Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/ZDV0K69-QfKw8bdz-0tJgWPVI0E.roa
File:                     ZDV0K69-QfKw8bdz-0tJgWPVI0E.roa (raw, json)
Hash identifier:          D3YIpgHDC233SLJwi15+y02JkLxr3eF2PWhKfW/6A8I=
Subject key identifier:   64:35:74:2B:AF:7E:41:F2:B0:F1:B7:73:FB:4B:49:81:63:D5:23:41
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0BB1
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/ZDV0K69-QfKw8bdz-0tJgWPVI0E.roa
Signing time:             Sun 07 Feb 2021 11:33:35 +0000
ROA not before:           Sun 07 Feb 2021 11:33:35 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     24154
IP address blocks:        203.79.196.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2993 (0xbb1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Feb  7 11:33:35 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=6435742BAF7E41F2B0F1B773FB4B498163D52341
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:75:17:e0:23:5e:ca:41:e0:84:9f:e2:8b:16:
                    f8:0b:c1:15:09:f4:eb:cd:2a:0a:c5:6d:ae:49:aa:
                    7c:bf:bb:8d:c6:f5:77:20:20:0e:0b:df:ad:ac:30:
                    f5:e8:46:4a:62:cd:67:4c:9a:00:8a:37:0e:26:12:
                    ba:64:04:6f:55:53:50:c5:11:93:89:e7:a2:20:6a:
                    a9:ca:90:3b:66:af:32:b3:2a:3b:00:db:17:b5:e1:
                    82:da:44:a5:32:f7:3b:50:2f:82:aa:1e:40:4e:73:
                    65:1f:05:51:cc:1d:f9:5c:1a:49:50:51:b1:a1:b0:
                    9a:c9:bb:e6:ec:9a:9f:2a:52:2e:af:12:04:99:a5:
                    d2:4b:70:1e:02:b5:8a:0d:1a:37:84:64:37:3c:85:
                    ea:86:0c:e7:34:e9:47:ec:ea:d5:4c:cb:3b:52:df:
                    f6:95:f0:d4:25:4f:a6:f2:ba:1c:b1:3e:7d:8b:98:
                    4c:de:88:a5:b9:33:b0:99:e9:59:e5:a3:43:af:87:
                    3d:d3:f8:d4:f1:5f:96:ee:20:7b:76:05:2a:30:07:
                    ac:7f:00:bc:35:7e:56:86:99:7f:bc:a0:ca:02:0b:
                    0e:25:2e:84:61:b9:5d:1f:85:4a:d7:a0:bc:45:67:
                    89:d6:92:f0:4b:d9:b7:5d:68:dc:a6:de:f8:3b:ab:
                    e0:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:35:74:2B:AF:7E:41:F2:B0:F1:B7:73:FB:4B:49:81:63:D5:23:41
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/ZDV0K69-QfKw8bdz-0tJgWPVI0E.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.79.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         05:a0:bf:55:d4:f1:db:ab:d6:7b:82:5c:14:ec:c7:c4:20:21:
         d9:ee:e9:40:39:fe:92:42:77:16:31:42:e8:4b:86:6e:de:db:
         6b:1b:f1:20:28:f0:37:92:85:f8:9f:07:e4:eb:1b:c5:23:cd:
         52:0c:83:bd:a8:0c:8e:00:b6:2a:a4:18:73:0a:ef:29:f1:fd:
         69:f5:7f:08:29:47:a1:f3:4e:7d:58:78:24:85:f9:d4:19:da:
         9d:18:08:bf:60:27:cb:fa:35:ea:52:ec:6a:b7:1d:c9:58:25:
         08:bb:41:0b:55:61:28:33:d2:a7:d3:fc:4d:42:17:c7:fe:66:
         5e:76:1c:5b:f4:13:f4:c4:0b:de:ac:33:9c:ee:c0:9f:a5:37:
         a3:9d:24:2f:d7:f8:6a:2e:de:e5:02:6c:84:81:29:54:cd:63:
         94:d4:3f:f5:44:c6:f2:aa:e2:4b:9d:77:2e:69:03:1f:eb:0e:
         2f:39:bd:c5:18:1a:69:f7:5d:74:3b:3f:66:2d:63:5a:eb:51:
         55:6b:c3:9c:05:03:f4:32:8e:61:3b:b5:a9:6c:07:7c:b5:8c:
         ca:37:25:d6:d8:ca:af:21:9b:67:e2:e2:28:12:85:2b:f4:9d:
         d2:f4:47:31:75:d1:cd:24:90:28:9a:48:48:24:d3:0a:87:11:
         fc:b5:f8:ee
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC7EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAyMDcx
MTMzMzVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDY0MzU3NDJCQUY3RTQx
RjJCMEYxQjc3M0ZCNEI0OTgxNjNENTIzNDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfdRfgI17KQeCEn+KLFvgLwRUJ9OvNKgrFba5Jqny/u43G9Xcg
IA4L362sMPXoRkpizWdMmgCKNw4mErpkBG9VU1DFEZOJ56IgaqnKkDtmrzKzKjsA
2xe14YLaRKUy9ztQL4KqHkBOc2UfBVHMHflcGklQUbGhsJrJu+bsmp8qUi6vEgSZ
pdJLcB4CtYoNGjeEZDc8heqGDOc06Ufs6tVMyztS3/aV8NQlT6byuhyxPn2LmEze
iKW5M7CZ6Vnlo0Ovhz3T+NTxX5buIHt2BSowB6x/ALw1flaGmX+8oMoCCw4lLoRh
uV0fhUrXoLxFZ4nWkvBL2bddaNym3vg7q+C3AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUZDV0K69+QfKw8bdz+0tJgWPVI0EwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvWkRWMEs2OS1RZkt3OGJkei0wdEpn
V1BWSTBFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAstPxDAN
BgkqhkiG9w0BAQsFAAOCAQEABaC/VdTx26vWe4JcFOzHxCAh2e7pQDn+kkJ3FjFC
6EuGbt7baxvxICjwN5KF+J8H5OsbxSPNUgyDvagMjgC2KqQYcwrvKfH9afV/CClH
ofNOfVh4JIX51BnanRgIv2Any/o16lLsarcdyVglCLtBC1VhKDPSp9P8TUIXx/5m
XnYcW/QT9MQL3qwznO7An6U3o50kL9f4ai7e5QJshIEpVM1jlNQ/9UTG8qriS513
LmkDH+sOLzm9xRgaafdddDs/Zi1jWutRVWvDnAUD9DKOYTu1qWwHfLWMyjcl1tjK
ryGbZ+LiKBKFK/Sd0vRHMXXRzSSQKJpISCTTCocR/LX47g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:01 2024 by rpki-client on console-ams.rpki-client.org