Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/_D4QG-e4wGpqa_oAAC6qOZyhdVM.roa
File:                     _D4QG-e4wGpqa_oAAC6qOZyhdVM.roa (raw, json)
Hash identifier:          5TDdtB07mYWN4yobuPiELrUVhy4QJASjfw0KhNx5yxY=
Subject key identifier:   FC:3E:10:1B:E7:B8:C0:6A:6A:6B:FA:00:00:2E:AA:39:9C:A1:75:53
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       1089
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/_D4QG-e4wGpqa_oAAC6qOZyhdVM.roa
Signing time:             Tue 16 May 2023 08:36:19 +0000
ROA not before:           Tue 16 May 2023 08:36:19 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     24154
IP address blocks:        210.202.64.0/18 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4233 (0x1089)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: May 16 08:36:19 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=FC3E101BE7B8C06A6A6BFA00002EAA399CA17553
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:7f:da:19:4c:5a:5a:3f:35:6d:77:e9:f7:5c:
                    9e:30:88:96:b5:ba:18:01:5f:2f:31:38:0a:89:d8:
                    58:51:43:e5:68:98:6f:64:89:25:61:64:4d:c8:1f:
                    d5:ad:ca:92:32:e2:32:95:b3:b4:ac:3e:49:d0:e2:
                    01:58:03:05:a8:ad:8b:13:01:f3:64:87:b9:f4:d8:
                    1f:86:0b:ae:b8:11:d8:2f:a3:40:c2:b3:46:a2:5b:
                    d9:08:f5:10:2e:a0:36:85:f0:b8:11:82:71:a4:c7:
                    04:fe:73:2c:4f:3d:95:7e:c6:c9:a3:66:2b:a3:18:
                    df:3d:fc:3f:3c:05:2c:35:8e:e6:0a:18:38:6d:8c:
                    e9:c5:d9:d3:de:5b:16:f1:3e:42:ca:ce:06:73:aa:
                    f0:95:d2:48:ad:5b:34:98:b8:e0:a6:04:f3:39:66:
                    a9:a9:a9:8c:e2:ef:52:b7:90:2e:27:71:63:17:fb:
                    0a:23:43:88:4a:df:40:e9:9e:b5:e2:b1:a0:16:55:
                    1f:32:d5:44:cf:73:0b:9d:16:32:a6:2a:c1:04:da:
                    32:6b:44:e9:de:f8:a6:17:9c:99:9e:aa:a1:11:9b:
                    b3:68:d0:f1:3d:de:9d:24:17:7e:50:c1:e3:fb:1d:
                    c5:94:0f:56:47:67:68:df:7e:e4:70:a7:18:1e:d4:
                    a9:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:3E:10:1B:E7:B8:C0:6A:6A:6B:FA:00:00:2E:AA:39:9C:A1:75:53
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/_D4QG-e4wGpqa_oAAC6qOZyhdVM.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.202.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         97:26:43:bc:99:04:a3:49:36:f8:1b:3e:b0:26:03:5b:55:88:
         2c:88:83:7a:a8:fd:94:58:86:2a:66:0b:e6:6b:01:bb:57:7c:
         32:8c:0a:f2:da:df:70:bb:45:f5:85:4d:e9:ef:55:5f:06:58:
         64:44:57:a2:d0:97:fe:75:0b:a6:fc:c2:94:59:93:17:ea:a1:
         35:7c:9c:fb:cb:4e:cb:07:5d:ac:f7:b3:8e:b8:12:36:8e:32:
         05:18:05:ae:65:48:c4:7e:29:79:38:33:0c:32:ec:56:d8:86:
         0e:ae:cb:f4:41:50:50:ab:6e:9a:99:7a:9f:8b:17:0b:7c:87:
         9f:e7:28:3e:7b:0f:bc:44:02:cd:4f:10:73:64:c0:07:e5:7b:
         3c:5d:ae:40:fe:c2:47:d3:cc:ac:f3:d6:2c:b7:fc:2e:c6:5d:
         86:7e:6b:f9:95:1c:95:23:d6:4c:93:23:58:d5:4e:eb:c5:b2:
         dd:00:21:29:cb:12:b0:e9:9f:34:5e:d1:db:11:28:c8:88:91:
         c5:f1:ba:df:04:44:92:2b:5c:60:5b:86:42:ca:0c:27:3d:ff:
         7f:f1:e6:cf:fa:51:ee:06:a5:a7:74:6d:57:e5:21:a6:0a:15:
         8e:0e:11:bf:9d:0d:63:ed:e4:ad:0e:b8:27:32:60:69:c9:90:
         dc:24:46:7f
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEIkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2MTlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEZDM0UxMDFCRTdCOEMw
NkE2QTZCRkEwMDAwMkVBQTM5OUNBMTc1NTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2f9oZTFpaPzVtd+n3XJ4wiJa1uhgBXy8xOAqJ2FhRQ+VomG9k
iSVhZE3IH9WtypIy4jKVs7SsPknQ4gFYAwWorYsTAfNkh7n02B+GC664Edgvo0DC
s0aiW9kI9RAuoDaF8LgRgnGkxwT+cyxPPZV+xsmjZiujGN89/D88BSw1juYKGDht
jOnF2dPeWxbxPkLKzgZzqvCV0kitWzSYuOCmBPM5ZqmpqYzi71K3kC4ncWMX+woj
Q4hK30DpnrXisaAWVR8y1UTPcwudFjKmKsEE2jJrROne+KYXnJmeqqERm7No0PE9
3p0kF35QweP7HcWUD1ZHZ2jffuRwpxge1KkzAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU/D4QG+e4wGpqa/oAAC6qOZyhdVMwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvX0Q0UUctZTR3R3BxYV9vQUFDNnFP
WnloZFZNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBtLKQDAN
BgkqhkiG9w0BAQsFAAOCAQEAlyZDvJkEo0k2+Bs+sCYDW1WILIiDeqj9lFiGKmYL
5msBu1d8MowK8trfcLtF9YVN6e9VXwZYZERXotCX/nULpvzClFmTF+qhNXyc+8tO
ywddrPezjrgSNo4yBRgFrmVIxH4peTgzDDLsVtiGDq7L9EFQUKtumpl6n4sXC3yH
n+coPnsPvEQCzU8Qc2TAB+V7PF2uQP7CR9PMrPPWLLf8LsZdhn5r+ZUclSPWTJMj
WNVO68Wy3QAhKcsSsOmfNF7R2xEoyIiRxfG63wREkitcYFuGQsoMJz3/f/Hmz/pR
7galp3RtV+UhpgoVjg4Rv50NY+3krQ64JzJgacmQ3CRGfw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org