Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/XZScu71hlJCkeA4nFpfWuJFhK5c.roa
File:                     XZScu71hlJCkeA4nFpfWuJFhK5c.roa (raw, json)
Hash identifier:          vClrNqmVY9W9DdMgSuZCJMQGJ7DdNGDzrPnEpNd/YnI=
Subject key identifier:   5D:94:9C:BB:BD:61:94:90:A4:78:0E:27:16:97:D6:B8:91:61:2B:97
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       097D
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/XZScu71hlJCkeA4nFpfWuJFhK5c.roa
Signing time:             Tue 29 Sep 2020 10:01:54 +0000
ROA not before:           Tue 29 Sep 2020 10:01:54 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     7482
IP address blocks:        210.203.0.0/18 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2429 (0x97d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 29 10:01:54 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=5D949CBBBD619490A4780E271697D6B891612B97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:70:82:2f:8c:3f:aa:7a:61:4c:7a:05:1e:c3:
                    73:58:bb:22:d4:a1:21:e9:82:dc:70:d4:68:2c:60:
                    b8:08:d6:c2:09:8d:82:d9:ef:73:7e:3d:d1:14:4f:
                    0f:e9:5b:d4:51:b1:94:3b:a7:2f:85:59:f9:4c:0c:
                    42:47:9b:fa:fa:5b:19:a2:7c:23:e8:58:b6:de:f0:
                    c8:65:55:72:b6:30:1f:ee:e8:a9:6c:a9:fb:04:04:
                    bd:59:43:01:4f:8a:3c:5b:c7:80:c0:0d:38:c3:7c:
                    af:03:19:f7:1a:19:6d:57:9f:90:54:c5:ef:c1:d5:
                    f8:20:98:3e:aa:f8:be:4b:ae:47:8f:3e:cf:67:75:
                    83:1f:a7:9c:d3:b3:3e:e4:61:bd:a5:67:3d:6e:ef:
                    64:8c:84:d0:8c:b7:dd:96:fe:31:e2:6e:21:5d:9a:
                    37:14:8d:c8:eb:86:e3:96:5f:98:93:e4:d0:44:ed:
                    ef:bd:38:47:71:e8:0b:21:2b:c6:04:3b:19:85:0f:
                    18:a0:43:60:e9:51:de:2e:59:52:3f:69:3f:a2:2d:
                    1b:9e:23:32:36:1c:7c:b5:86:cb:7f:35:38:53:04:
                    36:bd:fa:59:13:61:c7:f4:cb:c2:97:b1:0f:bc:39:
                    f2:5b:c6:d7:5c:db:76:56:60:55:87:f7:79:05:de:
                    45:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:94:9C:BB:BD:61:94:90:A4:78:0E:27:16:97:D6:B8:91:61:2B:97
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/XZScu71hlJCkeA4nFpfWuJFhK5c.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.203.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         9c:14:83:c0:0c:fc:bf:c7:40:08:fe:c0:ba:c2:8d:99:d6:ef:
         90:c4:3b:ce:38:c3:d5:c8:0f:0f:83:97:fb:99:5d:ad:d6:20:
         9a:14:cc:4a:7d:1f:3d:21:bc:e0:ba:be:2c:ce:a5:f1:ce:2f:
         14:2e:6d:d2:41:39:19:dd:59:36:98:8b:53:f1:6e:34:bb:31:
         c1:14:f8:71:48:4e:7a:48:62:85:f4:96:5d:ea:05:e1:ae:cc:
         cc:d5:07:1a:4d:11:88:d9:52:5e:71:0c:ef:a0:fc:86:c9:50:
         e0:3d:d0:ec:4e:a1:22:0f:19:ec:ca:b2:a1:6c:e2:13:3c:1a:
         c1:e4:24:f1:d6:2b:66:c7:67:af:dd:d3:1d:aa:ae:fc:79:de:
         6f:ea:c4:14:c7:57:c5:66:79:47:2d:1d:c1:a6:f2:21:7f:4f:
         20:6f:31:65:03:8b:e0:ed:53:8c:28:38:15:29:55:ad:0a:84:
         4d:a3:d9:cc:4c:ba:06:7b:ac:6e:77:57:b8:65:a5:e9:54:8f:
         58:27:0a:ba:d3:d5:70:70:c5:01:84:1d:b7:c3:ed:b7:76:fb:
         a7:a5:df:c5:84:59:dd:93:9b:f2:09:59:8a:18:99:74:76:47:
         f9:73:f4:4f:9a:8e:dc:7c:bc:a6:1b:65:ca:42:93:04:65:0f:
         37:eb:d4:1d
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCX0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMDA5Mjkx
MDAxNTRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDVEOTQ5Q0JCQkQ2MTk0
OTBBNDc4MEUyNzE2OTdENkI4OTE2MTJCOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDqcIIvjD+qemFMegUew3NYuyLUoSHpgtxw1GgsYLgI1sIJjYLZ
73N+PdEUTw/pW9RRsZQ7py+FWflMDEJHm/r6WxmifCPoWLbe8MhlVXK2MB/u6Kls
qfsEBL1ZQwFPijxbx4DADTjDfK8DGfcaGW1Xn5BUxe/B1fggmD6q+L5LrkePPs9n
dYMfp5zTsz7kYb2lZz1u72SMhNCMt92W/jHibiFdmjcUjcjrhuOWX5iT5NBE7e+9
OEdx6AshK8YEOxmFDxigQ2DpUd4uWVI/aT+iLRueIzI2HHy1hst/NThTBDa9+lkT
Ycf0y8KXsQ+8OfJbxtdc23ZWYFWH93kF3kWrAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUXZScu71hlJCkeA4nFpfWuJFhK5cwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvWFpTY3U3MWhsSkNrZUE0bkZwZld1
SkZoSzVjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBtLLADAN
BgkqhkiG9w0BAQsFAAOCAQEAnBSDwAz8v8dACP7AusKNmdbvkMQ7zjjD1cgPD4OX
+5ldrdYgmhTMSn0fPSG84Lq+LM6l8c4vFC5t0kE5Gd1ZNpiLU/FuNLsxwRT4cUhO
ekhihfSWXeoF4a7MzNUHGk0RiNlSXnEM76D8hslQ4D3Q7E6hIg8Z7MqyoWziEzwa
weQk8dYrZsdnr93THaqu/Hneb+rEFMdXxWZ5Ry0dwabyIX9PIG8xZQOL4O1TjCg4
FSlVrQqETaPZzEy6BnusbndXuGWl6VSPWCcKutPVcHDFAYQdt8Ptt3b7p6XfxYRZ
3ZOb8glZihiZdHZH+XP0T5qO3Hy8phtlykKTBGUPN+vUHQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:01 2024 by rpki-client on console-ams.rpki-client.org