Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/eCKe21f4Lbnx94qyonaoxrZweZc.roa
File:                     eCKe21f4Lbnx94qyonaoxrZweZc.roa (raw, json)
Hash identifier:          WGpyZk53dVsXRYgGe8aCobWQ/dIkiCl3ZvuAMBKzF/s=
Subject key identifier:   78:22:9E:DB:57:F8:2D:B9:F1:F7:8A:B2:A2:76:A8:C6:B6:70:79:97
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0F63
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/eCKe21f4Lbnx94qyonaoxrZweZc.roa
Signing time:             Thu 15 Sep 2022 02:40:25 +0000
ROA not before:           Thu 15 Sep 2022 02:40:25 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     17709
IP address blocks:        210.203.0.0/17 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3939 (0xf63)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 15 02:40:25 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=78229EDB57F82DB9F1F78AB2A276A8C6B6707997
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:79:e1:a3:b1:90:17:25:28:9a:d6:3d:bc:c3:
                    b2:7a:37:d4:e1:2a:90:d9:e2:8c:0a:de:72:54:4a:
                    79:9b:b2:82:5c:23:8a:55:53:b8:0b:c2:5d:3a:1e:
                    cf:c5:85:b8:5d:23:01:b9:8d:66:07:2d:2f:38:fd:
                    87:b3:15:4b:57:63:33:5d:74:0c:c1:20:19:24:cc:
                    60:f6:6b:5b:ac:ba:8d:93:b7:bf:6f:00:80:88:41:
                    55:38:30:08:a1:e8:3f:c6:c3:ca:33:f1:51:83:2a:
                    21:f4:7f:d0:d0:c7:a7:7b:90:7e:19:e6:cc:eb:7c:
                    1f:76:ca:f2:cd:eb:ae:16:92:26:ef:ea:93:66:ea:
                    b5:1f:a1:88:b2:10:ea:59:dd:59:e9:e5:b4:3c:7b:
                    e5:ae:b2:f4:5a:32:f7:2d:08:4b:d2:69:ae:0e:ee:
                    af:06:9a:ea:08:ee:0e:d5:3e:ff:d7:02:98:60:17:
                    cb:82:f0:21:14:8b:78:4a:56:f8:4a:cb:80:69:9a:
                    8a:ab:83:61:d9:5a:9c:11:6f:77:a4:1d:0a:4d:ca:
                    5b:69:8f:f5:63:f1:0c:06:77:95:86:89:c4:3e:af:
                    9c:b6:b5:e6:0d:2e:a7:82:6d:66:10:4c:6a:75:1d:
                    68:c0:3e:8c:d9:77:f3:ca:26:2a:e6:dc:ba:db:e2:
                    b6:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:22:9E:DB:57:F8:2D:B9:F1:F7:8A:B2:A2:76:A8:C6:B6:70:79:97
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/eCKe21f4Lbnx94qyonaoxrZweZc.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.203.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         38:52:43:8b:4d:e6:6a:6a:04:43:ef:e8:d9:3d:85:c7:3c:ec:
         b3:3e:8f:b9:55:36:92:98:00:c3:81:b5:73:15:aa:9f:fc:51:
         c8:23:52:44:a1:21:66:76:f2:f1:ec:57:ff:a4:70:25:38:3b:
         8d:47:33:bf:35:ba:ab:d9:84:de:c9:84:24:49:d1:b3:08:7c:
         ce:bf:d9:06:71:99:d0:d6:92:bf:29:90:7b:4d:36:e2:6c:98:
         7e:9a:11:ec:97:5b:21:9a:42:b5:53:a0:43:be:5d:12:a6:ff:
         69:46:9a:21:b8:5d:0d:f2:b9:a5:cf:13:ff:12:46:7b:99:c2:
         8a:06:ce:4b:d1:e0:08:5d:53:28:b6:e9:dc:e1:22:65:4e:85:
         f5:c7:71:15:4f:6f:ee:56:ea:e3:ae:72:c0:d7:cd:c0:3b:4f:
         74:02:8d:f1:09:ee:66:88:a0:85:ea:c0:cb:6d:76:58:27:7f:
         21:66:62:f7:c6:89:2e:d9:f9:b6:9f:2e:20:9a:d9:f3:3b:10:
         8b:09:e2:e3:ee:be:3a:fb:cc:be:33:9b:5f:cc:57:12:e6:79:
         98:9a:23:96:d0:65:42:b8:cb:5d:8f:dd:20:d8:da:b1:ae:74:
         e9:82:ec:18:99:22:63:e3:48:2b:4c:a6:84:b2:c3:d4:a0:0d:
         fc:9e:7a:99
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICD2MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMjA5MTUw
MjQwMjVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDc4MjI5RURCNTdGODJE
QjlGMUY3OEFCMkEyNzZBOEM2QjY3MDc5OTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD0eeGjsZAXJSia1j28w7J6N9ThKpDZ4owK3nJUSnmbsoJcI4pV
U7gLwl06Hs/FhbhdIwG5jWYHLS84/YezFUtXYzNddAzBIBkkzGD2a1usuo2Tt79v
AICIQVU4MAih6D/Gw8oz8VGDKiH0f9DQx6d7kH4Z5szrfB92yvLN664Wkibv6pNm
6rUfoYiyEOpZ3Vnp5bQ8e+WusvRaMvctCEvSaa4O7q8GmuoI7g7VPv/XAphgF8uC
8CEUi3hKVvhKy4Bpmoqrg2HZWpwRb3ekHQpNyltpj/Vj8QwGd5WGicQ+r5y2teYN
LqeCbWYQTGp1HWjAPozZd/PKJirm3Lrb4rZtAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUeCKe21f4Lbnx94qyonaoxrZweZcwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvZUNLZTIxZjRMYm54OTRxeW9uYW94
clp3ZVpjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9LLADAN
BgkqhkiG9w0BAQsFAAOCAQEAOFJDi03mamoEQ+/o2T2Fxzzssz6PuVU2kpgAw4G1
cxWqn/xRyCNSRKEhZnby8exX/6RwJTg7jUczvzW6q9mE3smEJEnRswh8zr/ZBnGZ
0NaSvymQe0024myYfpoR7JdbIZpCtVOgQ75dEqb/aUaaIbhdDfK5pc8T/xJGe5nC
igbOS9HgCF1TKLbp3OEiZU6F9cdxFU9v7lbq465ywNfNwDtPdAKN8QnuZoigherA
y212WCd/IWZi98aJLtn5tp8uIJrZ8zsQiwni4+6+OvvMvjObX8xXEuZ5mJojltBl
QrjLXY/dINjasa506YLsGJkiY+NIK0ymhLLD1KAN/J56mQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:01 2024 by rpki-client on console-ams.rpki-client.org