Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/cyCXnHz-I5kbf5vA7hZmoOUwTQ8.roa
File:                     cyCXnHz-I5kbf5vA7hZmoOUwTQ8.roa (raw, json)
Hash identifier:          NqnCjKV1H1F3BR4YXTT6JneBgSTg8DoQB3hZT8S1cLY=
Subject key identifier:   73:20:97:9C:7C:FE:23:99:1B:7F:9B:C0:EE:16:66:A0:E5:30:4D:0F
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0F63
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/cyCXnHz-I5kbf5vA7hZmoOUwTQ8.roa
Signing time:             Thu 15 Sep 2022 02:40:18 +0000
ROA not before:           Thu 15 Sep 2022 02:40:18 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     18419
IP address blocks:        124.218.232.0/21 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3939 (0xf63)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 15 02:40:18 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=7320979C7CFE23991B7F9BC0EE1666A0E5304D0F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:9d:c6:3d:c8:40:aa:f4:19:8d:32:d6:6d:68:
                    d2:49:c1:3f:7e:c9:76:6a:44:e2:69:87:ca:e9:52:
                    8d:f8:fa:25:96:3c:1f:51:3d:49:c6:ad:a4:25:5a:
                    04:f4:14:79:96:5b:ab:9d:53:81:45:56:b2:32:05:
                    a5:8d:52:6c:27:ba:f5:fd:5c:47:1e:2a:e0:5f:a6:
                    31:95:a1:bf:f5:41:bc:ff:f0:00:a2:3e:c2:d8:bd:
                    af:0c:fc:a1:b1:8f:78:bf:4f:33:02:67:c3:ab:61:
                    c9:59:99:e6:d6:ce:38:a8:fa:10:49:93:5f:bd:e2:
                    99:47:7f:3f:9e:00:9c:f6:b0:be:9f:6c:50:2f:46:
                    cb:d8:cd:d6:c6:1b:2f:4c:f2:0d:d4:ee:01:13:df:
                    75:1a:0d:e9:2a:f2:29:12:5d:80:44:b0:73:56:36:
                    0c:f8:7d:1f:40:b2:4d:00:e5:61:59:b8:39:cb:2d:
                    6c:7b:e7:29:06:e6:8e:37:c5:ea:b1:8f:cb:bd:0e:
                    dc:ad:24:23:db:f9:fa:72:90:21:0b:91:ae:ef:9f:
                    80:29:bf:7d:4e:74:b2:da:c2:f4:dc:19:ef:fc:ac:
                    e3:30:17:dc:68:64:a7:c5:a9:21:70:b4:55:5e:3d:
                    21:55:58:8e:5f:67:b4:cf:66:2a:af:cd:e4:c5:da:
                    a7:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:20:97:9C:7C:FE:23:99:1B:7F:9B:C0:EE:16:66:A0:E5:30:4D:0F
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/cyCXnHz-I5kbf5vA7hZmoOUwTQ8.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  124.218.232.0/21

    Signature Algorithm: sha256WithRSAEncryption
         7f:e6:40:f6:09:f9:66:28:af:4f:91:85:36:6d:e3:af:d0:24:
         a4:52:7d:06:22:6d:34:2c:79:d1:03:be:71:4d:ef:50:86:85:
         d5:0f:d3:45:c1:d5:3f:00:04:a8:ca:e0:ab:81:63:89:11:7f:
         60:70:66:91:63:bf:a4:e0:9a:69:10:32:94:b5:7a:8d:26:2a:
         87:0d:6b:84:4d:53:44:3c:aa:d0:5f:84:3a:1f:34:8b:9b:8a:
         d3:6e:80:77:5e:dd:a0:ff:2c:15:02:ab:6a:5d:44:74:60:49:
         c6:3c:90:06:9c:17:5a:57:05:62:62:bd:cb:bc:1d:e3:39:86:
         cf:6a:04:dd:2d:a8:44:b3:4f:cd:ba:28:fe:23:c8:79:31:e5:
         ae:09:6e:07:ba:ec:95:02:20:a2:53:ea:67:11:41:3b:da:d9:
         04:f1:2f:b0:b5:6f:40:f5:0d:b1:3b:7e:49:3e:5c:19:38:31:
         4d:41:5b:12:38:5c:89:e0:e0:46:7e:92:08:28:6d:2d:31:8f:
         c7:31:50:67:80:0b:75:0a:69:cd:60:dd:f7:5b:56:cb:cf:3d:
         4a:e2:33:13:b4:71:69:9a:78:36:d3:6c:3d:97:6b:88:fa:ee:
         59:f2:31:8e:d6:57:bb:c4:96:d5:de:98:3a:ae:ef:ea:53:59:
         3b:df:8e:52
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICD2MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMjA5MTUw
MjQwMThaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDczMjA5NzlDN0NGRTIz
OTkxQjdGOUJDMEVFMTY2NkEwRTUzMDREMEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDuncY9yECq9BmNMtZtaNJJwT9+yXZqROJph8rpUo34+iWWPB9R
PUnGraQlWgT0FHmWW6udU4FFVrIyBaWNUmwnuvX9XEceKuBfpjGVob/1Qbz/8ACi
PsLYva8M/KGxj3i/TzMCZ8OrYclZmebWzjio+hBJk1+94plHfz+eAJz2sL6fbFAv
RsvYzdbGGy9M8g3U7gET33UaDekq8ikSXYBEsHNWNgz4fR9Ask0A5WFZuDnLLWx7
5ykG5o43xeqxj8u9DtytJCPb+fpykCELka7vn4Apv31OdLLawvTcGe/8rOMwF9xo
ZKfFqSFwtFVePSFVWI5fZ7TPZiqvzeTF2qejAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUcyCXnHz+I5kbf5vA7hZmoOUwTQ8wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvY3lDWG5Iei1JNWtiZjV2QTdoWm1v
T1V3VFE4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3za6DAN
BgkqhkiG9w0BAQsFAAOCAQEAf+ZA9gn5ZiivT5GFNm3jr9AkpFJ9BiJtNCx50QO+
cU3vUIaF1Q/TRcHVPwAEqMrgq4FjiRF/YHBmkWO/pOCaaRAylLV6jSYqhw1rhE1T
RDyq0F+EOh80i5uK026Ad17doP8sFQKral1EdGBJxjyQBpwXWlcFYmK9y7wd4zmG
z2oE3S2oRLNPzboo/iPIeTHlrgluB7rslQIgolPqZxFBO9rZBPEvsLVvQPUNsTt+
ST5cGTgxTUFbEjhcieDgRn6SCChtLTGPxzFQZ4ALdQppzWDd91tWy889SuIzE7Rx
aZp4NtNsPZdriPruWfIxjtZXu8SW1d6YOq7v6lNZO9+OUg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org