Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/XmvvWqtMm6WFxUzReQ5PG7ea6k8.roa
File:                     XmvvWqtMm6WFxUzReQ5PG7ea6k8.roa (raw, json)
Hash identifier:          GlyqgutaP5mPkdFb4OyWBjqeD2rfPVzHaEOpb2DfVHo=
Subject key identifier:   5E:6B:EF:5A:AB:4C:9B:A5:85:C5:4C:D1:79:0E:4F:1B:B7:9A:EA:4F
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       10B8
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/XmvvWqtMm6WFxUzReQ5PG7ea6k8.roa
Signing time:             Tue 16 May 2023 08:36:32 +0000
ROA not before:           Tue 16 May 2023 08:36:32 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     7482
IP address blocks:        60.244.128.0/17 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4280 (0x10b8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: May 16 08:36:32 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=5E6BEF5AAB4C9BA585C54CD1790E4F1BB79AEA4F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:e3:83:a1:62:ea:79:81:8d:55:9e:02:a1:78:
                    33:7c:0c:15:a1:65:de:8b:5d:32:d7:57:ee:97:45:
                    49:12:6b:9b:76:2e:d6:88:f2:15:71:5b:db:b2:d4:
                    81:2c:5f:09:f9:32:9c:d5:9f:24:8e:8d:4a:0d:a4:
                    45:08:6b:0c:7d:f4:1f:dc:75:88:b9:2d:c7:81:84:
                    eb:98:e1:f4:b6:7d:76:0a:b3:83:ac:62:c6:97:d0:
                    6d:40:08:ef:49:a4:34:25:08:d4:ed:94:2e:f6:01:
                    d4:9d:5f:6b:c5:f6:14:64:02:bc:63:7a:de:0c:ae:
                    38:64:6b:f3:9e:a7:60:fd:ba:c8:67:a7:33:7b:ee:
                    df:e6:22:9d:e4:7d:28:3b:9d:d9:c8:40:bd:1b:e3:
                    32:e5:4c:68:c0:db:6e:9e:df:3b:18:0c:3a:cf:60:
                    ea:cc:ed:bc:64:6d:42:35:00:9c:51:cf:0e:38:c6:
                    7e:1c:a8:19:60:cc:b4:ae:b1:e5:f5:71:59:cd:3b:
                    bf:f0:bf:c2:6a:fb:28:ac:e6:c1:8f:54:0b:dc:a1:
                    cf:11:fc:12:0f:bc:48:6f:e6:f9:0d:a6:13:ab:e9:
                    7c:ae:99:03:3f:1f:7e:a9:23:29:f7:34:7b:86:0c:
                    a0:eb:5c:7a:e7:75:60:3a:be:d1:b0:ff:9f:55:9e:
                    f1:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:6B:EF:5A:AB:4C:9B:A5:85:C5:4C:D1:79:0E:4F:1B:B7:9A:EA:4F
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/XmvvWqtMm6WFxUzReQ5PG7ea6k8.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  60.244.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         2b:90:4f:02:72:d3:11:3d:45:79:c2:38:d8:b5:6f:f1:da:2c:
         db:a4:53:1f:82:f8:0b:7f:23:03:2f:74:b6:11:9d:aa:09:32:
         4d:7b:d7:9f:cf:ec:f9:7e:d2:8f:4d:92:72:dc:1c:cc:c5:cc:
         09:a2:cb:94:ff:bb:33:19:59:da:82:a7:6d:26:4c:bf:89:75:
         25:4a:f3:61:24:db:c3:d2:52:2b:40:fb:55:26:51:79:2f:62:
         1e:e6:d6:87:12:d6:3a:64:75:60:45:d4:6f:99:03:30:08:ee:
         7b:79:af:1b:a0:37:5f:2f:b6:44:77:2d:da:ef:ca:ee:b0:53:
         71:58:22:1a:6b:27:ae:4b:f7:e9:5b:a4:03:b5:9f:7f:43:0e:
         eb:83:fa:f2:9e:94:20:8e:56:b3:71:5a:ec:cd:8f:9a:eb:f7:
         5a:4e:14:a8:c6:e4:94:a4:95:81:16:6b:4a:fa:fe:93:af:0d:
         93:73:e6:25:41:93:0b:82:f0:fb:4c:dc:98:8e:36:67:ef:d6:
         6f:9a:76:a3:d0:62:5a:4a:87:0e:4c:29:aa:6f:7f:a4:c1:92:
         27:df:9a:a7:a0:63:56:6a:3a:80:77:71:5c:b2:9c:87:98:c1:
         0b:15:91:6b:66:dc:a2:6f:d0:54:d3:1d:b8:1e:db:32:d4:59:
         dc:ba:18:1a
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICELgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2MzJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDVFNkJFRjVBQUI0QzlC
QTU4NUM1NENEMTc5MEU0RjFCQjc5QUVBNEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDI44OhYup5gY1VngKheDN8DBWhZd6LXTLXV+6XRUkSa5t2LtaI
8hVxW9uy1IEsXwn5MpzVnySOjUoNpEUIawx99B/cdYi5LceBhOuY4fS2fXYKs4Os
YsaX0G1ACO9JpDQlCNTtlC72AdSdX2vF9hRkArxjet4Mrjhka/Oep2D9ushnpzN7
7t/mIp3kfSg7ndnIQL0b4zLlTGjA226e3zsYDDrPYOrM7bxkbUI1AJxRzw44xn4c
qBlgzLSuseX1cVnNO7/wv8Jq+yis5sGPVAvcoc8R/BIPvEhv5vkNphOr6XyumQM/
H36pIyn3NHuGDKDrXHrndWA6vtGw/59VnvHBAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUXmvvWqtMm6WFxUzReQ5PG7ea6k8wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvWG12dldxdE1tNldGeFV6UmVRNVBH
N2VhNms4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBzz0gDAN
BgkqhkiG9w0BAQsFAAOCAQEAK5BPAnLTET1FecI42LVv8dos26RTH4L4C38jAy90
thGdqgkyTXvXn8/s+X7Sj02SctwczMXMCaLLlP+7MxlZ2oKnbSZMv4l1JUrzYSTb
w9JSK0D7VSZReS9iHubWhxLWOmR1YEXUb5kDMAjue3mvG6A3Xy+2RHct2u/K7rBT
cVgiGmsnrkv36VukA7Wff0MO64P68p6UII5Ws3Fa7M2Pmuv3Wk4UqMbklKSVgRZr
Svr+k68Nk3PmJUGTC4Lw+0zcmI42Z+/Wb5p2o9BiWkqHDkwpqm9/pMGSJ9+ap6Bj
Vmo6gHdxXLKch5jBCxWRa2bcom/QVNMduB7bMtRZ3LoYGg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org