Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/aT08mkm09bq2zftj7RJggFbb5aE.roa
File:                     aT08mkm09bq2zftj7RJggFbb5aE.roa (raw, json)
Hash identifier:          QRGdx/Re+Vq6N+eJqnygEqHgSwqOFKO5VXltkc1yhIQ=
Subject key identifier:   69:3D:3C:9A:49:B4:F5:BA:B6:CD:FB:63:ED:12:60:80:56:DB:E5:A1
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0F63
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/aT08mkm09bq2zftj7RJggFbb5aE.roa
Signing time:             Thu 15 Sep 2022 02:40:01 +0000
ROA not before:           Thu 15 Sep 2022 02:40:01 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     17709
IP address blocks:        210.63.232.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3939 (0xf63)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 15 02:40:01 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=693D3C9A49B4F5BAB6CDFB63ED12608056DBE5A1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:53:c7:6b:fb:3f:0f:fb:35:f9:ca:43:9a:46:
                    d5:51:06:d9:db:a5:b5:de:28:82:b2:25:26:90:b2:
                    3e:b2:ac:de:08:81:2b:78:6b:49:f0:40:7b:1c:f8:
                    5f:18:ef:8a:2d:fe:44:f3:24:ef:e8:2e:13:f6:da:
                    95:4d:e5:57:da:de:b1:b2:de:cb:4a:9d:64:b5:e2:
                    36:2c:f1:ff:b9:82:f8:8f:1d:a1:82:d9:ac:74:51:
                    2c:70:6a:91:81:c8:5b:44:57:74:17:c8:70:dd:c4:
                    ce:3b:eb:7e:06:53:cb:47:70:7a:45:77:1a:3c:55:
                    34:4e:b8:1f:90:70:1b:b3:d0:dd:f1:59:f6:22:0f:
                    7b:91:a0:fb:d1:71:c2:72:aa:75:1d:8f:6d:cc:91:
                    91:5a:8e:9a:80:18:c0:ba:f6:90:71:96:54:c8:51:
                    8a:f7:d4:eb:5a:d4:8f:21:c6:44:09:9f:b3:70:d3:
                    83:ff:d5:af:5d:01:98:4c:a8:47:66:dc:50:92:d6:
                    ac:b0:aa:ac:9e:00:c7:6a:fc:20:dc:41:f6:fd:43:
                    05:21:1c:33:2b:a7:e3:28:e9:6f:ad:d8:b4:e2:de:
                    7f:72:45:f0:93:cb:dc:31:78:66:ef:52:e2:9c:66:
                    84:c8:b4:3f:f8:56:8e:03:b8:4d:b9:4e:30:c5:3c:
                    70:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:3D:3C:9A:49:B4:F5:BA:B6:CD:FB:63:ED:12:60:80:56:DB:E5:A1
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/aT08mkm09bq2zftj7RJggFbb5aE.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.63.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         79:f3:ed:59:85:1e:e5:f7:f5:79:5c:c1:93:07:df:62:0e:66:
         38:f0:d9:29:ff:4c:d8:6a:e8:b4:cb:3d:c1:af:98:ba:c5:98:
         4d:2c:81:44:14:60:47:2b:2a:6f:d0:96:9b:65:e2:ad:0d:05:
         02:8b:30:8e:fc:4f:ee:7c:40:48:49:51:54:79:e3:65:42:72:
         21:51:00:10:5e:f1:04:f0:3b:f9:4b:b9:03:e0:3f:00:50:b9:
         32:e7:a6:6e:23:e3:db:d3:31:ae:2b:fd:a5:7c:82:de:ba:42:
         cb:a0:43:d6:c9:32:4a:17:9a:b9:7b:08:77:91:da:18:6a:a8:
         30:c1:84:fd:19:32:90:2f:60:ef:16:b4:4c:2f:db:99:71:4b:
         f6:3d:40:cf:57:8e:0b:6f:ec:38:9e:28:d8:3e:bd:a0:7e:bd:
         6a:b4:26:f8:27:7a:3c:b0:eb:ab:67:6e:83:af:d2:28:20:ba:
         46:c2:28:db:0f:97:8c:da:39:ff:93:fe:00:6c:c3:17:98:f7:
         f6:3b:60:de:08:24:0b:dc:2e:c6:ba:fb:9f:1c:68:ff:07:31:
         52:44:a8:60:67:3c:a9:ad:2e:f4:3e:04:c2:ec:d1:1c:04:57:
         d4:f4:a3:89:21:92:7f:43:bb:9b:4b:83:aa:f2:cb:95:2f:6d:
         5e:e6:a7:fa
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICD2MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMjA5MTUw
MjQwMDFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDY5M0QzQzlBNDlCNEY1
QkFCNkNERkI2M0VEMTI2MDgwNTZEQkU1QTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoU8dr+z8P+zX5ykOaRtVRBtnbpbXeKIKyJSaQsj6yrN4IgSt4
a0nwQHsc+F8Y74ot/kTzJO/oLhP22pVN5Vfa3rGy3stKnWS14jYs8f+5gviPHaGC
2ax0USxwapGByFtEV3QXyHDdxM47634GU8tHcHpFdxo8VTROuB+QcBuz0N3xWfYi
D3uRoPvRccJyqnUdj23MkZFajpqAGMC69pBxllTIUYr31Ota1I8hxkQJn7Nw04P/
1a9dAZhMqEdm3FCS1qywqqyeAMdq/CDcQfb9QwUhHDMrp+Mo6W+t2LTi3n9yRfCT
y9wxeGbvUuKcZoTItD/4Vo4DuE25TjDFPHCtAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUaT08mkm09bq2zftj7RJggFbb5aEwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvYVQwOG1rbTA5YnEyemZ0ajdSSmdn
RmJiNWFFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtI/6DAN
BgkqhkiG9w0BAQsFAAOCAQEAefPtWYUe5ff1eVzBkwffYg5mOPDZKf9M2GrotMs9
wa+YusWYTSyBRBRgRysqb9CWm2XirQ0FAoswjvxP7nxASElRVHnjZUJyIVEAEF7x
BPA7+Uu5A+A/AFC5MuembiPj29Mxriv9pXyC3rpCy6BD1skySheauXsId5HaGGqo
MMGE/RkykC9g7xa0TC/bmXFL9j1Az1eOC2/sOJ4o2D69oH69arQm+Cd6PLDrq2du
g6/SKCC6RsIo2w+XjNo5/5P+AGzDF5j39jtg3ggkC9wuxrr7nxxo/wcxUkSoYGc8
qa0u9D4EwuzRHARX1PSjiSGSf0O7m0uDqvLLlS9tXuan+g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org