNMjwS/80kh4xok6m/7FOIVABRGL
buJgApPlgXU+yGLUz9kOOEVmbHXDnz4+efsnIX7hj/ly5fSoF40Lhz1FxurmLian
haeEChcCURbL6T9AEpiEVECN6p4dVUpQuTKRF/ftHn3DJQOcomCDUZJ6re/heCmU
rmPc542OQ6jFidzw8qExhtNmLRz7c7+qX+brqtyTF+im8irZbXSTv9MCXqePTMtp
3RspHYvS4DO9wBM6wV2hS0Ux/J5J44KUITKEteA6PhFFnaHCleAbhqIkzM0pk+TQ
dze65ErMYIgGhgnu6+I0y1+F6C42IHeCjVg/AgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUX7gtdRbORsT5JWY0ZEJz2k/5sCgwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvWDdndGRSYk9Sc1Q1SldZMFpFSnoy
a181c0NnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAN6dMA0G
CSqGSIb3DQEBCwUAA4IBAQAFMt8Kcs+oPnxE7G8EtWTiwHcrQWeuTQ0tGd4Id2tj
P3dSdPj2v1HkfA4/UaBugkTjDGYaD/KwpHDlDAA7WUc1BQvUvG42P5kSoZuwOEnT
g8+GjH9X1smT6LTBR2gJ2sizPL51dQQ7G3A2N5pZg7wkJzyYIrZPw/yqzfXId42k
jwbAghXTrTG/ax0mMC6jXEI77qCSsUyY1DHdBFsKKUxYUkSrBhu+agVz9M70qCmi
hEmlMZce3igvGYHe3sGwZpgNm3FRHopzYQl8Vzk4VnGLFA7Rc+csyBD77QvezbOA
SiyW2/9lfAL/mt61oQjONn33yYrv1TEDAeI7dhL6OPIO
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org