Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/d3a_cVtGy2E44VX_K_x_8KpMf8w.roa
File:                     d3a_cVtGy2E44VX_K_x_8KpMf8w.roa (raw, json)
Hash identifier:          lwRsHKYs7nWCs5o+TTTAjspRGIoxxNOGuwhbGWL59PE=
Subject key identifier:   77:76:BF:71:5B:46:CB:61:38:E1:55:FF:2B:FC:7F:F0:AA:4C:7F:CC
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0F63
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/d3a_cVtGy2E44VX_K_x_8KpMf8w.roa
Signing time:             Thu 15 Sep 2022 02:40:05 +0000
ROA not before:           Thu 15 Sep 2022 02:40:05 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     7482
IP address blocks:        203.79.232.0/21 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3939 (0xf63)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 15 02:40:05 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=7776BF715B46CB6138E155FF2BFC7FF0AA4C7FCC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:eb:7e:77:4b:ac:06:49:49:ab:fd:19:7e:66:
                    32:4f:3a:dd:60:3a:36:62:da:1d:ef:a7:e1:6e:14:
                    b5:55:7a:72:d0:ea:b3:89:f2:26:5e:f9:d4:21:88:
                    d7:c6:36:1b:1a:9d:13:9c:b0:bf:33:d0:8d:0d:fb:
                    c2:0b:f3:f7:3f:d2:54:3e:f6:cc:88:c7:bc:38:2f:
                    4a:e9:72:a7:72:c7:19:95:22:5b:b8:ff:fa:8c:36:
                    7e:aa:a4:61:d1:33:b1:78:7d:02:da:b2:d9:78:88:
                    02:e2:a6:a6:d8:5c:15:72:35:32:5e:75:de:9f:90:
                    7e:4f:72:be:f5:ea:cc:01:11:43:e0:37:dd:a0:f5:
                    96:fb:89:67:af:10:27:f0:2d:7e:fd:41:03:94:7a:
                    94:a5:5c:8a:e6:1c:d5:38:5e:74:a2:cc:97:60:a0:
                    be:8c:66:14:c8:5d:3a:3f:11:ad:52:db:99:67:1c:
                    7e:29:61:63:f7:19:6b:3c:40:7f:c4:30:d8:89:00:
                    df:25:08:f9:ea:a2:0a:15:0f:8c:f3:9d:4b:33:7e:
                    6f:44:72:a9:34:7d:52:bc:b2:85:1e:75:fd:4f:32:
                    79:66:62:61:2f:63:1a:ee:79:0a:31:d6:fd:05:88:
                    b2:13:ce:09:74:67:9c:05:91:ae:4b:5d:69:d9:b3:
                    e4:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:76:BF:71:5B:46:CB:61:38:E1:55:FF:2B:FC:7F:F0:AA:4C:7F:CC
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/d3a_cVtGy2E44VX_K_x_8KpMf8w.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.79.232.0/21

    Signature Algorithm: sha256WithRSAEncryption
         c1:f2:35:ad:60:32:26:66:06:86:9a:20:50:59:28:c4:44:83:
         64:7d:9d:ea:f3:06:14:15:1a:1a:35:3e:70:39:64:2a:9b:bf:
         d5:df:6e:b3:43:6e:90:11:99:80:d6:87:59:6f:54:be:45:a5:
         e7:00:5f:49:04:63:da:6a:a1:20:6f:7f:c8:0f:2b:4f:0d:f7:
         eb:dc:95:26:66:ea:f4:6e:12:bd:4b:5d:9a:52:37:bd:c3:fa:
         8f:27:8d:d7:b4:6c:af:5f:46:ca:72:18:db:dc:40:67:9d:80:
         bf:26:70:18:7b:e8:06:df:95:9e:fb:ea:8f:e6:79:0e:64:72:
         0e:1e:8d:23:68:c5:fe:39:c1:1d:49:1c:6c:42:c7:d8:d1:47:
         12:98:d6:b1:21:a8:9e:fa:05:10:73:66:dd:63:f1:60:57:57:
         69:f7:d3:72:a6:4d:f5:14:7d:1d:8e:de:36:ff:12:55:be:c9:
         5a:c4:be:ef:67:94:fd:59:49:9b:36:e2:fa:84:64:43:18:a6:
         2e:25:ba:0c:cc:24:88:11:66:cf:3f:55:f3:20:a6:20:95:d7:
         80:0a:a2:db:ab:22:79:9d:75:e2:77:2b:c5:53:9a:fc:3e:8f:
         b6:02:ce:fc:07:b9:2f:5c:ec:4d:e2:0f:c2:fc:5b:7b:3d:53:
         66:32:9e:25
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICD2MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMjA5MTUw
MjQwMDVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDc3NzZCRjcxNUI0NkNC
NjEzOEUxNTVGRjJCRkM3RkYwQUE0QzdGQ0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC66353S6wGSUmr/Rl+ZjJPOt1gOjZi2h3vp+FuFLVVenLQ6rOJ
8iZe+dQhiNfGNhsanROcsL8z0I0N+8IL8/c/0lQ+9syIx7w4L0rpcqdyxxmVIlu4
//qMNn6qpGHRM7F4fQLastl4iALipqbYXBVyNTJedd6fkH5Pcr716swBEUPgN92g
9Zb7iWevECfwLX79QQOUepSlXIrmHNU4XnSizJdgoL6MZhTIXTo/Ea1S25lnHH4p
YWP3GWs8QH/EMNiJAN8lCPnqogoVD4zznUszfm9Ecqk0fVK8soUedf1PMnlmYmEv
YxrueQox1v0FiLITzgl0Z5wFka5LXWnZs+Q5AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUd3a/cVtGy2E44VX/K/x/8KpMf8wwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvZDNhX2NWdEd5MkU0NFZYX0tfeF84
S3BNZjh3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8tP6DAN
BgkqhkiG9w0BAQsFAAOCAQEAwfI1rWAyJmYGhpogUFkoxESDZH2d6vMGFBUaGjU+
cDlkKpu/1d9us0NukBGZgNaHWW9UvkWl5wBfSQRj2mqhIG9/yA8rTw3369yVJmbq
9G4SvUtdmlI3vcP6jyeN17Rsr19GynIY29xAZ52AvyZwGHvoBt+Vnvvqj+Z5DmRy
Dh6NI2jF/jnBHUkcbELH2NFHEpjWsSGonvoFEHNm3WPxYFdXaffTcqZN9RR9HY7e
Nv8SVb7JWsS+72eU/VlJmzbi+oRkQximLiW6DMwkiBFmzz9V8yCmIJXXgAqi26si
eZ114ncrxVOa/D6PtgLO/Ae5L1zsTeIPwvxbez1TZjKeJQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org