Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/fWxGuTPOkXsvYlZ6FSWqfLZaN0o.roa
File:                     fWxGuTPOkXsvYlZ6FSWqfLZaN0o.roa (raw, json)
Hash identifier:          y958QEOxNMI1R76+JuFOehtdy/SpRXjwGll2tQE0d7w=
Subject key identifier:   7D:6C:46:B9:33:CE:91:7B:2F:62:56:7A:15:25:AA:7C:B6:5A:37:4A
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0ECD
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/fWxGuTPOkXsvYlZ6FSWqfLZaN0o.roa
Signing time:             Thu 17 Feb 2022 02:08:51 +0000
ROA not before:           Thu 17 Feb 2022 02:08:51 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     9922
IP address blocks:        124.218.72.0/21 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3789 (0xecd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Feb 17 02:08:51 2022 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=7D6C46B933CE917B2F62567A1525AA7CB65A374A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:a0:71:a4:94:12:7c:c7:1d:41:d1:69:5c:3c:
                    ab:d6:49:aa:62:28:04:c4:50:1d:14:7b:a6:79:7b:
                    e6:fe:af:32:d5:30:a8:30:69:10:a9:20:8a:4b:76:
                    5e:9e:5e:b5:bb:27:42:09:0a:2e:8a:8d:8e:c7:37:
                    f1:87:f5:9c:c5:6c:b8:70:7b:fe:65:df:e5:ad:9a:
                    29:ea:65:0a:35:07:c0:38:6e:b1:67:16:61:0b:a1:
                    65:d3:9b:ee:ce:02:f8:98:45:84:90:bb:47:9a:16:
                    70:fe:37:f4:53:bf:4c:ba:48:e2:ba:ca:f4:21:7e:
                    83:ac:da:3c:bf:13:aa:51:be:c7:8d:45:b8:13:43:
                    45:03:42:12:a7:25:21:90:68:ae:6c:d1:f1:e1:13:
                    9a:4a:26:3e:d4:1f:12:00:fc:1c:b7:75:b0:ea:03:
                    7b:65:0a:d6:b3:59:9d:70:a2:19:49:e4:94:8f:2d:
                    ca:f0:ba:a0:d1:9b:91:6e:89:5d:4c:a2:23:c1:b2:
                    66:2e:f2:5f:04:92:58:dc:f6:f1:54:55:dc:5d:b7:
                    4b:cf:58:cd:7e:60:55:99:b4:b5:42:82:4b:3f:f3:
                    f1:9e:db:22:4d:84:53:27:ad:ed:65:e9:6b:c5:9d:
                    8d:3a:25:72:68:8a:48:92:cd:d3:f1:8c:04:51:40:
                    a8:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:6C:46:B9:33:CE:91:7B:2F:62:56:7A:15:25:AA:7C:B6:5A:37:4A
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/fWxGuTPOkXsvYlZ6FSWqfLZaN0o.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  124.218.72.0/21

    Signature Algorithm: sha256WithRSAEncryption
         2c:b5:23:97:b1:4b:d2:c2:e2:05:ab:fb:5a:f3:7e:88:7b:13:
         c9:d1:1d:0e:6d:c7:95:58:25:32:69:d5:6f:b7:9f:60:ab:62:
         7f:65:4a:8b:21:7f:c0:68:42:8b:c3:97:52:e4:ed:6a:f2:09:
         88:f7:10:c9:bb:2e:cf:e9:8c:75:3d:ff:e4:17:40:df:6b:17:
         81:f5:ee:bd:cf:08:ca:9b:a4:8d:57:bf:0c:17:c0:d3:e2:42:
         eb:1b:d4:dc:38:c2:87:6e:7f:69:d4:e6:7d:59:59:55:b2:3d:
         cc:7f:b8:f1:32:70:98:a1:fc:e3:de:25:02:a5:e4:71:8d:e3:
         49:8d:ac:d3:66:05:8c:cc:85:3c:df:31:5d:ca:02:17:bf:1c:
         ad:ee:10:d6:a4:21:15:40:f8:6b:76:d2:fa:33:a8:f5:e4:0f:
         91:52:65:0a:44:f9:3c:22:d2:86:7a:19:bb:a9:c7:60:4d:8a:
         62:4b:67:5a:40:a0:84:e3:36:c1:4b:87:4c:b5:b0:f8:b2:d8:
         ed:66:58:28:f4:62:db:03:87:e6:7c:a9:8b:4c:e1:73:79:6a:
         0b:cb:ee:b8:cf:1e:e8:60:62:e2:91:92:fd:49:63:b5:fe:db:
         ac:6c:11:28:66:a1:db:fc:f0:92:19:56:3a:75:a8:8e:66:36:
         94:64:45:1f
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDs0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMjAyMTcw
MjA4NTFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDdENkM0NkI5MzNDRTkx
N0IyRjYyNTY3QTE1MjVBQTdDQjY1QTM3NEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5oHGklBJ8xx1B0WlcPKvWSapiKATEUB0Ue6Z5e+b+rzLVMKgw
aRCpIIpLdl6eXrW7J0IJCi6KjY7HN/GH9ZzFbLhwe/5l3+WtminqZQo1B8A4brFn
FmELoWXTm+7OAviYRYSQu0eaFnD+N/RTv0y6SOK6yvQhfoOs2jy/E6pRvseNRbgT
Q0UDQhKnJSGQaK5s0fHhE5pKJj7UHxIA/By3dbDqA3tlCtazWZ1wohlJ5JSPLcrw
uqDRm5FuiV1MoiPBsmYu8l8Ekljc9vFUVdxdt0vPWM1+YFWZtLVCgks/8/Ge2yJN
hFMnre1l6WvFnY06JXJoikiSzdPxjARRQKhhAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUfWxGuTPOkXsvYlZ6FSWqfLZaN0owHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvZld4R3VUUE9rWHN2WWxaNkZTV3Fm
TFphTjBvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3zaSDAN
BgkqhkiG9w0BAQsFAAOCAQEALLUjl7FL0sLiBav7WvN+iHsTydEdDm3HlVglMmnV
b7efYKtif2VKiyF/wGhCi8OXUuTtavIJiPcQybsuz+mMdT3/5BdA32sXgfXuvc8I
ypukjVe/DBfA0+JC6xvU3DjCh25/adTmfVlZVbI9zH+48TJwmKH8494lAqXkcY3j
SY2s02YFjMyFPN8xXcoCF78cre4Q1qQhFUD4a3bS+jOo9eQPkVJlCkT5PCLShnoZ
u6nHYE2KYktnWkCghOM2wUuHTLWw+LLY7WZYKPRi2wOH5nypi0zhc3lqC8vuuM8e
6GBi4pGS/Uljtf7brGwRKGah2/zwkhlWOnWojmY2lGRFHw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:01 2024 by rpki-client on console-ams.rpki-client.org