Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/Z_kHvBponUYlj6pxXdZrp18auKw.roa
File:                     Z_kHvBponUYlj6pxXdZrp18auKw.roa (raw, json)
Hash identifier:          91nY3GHG+CtyyI+LmEQM7ofNeQzhiPA1liWzANSRpoE=
Subject key identifier:   67:F9:07:BC:1A:68:9D:46:25:8F:AA:71:5D:D6:6B:A7:5F:1A:B8:AC
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       095A
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Z_kHvBponUYlj6pxXdZrp18auKw.roa
Signing time:             Tue 29 Sep 2020 10:01:44 +0000
ROA not before:           Tue 29 Sep 2020 10:01:44 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     24154
IP address blocks:        203.79.208.0/21 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2394 (0x95a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 29 10:01:44 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=67F907BC1A689D46258FAA715DD66BA75F1AB8AC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:ef:79:d6:8a:db:79:54:45:75:17:18:f6:cf:
                    43:84:4b:75:8d:42:b2:0a:14:47:11:ad:05:89:5b:
                    65:fd:74:e7:22:d5:05:fc:71:7b:49:c3:b7:91:a0:
                    1d:44:63:1b:5e:42:7d:aa:3d:50:c2:72:63:23:18:
                    46:a5:4f:d0:09:a4:86:c5:65:b3:51:af:99:8e:53:
                    38:ee:b8:6c:87:79:73:58:ee:14:da:25:b4:14:eb:
                    01:19:fc:f4:9c:37:31:aa:8a:36:fa:49:fb:cb:67:
                    23:23:01:fd:ad:db:37:18:7b:3f:e5:cd:19:8c:58:
                    39:f7:9a:0d:e8:f2:c2:de:32:81:58:6f:eb:60:fd:
                    8e:42:4d:0c:8e:0f:cb:03:01:db:44:50:49:65:19:
                    2c:88:d3:67:c8:8d:26:88:01:25:a9:0d:9b:78:b9:
                    4f:dd:48:da:4c:33:27:9e:95:4e:6c:7b:ef:7a:46:
                    3b:a3:fb:7a:78:fa:9c:80:a5:a5:d3:fe:2d:fc:f4:
                    44:1d:76:5b:f7:15:8f:21:56:26:d3:bf:8a:99:94:
                    14:8b:6b:72:1d:eb:50:4a:db:28:be:28:b6:89:8b:
                    c5:18:cf:29:a5:40:aa:c2:26:b1:b5:bb:64:d0:4a:
                    09:23:7a:53:ab:2f:a2:3c:5c:aa:d9:de:b6:d8:f3:
                    1e:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:F9:07:BC:1A:68:9D:46:25:8F:AA:71:5D:D6:6B:A7:5F:1A:B8:AC
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Z_kHvBponUYlj6pxXdZrp18auKw.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.79.208.0/21

    Signature Algorithm: sha256WithRSAEncryption
         7c:6f:85:87:e2:f7:e4:f7:11:c7:60:46:19:93:b2:7c:66:55:
         b8:f1:e2:70:55:27:0e:17:fd:92:d0:7d:7f:dc:72:96:26:38:
         6d:3e:03:04:21:6c:2f:f3:79:4c:08:95:81:c6:20:e6:00:3e:
         28:f4:1b:42:08:7b:8a:48:d3:98:08:11:74:d9:08:09:ce:20:
         ec:5d:43:80:4a:3e:79:ed:34:11:f3:1f:b0:68:b1:c0:d7:c1:
         c0:6e:24:fa:b8:85:cf:ad:4d:f1:2b:ae:29:4c:d6:f1:cb:a9:
         6c:48:e8:12:b7:5d:ab:59:78:8c:76:0b:db:a9:6f:1f:43:79:
         d8:b4:4c:f9:46:be:a7:93:07:e6:9e:05:08:28:fb:d7:d1:36:
         ba:9f:ac:14:d8:16:d4:a6:e3:c3:cc:dc:da:a5:85:2f:9f:77:
         8d:9d:07:23:03:ac:76:6c:60:02:3b:61:a6:a3:f3:3a:ab:68:
         cd:6f:02:3b:41:b0:1f:8f:54:2f:cd:ae:95:c4:a1:0b:74:b4:
         b7:f5:8e:74:f6:ed:d7:57:c9:28:9b:66:a9:87:ea:9e:b8:2c:
         35:2c:17:47:fd:a5:a9:71:b6:f5:b6:d5:15:e0:c1:21:84:d2:
         6e:a0:19:8b:7e:48:34:87:25:98:32:6e:d7:23:1a:d1:79:27:
         65:55:c7:1a
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCVowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMDA5Mjkx
MDAxNDRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDY3RjkwN0JDMUE2ODlE
NDYyNThGQUE3MTVERDY2QkE3NUYxQUI4QUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/73nWitt5VEV1Fxj2z0OES3WNQrIKFEcRrQWJW2X9dOci1QX8
cXtJw7eRoB1EYxteQn2qPVDCcmMjGEalT9AJpIbFZbNRr5mOUzjuuGyHeXNY7hTa
JbQU6wEZ/PScNzGqijb6SfvLZyMjAf2t2zcYez/lzRmMWDn3mg3o8sLeMoFYb+tg
/Y5CTQyOD8sDAdtEUEllGSyI02fIjSaIASWpDZt4uU/dSNpMMyeelU5se+96Rjuj
+3p4+pyApaXT/i389EQddlv3FY8hVibTv4qZlBSLa3Id61BK2yi+KLaJi8UYzyml
QKrCJrG1u2TQSgkjelOrL6I8XKrZ3rbY8x7jAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUZ/kHvBponUYlj6pxXdZrp18auKwwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvWl9rSHZCcG9uVVlsajZweFhkWnJw
MThhdUt3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8tP0DAN
BgkqhkiG9w0BAQsFAAOCAQEAfG+Fh+L35PcRx2BGGZOyfGZVuPHicFUnDhf9ktB9
f9xyliY4bT4DBCFsL/N5TAiVgcYg5gA+KPQbQgh7ikjTmAgRdNkICc4g7F1DgEo+
ee00EfMfsGixwNfBwG4k+riFz61N8SuuKUzW8cupbEjoErddq1l4jHYL26lvH0N5
2LRM+Ua+p5MH5p4FCCj719E2up+sFNgW1Kbjw8zc2qWFL593jZ0HIwOsdmxgAjth
pqPzOqtozW8CO0GwH49UL82ulcShC3S0t/WOdPbt11fJKJtmqYfqnrgsNSwXR/2l
qXG29bbVFeDBIYTSbqAZi35INIclmDJu1yMa0XknZVXHGg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org