Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/gvRY1LlmzZY662pV8wbjeoco_0I.roa
File:                     gvRY1LlmzZY662pV8wbjeoco_0I.roa (raw, json)
Hash identifier:          kmsGHbCDDZNT0PXAi6cN7hMdniVMQN8i6pK5Qtm3z04=
Subject key identifier:   82:F4:58:D4:B9:66:CD:96:3A:EB:6A:55:F3:06:E3:7A:87:28:FF:42
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       1143
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/gvRY1LlmzZY662pV8wbjeoco_0I.roa
Signing time:             Mon 07 Aug 2023 07:46:42 +0000
ROA not before:           Mon 07 Aug 2023 07:46:42 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     17709
IP address blocks:        203.207.32.0/20 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4419 (0x1143)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Aug  7 07:46:42 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=82F458D4B966CD963AEB6A55F306E37A8728FF42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:c9:b5:3c:42:53:30:6b:b5:bb:01:5b:62:f4:
                    78:47:50:61:1e:77:0f:55:d0:c0:2d:33:ac:ed:4a:
                    bd:7c:d4:28:d6:1b:15:70:3d:18:51:00:47:03:77:
                    55:65:b2:b9:43:37:2f:12:1d:19:d4:74:bc:77:81:
                    02:c1:f0:59:ed:22:da:6c:3e:f8:44:db:fc:99:70:
                    e5:72:6d:d1:ae:f7:d5:a8:fa:f5:37:14:ce:94:eb:
                    50:3b:0b:fa:c3:06:d6:40:61:41:06:9c:e7:b9:82:
                    77:58:57:9b:2e:16:04:20:06:5b:69:38:35:f8:5c:
                    4e:7a:ab:a7:e6:96:f8:e1:1d:3e:13:f8:60:ea:16:
                    b0:ae:62:fa:70:e4:cc:af:03:83:d1:4e:c1:de:c8:
                    a1:fb:b5:e9:e6:57:bd:5b:be:0a:61:a4:65:e6:ad:
                    0d:5a:a0:d3:1c:fc:ad:df:8e:a9:c7:98:aa:da:5a:
                    10:de:39:48:23:43:b8:e0:33:58:bf:a6:2e:4c:e9:
                    80:49:66:c3:67:fc:9a:9a:84:02:7f:2f:6f:62:5a:
                    e3:78:6b:5e:85:59:db:33:c5:18:59:71:88:7a:8d:
                    d7:14:02:2f:dd:48:5b:6c:3a:ac:80:c3:54:2e:2b:
                    27:fb:be:f4:bc:20:f2:66:dd:ad:df:dc:c2:79:34:
                    4a:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:F4:58:D4:B9:66:CD:96:3A:EB:6A:55:F3:06:E3:7A:87:28:FF:42
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/gvRY1LlmzZY662pV8wbjeoco_0I.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.207.32.0/20

    Signature Algorithm: sha256WithRSAEncryption
         c0:06:70:68:28:5f:56:83:53:b8:b1:de:87:53:86:ea:29:fa:
         6d:52:38:c3:a0:af:f9:bb:06:48:c4:86:f6:44:9c:37:f1:2e:
         97:57:3b:30:68:58:54:7b:ea:49:b8:c3:ad:d4:63:95:1e:d9:
         49:d6:06:c0:a3:3b:3f:43:b6:e7:a1:80:70:eb:af:36:fb:01:
         5e:24:45:c1:69:74:f0:4d:90:8e:67:8a:ce:92:40:4d:ad:15:
         56:df:9f:74:8e:17:09:16:9f:1f:71:08:0e:b6:34:c9:19:91:
         19:11:4d:5a:a4:aa:15:12:01:9d:d4:f8:60:a0:d3:a1:29:11:
         a0:f8:5d:0b:f1:c7:2d:d7:31:16:ec:6e:26:5e:0d:cb:9b:70:
         cb:f9:38:60:f5:67:04:33:c2:08:01:6f:ec:21:dc:47:95:eb:
         11:7f:de:96:b2:1d:ac:27:d0:aa:4a:a4:72:d9:14:49:8f:4d:
         ac:15:bf:5d:31:27:34:5d:dd:10:ac:ad:27:56:67:31:02:8d:
         db:60:1a:3e:60:02:1c:f6:b9:df:da:32:71:28:4c:88:d0:1e:
         27:ea:e7:71:fd:09:da:e8:53:a8:93:62:5c:db:f8:2f:b5:9d:
         00:05:13:72:ff:21:14:76:65:c6:45:f9:28:4e:01:81:ad:bd:
         1a:cf:52:88
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEUMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA4MDcw
NzQ2NDJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDgyRjQ1OEQ0Qjk2NkNE
OTYzQUVCNkE1NUYzMDZFMzdBODcyOEZGNDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBybU8QlMwa7W7AVti9HhHUGEedw9V0MAtM6ztSr181CjWGxVw
PRhRAEcDd1VlsrlDNy8SHRnUdLx3gQLB8FntItpsPvhE2/yZcOVybdGu99Wo+vU3
FM6U61A7C/rDBtZAYUEGnOe5gndYV5suFgQgBltpODX4XE56q6fmlvjhHT4T+GDq
FrCuYvpw5MyvA4PRTsHeyKH7tenmV71bvgphpGXmrQ1aoNMc/K3fjqnHmKraWhDe
OUgjQ7jgM1i/pi5M6YBJZsNn/JqahAJ/L29iWuN4a16FWdszxRhZcYh6jdcUAi/d
SFtsOqyAw1QuKyf7vvS8IPJm3a3f3MJ5NEp9AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUgvRY1LlmzZY662pV8wbjeoco/0IwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvZ3ZSWTFMbG16Wlk2NjJwVjh3Ympl
b2NvXzBJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMvPIDAN
BgkqhkiG9w0BAQsFAAOCAQEAwAZwaChfVoNTuLHeh1OG6in6bVI4w6Cv+bsGSMSG
9kScN/Eul1c7MGhYVHvqSbjDrdRjlR7ZSdYGwKM7P0O256GAcOuvNvsBXiRFwWl0
8E2QjmeKzpJATa0VVt+fdI4XCRafH3EIDrY0yRmRGRFNWqSqFRIBndT4YKDToSkR
oPhdC/HHLdcxFuxuJl4Ny5twy/k4YPVnBDPCCAFv7CHcR5XrEX/elrIdrCfQqkqk
ctkUSY9NrBW/XTEnNF3dEKytJ1ZnMQKN22AaPmACHPa539oycShMiNAeJ+rncf0J
2uhTqJNiXNv4L7WdAAUTcv8hFHZlxkX5KE4Bga29Gs9SiA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org