Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/Yrt09STIO_1j3ZUb7MNW1AbKQkU.roa
File:                     Yrt09STIO_1j3ZUb7MNW1AbKQkU.roa (raw, json)
Hash identifier:          PNttbboeYsnS3T9lyV9VwTL9vr/958MDvMrIjxERZxI=
Subject key identifier:   62:BB:74:F5:24:C8:3B:FD:63:DD:95:1B:EC:C3:56:D4:06:CA:42:45
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       1048
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Yrt09STIO_1j3ZUb7MNW1AbKQkU.roa
Signing time:             Tue 16 May 2023 08:36:00 +0000
ROA not before:           Tue 16 May 2023 08:36:00 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     7482
IP address blocks:        210.85.0.0/16 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4168 (0x1048)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: May 16 08:36:00 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=62BB74F524C83BFD63DD951BECC356D406CA4245
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:59:ad:21:c2:45:b9:47:1b:b4:15:0e:d2:35:
                    6e:73:28:1f:96:ea:0f:3e:66:f8:9a:48:03:22:fc:
                    07:99:86:89:9c:84:12:47:36:b9:76:4c:bb:fc:64:
                    17:a9:45:9f:03:c4:38:46:12:b7:1f:a6:7e:34:75:
                    6c:ab:e1:98:c0:87:74:ec:b9:5b:a5:be:de:fc:cf:
                    15:66:e1:44:fc:21:bd:68:b7:d7:ce:26:ba:6f:30:
                    f9:4e:72:aa:cf:18:29:59:1d:c6:2c:f7:50:ad:8b:
                    92:a5:5e:77:53:da:2a:99:9b:6d:6e:fa:c7:7c:0e:
                    18:13:1b:12:95:42:57:32:93:26:53:79:ec:30:df:
                    16:39:11:7b:02:ed:f6:0d:46:2d:4c:37:18:80:bf:
                    97:ed:2e:1b:c0:25:18:71:d9:e5:08:c0:6f:e1:00:
                    d7:3b:d6:8d:66:c9:bd:ad:a3:d3:57:f0:96:bf:5d:
                    a0:62:12:48:3f:aa:a2:16:7a:ce:44:db:42:f1:25:
                    ba:a2:6e:9a:29:10:ba:2d:78:db:0c:91:63:d4:ba:
                    f1:98:1f:8a:b7:a2:c7:9a:9e:54:31:71:24:29:f5:
                    65:9a:65:9b:02:7a:55:fc:46:6f:c6:2a:1c:8c:c4:
                    b3:ff:ca:5f:80:62:75:df:a3:a7:0b:97:01:8a:2a:
                    50:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:BB:74:F5:24:C8:3B:FD:63:DD:95:1B:EC:C3:56:D4:06:CA:42:45
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Yrt09STIO_1j3ZUb7MNW1AbKQkU.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.85.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         2d:67:46:0f:6d:e7:c0:9a:94:ab:f9:2e:b9:e0:5a:e0:c5:8e:
         83:60:04:91:e3:6d:6d:2a:78:49:d1:58:af:fc:ad:32:78:e9:
         8e:69:87:1f:4f:12:76:9b:5b:4d:9e:59:d1:2c:23:42:f7:d1:
         55:1d:08:a9:c2:a4:f3:b9:07:c0:a4:d7:e0:ca:19:14:4a:13:
         1e:3a:15:94:8b:4c:8e:7f:a9:c3:1a:97:30:77:f3:a6:09:63:
         95:5a:25:88:ab:23:3c:51:91:3d:6a:a6:97:67:5e:91:c4:88:
         ad:52:76:3a:8b:45:6c:3e:f8:0e:42:0d:0d:0c:0e:19:92:3b:
         04:ba:14:04:d3:7a:7c:bd:f3:0e:4b:2c:9e:90:df:6e:29:49:
         f8:ee:41:24:a7:f7:e4:a8:0b:76:a9:65:21:cf:cd:93:73:f7:
         3a:0a:5f:5e:f5:50:df:8f:47:3d:87:7a:f1:c3:1c:8a:d0:83:
         03:41:fa:42:da:7c:96:46:71:20:28:69:08:d9:ea:72:36:7a:
         ee:8b:c0:83:b9:a6:2c:cb:71:af:f8:2e:30:8c:ee:96:e5:70:
         bb:34:ae:e7:7a:96:ec:3e:e2:db:7f:99:a7:cb:2c:bf:dc:e2:
         0b:49:67:72:8a:ec:04:97:6e:39:06:85:ed:f8:40:5b:91:f4:
         04:48:6f:41
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICEEgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2MDBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDYyQkI3NEY1MjRDODNC
RkQ2M0REOTUxQkVDQzM1NkQ0MDZDQTQyNDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaWa0hwkW5Rxu0FQ7SNW5zKB+W6g8+ZviaSAMi/AeZhomchBJH
Nrl2TLv8ZBepRZ8DxDhGErcfpn40dWyr4ZjAh3TsuVulvt78zxVm4UT8Ib1ot9fO
JrpvMPlOcqrPGClZHcYs91Cti5KlXndT2iqZm21u+sd8DhgTGxKVQlcykyZTeeww
3xY5EXsC7fYNRi1MNxiAv5ftLhvAJRhx2eUIwG/hANc71o1myb2to9NX8Ja/XaBi
Ekg/qqIWes5E20LxJbqibpopELoteNsMkWPUuvGYH4q3oseanlQxcSQp9WWaZZsC
elX8Rm/GKhyMxLP/yl+AYnXfo6cLlwGKKlATAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUYrt09STIO/1j3ZUb7MNW1AbKQkUwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvWXJ0MDlTVElPXzFqM1pVYjdNTlcx
QWJLUWtVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANJVMA0G
CSqGSIb3DQEBCwUAA4IBAQAtZ0YPbefAmpSr+S654FrgxY6DYASR421tKnhJ0Viv
/K0yeOmOaYcfTxJ2m1tNnlnRLCNC99FVHQipwqTzuQfApNfgyhkUShMeOhWUi0yO
f6nDGpcwd/OmCWOVWiWIqyM8UZE9aqaXZ16RxIitUnY6i0VsPvgOQg0NDA4ZkjsE
uhQE03p8vfMOSyyekN9uKUn47kEkp/fkqAt2qWUhz82Tc/c6Cl9e9VDfj0c9h3rx
wxyK0IMDQfpC2nyWRnEgKGkI2epyNnrui8CDuaYsy3Gv+C4wjO6W5XC7NK7nepbs
PuLbf5mnyyy/3OILSWdyiuwEl245BoXt+EBbkfQESG9B
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:01 2024 by rpki-client on console-ams.rpki-client.org