Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/YGBFdIFYrDPnBNBcre3jM1fTgjc.roa
File:                     YGBFdIFYrDPnBNBcre3jM1fTgjc.roa (raw, json)
Hash identifier:          fjORIWoTCl0/WABk+kF7zWw5S1o1pn+IZPIkL/GYvAE=
Subject key identifier:   60:60:45:74:81:58:AC:33:E7:04:D0:5C:AD:ED:E3:33:57:D3:82:37
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0CC5
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/YGBFdIFYrDPnBNBcre3jM1fTgjc.roa
Signing time:             Sun 07 Feb 2021 13:00:15 +0000
ROA not before:           Sun 07 Feb 2021 13:00:15 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     17709
IP address blocks:        210.58.88.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3269 (0xcc5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Feb  7 13:00:15 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=606045748158AC33E704D05CADEDE33357D38237
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:16:96:af:17:55:b1:d1:ad:01:1f:b2:54:c4:
                    b6:f2:51:1b:c6:9f:95:ea:2f:a6:2a:ec:7b:9d:31:
                    b5:53:22:a6:67:ce:56:a1:27:32:5b:86:cd:15:47:
                    95:8d:3c:df:dc:13:d3:24:92:80:71:06:26:7e:35:
                    36:04:86:ea:c8:5e:53:cb:03:e4:7c:48:38:0f:d6:
                    a1:7e:b1:03:6f:bb:cd:57:ad:2c:6f:8d:8d:ef:ed:
                    3d:0a:34:45:16:4f:c2:ae:59:42:f8:0b:f8:aa:96:
                    31:4c:5e:42:c4:20:0c:3d:28:16:4e:9e:f5:37:07:
                    89:0c:29:bb:77:9e:1b:7f:1e:ca:a1:63:3b:97:a8:
                    fd:94:af:fb:00:6a:e5:32:67:ed:79:4b:ee:b4:f2:
                    fb:c1:2c:ce:08:30:93:4f:a1:11:7d:7e:a4:f8:2a:
                    98:69:1a:f1:d6:7c:d9:ad:02:aa:86:18:06:11:76:
                    0c:46:48:21:e2:8b:cd:bf:f6:cc:19:d5:99:90:92:
                    9e:d4:20:f3:b5:c0:02:d8:9c:c0:cd:7f:b9:93:3d:
                    c0:ea:6d:75:e7:06:6a:74:de:4f:96:c8:bb:af:9f:
                    e7:b5:c9:22:99:7c:10:6e:da:29:0e:00:03:ac:a7:
                    e8:65:9c:83:9e:11:af:83:80:27:66:c0:0b:09:cd:
                    16:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:60:45:74:81:58:AC:33:E7:04:D0:5C:AD:ED:E3:33:57:D3:82:37
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/YGBFdIFYrDPnBNBcre3jM1fTgjc.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.58.88.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:0f:06:7b:4c:d6:64:97:45:e4:3a:0d:68:b7:b3:b0:01:d3:
         06:36:72:85:10:81:ff:f3:3b:87:0f:82:24:53:ad:76:d5:5f:
         fb:f6:31:9d:b7:a6:22:28:99:f5:b7:04:1a:fc:8a:75:7c:71:
         7d:cd:6f:13:f5:df:41:c5:7e:94:17:84:d9:4b:d2:cd:a2:10:
         09:c9:a4:73:42:92:e4:6f:34:5d:95:98:65:f8:68:7d:b9:87:
         8e:7f:7f:a1:82:0a:20:c5:e3:28:cb:de:71:ca:be:d8:23:44:
         d5:a8:40:13:84:7f:4d:4f:80:0a:67:97:07:8d:e1:9a:6c:84:
         9f:44:96:4a:36:0d:8b:0a:55:88:b7:90:53:0e:98:96:30:6b:
         18:26:33:b8:7b:9b:68:f6:ec:d0:60:0f:6a:3d:92:01:4a:bd:
         b8:fe:7d:d5:06:8d:fd:17:22:81:55:c3:32:12:be:f7:6f:03:
         49:56:34:50:1b:4d:80:c7:de:85:31:77:6b:5b:ac:c6:b1:60:
         10:4e:d5:e1:99:b0:87:46:92:78:8c:b5:2c:e0:d5:f8:50:ed:
         c2:3e:fc:17:c0:23:2d:08:53:5c:e5:ec:42:9c:33:9e:b4:40:
         37:bc:90:09:a6:05:0b:f6:95:79:66:f7:ad:1c:cf:d4:f2:bf:
         63:89:cf:8d
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDMUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAyMDcx
MzAwMTVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDYwNjA0NTc0ODE1OEFD
MzNFNzA0RDA1Q0FERURFMzMzNTdEMzgyMzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDzFpavF1Wx0a0BH7JUxLbyURvGn5XqL6Yq7HudMbVTIqZnzlah
JzJbhs0VR5WNPN/cE9MkkoBxBiZ+NTYEhurIXlPLA+R8SDgP1qF+sQNvu81XrSxv
jY3v7T0KNEUWT8KuWUL4C/iqljFMXkLEIAw9KBZOnvU3B4kMKbt3nht/HsqhYzuX
qP2Ur/sAauUyZ+15S+608vvBLM4IMJNPoRF9fqT4KphpGvHWfNmtAqqGGAYRdgxG
SCHii82/9swZ1ZmQkp7UIPO1wALYnMDNf7mTPcDqbXXnBmp03k+WyLuvn+e1ySKZ
fBBu2ikOAAOsp+hlnIOeEa+DgCdmwAsJzRYTAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUYGBFdIFYrDPnBNBcre3jM1fTgjcwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvWUdCRmRJRllyRFBuQk5CY3JlM2pN
MWZUZ2pjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANI6WDAN
BgkqhkiG9w0BAQsFAAOCAQEASA8Ge0zWZJdF5DoNaLezsAHTBjZyhRCB//M7hw+C
JFOtdtVf+/YxnbemIiiZ9bcEGvyKdXxxfc1vE/XfQcV+lBeE2UvSzaIQCcmkc0KS
5G80XZWYZfhofbmHjn9/oYIKIMXjKMveccq+2CNE1ahAE4R/TU+ACmeXB43hmmyE
n0SWSjYNiwpViLeQUw6YljBrGCYzuHubaPbs0GAPaj2SAUq9uP591QaN/RcigVXD
MhK+928DSVY0UBtNgMfehTF3a1usxrFgEE7V4Zmwh0aSeIy1LODV+FDtwj78F8Aj
LQhTXOXsQpwznrRAN7yQCaYFC/aVeWb3rRzP1PK/Y4nPjQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:01 2024 by rpki-client on console-ams.rpki-client.org