Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/ZsiSe1Xwqmn4pYOyyikFjY-pJ2s.roa
File:                     ZsiSe1Xwqmn4pYOyyikFjY-pJ2s.roa (raw, json)
Hash identifier:          li8uOzOB1iZcq3Ulz1nUiWnuSxVOlU0nU4IOEFbp9nM=
Subject key identifier:   66:C8:92:7B:55:F0:AA:69:F8:A5:83:B2:CA:29:05:8D:8F:A9:27:6B
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0F63
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/ZsiSe1Xwqmn4pYOyyikFjY-pJ2s.roa
Signing time:             Thu 15 Sep 2022 02:40:21 +0000
ROA not before:           Thu 15 Sep 2022 02:40:21 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     7482
IP address blocks:        218.184.0.0/16 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3939 (0xf63)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 15 02:40:21 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=66C8927B55F0AA69F8A583B2CA29058D8FA9276B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:c3:b4:fb:63:34:e2:0b:4c:e1:13:9c:fe:b1:
                    d5:13:74:fe:a7:c1:d2:7f:84:4f:dc:ae:d2:5f:85:
                    7f:73:b0:6a:3b:f2:d4:b0:4a:21:a8:61:93:6a:1d:
                    de:e6:23:bb:9f:7c:93:62:b5:b3:7d:72:c3:e7:30:
                    0b:36:96:cd:cd:57:e1:ba:db:f1:8c:6a:b8:5f:04:
                    74:9c:8a:8f:59:22:a4:c0:0d:be:33:6c:44:76:e8:
                    e1:90:49:2b:59:c1:ea:09:16:ed:8f:96:0d:3f:72:
                    87:d7:70:fc:57:20:26:3f:e5:ff:22:1a:d4:a5:68:
                    e3:88:a3:0e:5d:97:f8:cf:6a:05:c0:b7:44:af:df:
                    fa:53:08:c0:5c:ba:55:42:69:db:aa:06:88:43:dd:
                    09:3b:1f:5e:a8:eb:60:8c:aa:77:fa:17:ec:1d:e0:
                    88:4e:9b:27:b1:70:11:8c:33:09:99:26:37:39:f9:
                    72:31:9b:fc:1a:d8:eb:05:6e:15:9d:e4:fd:77:17:
                    d4:1c:23:e3:5d:da:d4:da:2d:ea:b8:37:87:84:66:
                    24:f7:c7:5e:60:1a:aa:e3:8d:b7:83:02:6f:6e:20:
                    0e:26:28:a5:49:89:23:f8:ae:3e:5a:4b:54:11:97:
                    92:2e:f3:79:98:59:5b:70:b4:69:8a:32:68:22:50:
                    31:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:C8:92:7B:55:F0:AA:69:F8:A5:83:B2:CA:29:05:8D:8F:A9:27:6B
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/ZsiSe1Xwqmn4pYOyyikFjY-pJ2s.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  218.184.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         64:19:af:52:1d:fa:79:a8:12:14:79:5a:d2:6b:87:c3:a9:21:
         81:a6:aa:96:00:87:5a:27:67:4a:ba:91:ad:86:2c:4d:f0:d2:
         17:8d:2e:55:72:b1:d2:57:91:e1:27:ba:30:e0:c1:b2:0e:f3:
         62:ff:e7:78:c3:7c:a5:e1:4e:dd:ae:75:e7:6d:7a:87:49:23:
         2f:39:10:c0:24:fd:e1:72:5e:9e:22:f6:75:93:c3:38:d3:a9:
         1e:d5:08:dd:40:7d:d3:bd:86:f6:01:c3:63:4c:7d:05:56:c5:
         e6:8b:ea:80:34:8e:3c:c6:a9:dd:77:60:38:7f:ed:7a:02:c2:
         5e:f3:48:00:c5:79:72:95:9c:69:3e:a6:13:f5:e8:55:55:64:
         bb:2b:9f:a3:96:be:de:34:bf:19:bc:be:f5:2d:cf:9b:dc:52:
         fd:26:07:f1:77:aa:bd:3d:1d:0d:55:38:04:a6:bc:78:cc:ae:
         35:2f:eb:25:21:d3:ac:26:f4:5d:89:25:d2:79:44:13:1d:7a:
         56:10:59:81:4f:91:08:0b:aa:c2:2c:72:2f:88:1f:38:27:e4:
         03:5a:ff:da:f2:37:5d:6e:b8:d9:8c:b7:a4:9f:a8:f4:bc:38:
         1f:44:e8:8f:56:2e:00:8f:ec:7e:3c:60:eb:26:42:af:7c:ee:
         dd:e5:b5:92
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICD2MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMjA5MTUw
MjQwMjFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDY2Qzg5MjdCNTVGMEFB
NjlGOEE1ODNCMkNBMjkwNThEOEZBOTI3NkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2w7T7YzTiC0zhE5z+sdUTdP6nwdJ/hE/crtJfhX9zsGo78tSw
SiGoYZNqHd7mI7uffJNitbN9csPnMAs2ls3NV+G62/GMarhfBHScio9ZIqTADb4z
bER26OGQSStZweoJFu2Plg0/cofXcPxXICY/5f8iGtSlaOOIow5dl/jPagXAt0Sv
3/pTCMBculVCaduqBohD3Qk7H16o62CMqnf6F+wd4IhOmyexcBGMMwmZJjc5+XIx
m/wa2OsFbhWd5P13F9QcI+Nd2tTaLeq4N4eEZiT3x15gGqrjjbeDAm9uIA4mKKVJ
iSP4rj5aS1QRl5Iu83mYWVtwtGmKMmgiUDEbAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUZsiSe1Xwqmn4pYOyyikFjY+pJ2swHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvWnNpU2UxWHdxbW40cFlPeXlpa0Zq
WS1wSjJzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANq4MA0G
CSqGSIb3DQEBCwUAA4IBAQBkGa9SHfp5qBIUeVrSa4fDqSGBpqqWAIdaJ2dKupGt
hixN8NIXjS5VcrHSV5HhJ7ow4MGyDvNi/+d4w3yl4U7drnXnbXqHSSMvORDAJP3h
cl6eIvZ1k8M406ke1QjdQH3TvYb2AcNjTH0FVsXmi+qANI48xqndd2A4f+16AsJe
80gAxXlylZxpPqYT9ehVVWS7K5+jlr7eNL8ZvL71Lc+b3FL9Jgfxd6q9PR0NVTgE
prx4zK41L+slIdOsJvRdiSXSeUQTHXpWEFmBT5EIC6rCLHIviB84J+QDWv/a8jdd
brjZjLekn6j0vDgfROiPVi4Aj+x+PGDrJkKvfO7d5bWS
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:01 2024 by rpki-client on console-ams.rpki-client.org