Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/h4inGk_Gq7SWb8Qf8tPYxC6emWM.roa
File:                     h4inGk_Gq7SWb8Qf8tPYxC6emWM.roa (raw, json)
Hash identifier:          S4oCKg2OEjVci/ENMiK3pv7o+nQhbwawMXjjpIKaNpM=
Subject key identifier:   87:88:A7:1A:4F:C6:AB:B4:96:6F:C4:1F:F2:D3:D8:C4:2E:9E:99:63
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       091D
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/h4inGk_Gq7SWb8Qf8tPYxC6emWM.roa
Signing time:             Tue 29 Sep 2020 10:01:29 +0000
ROA not before:           Tue 29 Sep 2020 10:01:29 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     9311
IP address blocks:        210.200.17.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2333 (0x91d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 29 10:01:29 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=8788A71A4FC6ABB4966FC41FF2D3D8C42E9E9963
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:d9:db:57:8a:9c:b1:c3:2e:78:33:87:5d:eb:
                    15:3a:cc:8d:db:05:d1:c2:da:f4:c1:4a:ef:f0:68:
                    a8:b7:21:5b:53:c9:75:5c:9a:75:9a:58:b0:50:da:
                    3d:c6:77:61:13:0b:c5:ce:91:41:1b:47:20:79:9f:
                    8c:8f:5a:96:a6:95:7f:55:d0:3c:2c:b6:a6:b8:df:
                    28:2a:96:eb:92:f3:99:5e:79:68:a1:31:9a:1c:e9:
                    9d:e6:fa:c1:b5:aa:1a:0b:81:a9:53:48:6a:64:54:
                    3b:b6:fd:e3:98:e1:40:5c:42:91:1c:a6:3a:de:89:
                    69:83:d3:4a:2b:1c:f1:0f:06:b0:2d:d3:52:3d:3f:
                    6a:2b:b5:10:cb:3c:89:18:dd:6f:5c:9d:ca:6d:59:
                    e4:3f:03:02:77:36:35:b3:b1:f8:62:ce:d0:c9:c3:
                    e4:f4:0b:9f:4e:54:00:53:8c:10:09:53:5c:f5:e2:
                    85:ea:5c:aa:7c:63:94:01:c9:3f:07:60:0b:a7:3d:
                    95:d2:36:da:44:25:c9:ff:76:67:18:15:3a:f8:bf:
                    19:cc:d0:4e:bb:08:cb:98:71:d8:72:a2:3b:3b:c5:
                    2d:8a:8c:80:59:b0:d0:2e:cc:5e:af:e8:35:40:f0:
                    e7:56:b8:c2:59:f4:14:90:1e:f6:fc:00:dc:a5:78:
                    02:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:88:A7:1A:4F:C6:AB:B4:96:6F:C4:1F:F2:D3:D8:C4:2E:9E:99:63
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/h4inGk_Gq7SWb8Qf8tPYxC6emWM.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.200.17.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:ae:69:4b:ca:ca:0e:6a:39:ec:15:b3:48:1e:ba:64:11:d2:
         d9:f7:d5:d2:73:f3:85:53:40:a8:45:36:b3:d8:da:4e:fa:47:
         c1:cd:8b:4d:2a:89:aa:69:94:a9:bf:13:5a:8f:39:b1:44:c1:
         0c:49:25:31:e3:1c:80:b5:fe:a1:78:47:ab:b1:99:21:c3:10:
         ad:30:e0:67:60:ed:bc:6d:65:25:69:45:fc:22:10:61:a3:ab:
         97:b7:2b:3b:01:3f:28:8f:34:5d:ff:9f:84:37:a3:9c:9f:65:
         94:9f:3c:24:04:41:bf:87:a4:f9:fe:2e:19:18:8b:1f:93:fe:
         54:f8:eb:d8:b3:50:f5:77:2d:29:3d:e7:9d:95:bd:80:80:e0:
         69:2a:e0:cb:89:63:3f:ec:22:86:05:0a:49:28:bf:ff:7b:6f:
         dc:39:83:68:13:4c:bb:25:de:df:ba:ed:df:48:31:27:ee:41:
         a5:7f:02:d3:ed:ac:a1:34:21:bd:4e:9b:fd:eb:69:3c:63:9c:
         47:b1:fb:1b:92:71:0b:66:7d:68:8d:e2:a3:83:aa:fb:e1:ca:
         21:1c:da:e4:4b:83:c6:67:9d:51:c0:d1:ff:ec:0d:c9:a4:7e:
         f2:b2:74:c1:f7:7e:19:3d:07:c0:f8:7e:dc:06:cb:95:87:8d:
         e4:ac:5a:47
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCR0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMDA5Mjkx
MDAxMjlaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDg3ODhBNzFBNEZDNkFC
QjQ5NjZGQzQxRkYyRDNEOEM0MkU5RTk5NjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDA2dtXipyxwy54M4dd6xU6zI3bBdHC2vTBSu/waKi3IVtTyXVc
mnWaWLBQ2j3Gd2ETC8XOkUEbRyB5n4yPWpamlX9V0Dwstqa43ygqluuS85leeWih
MZoc6Z3m+sG1qhoLgalTSGpkVDu2/eOY4UBcQpEcpjreiWmD00orHPEPBrAt01I9
P2ortRDLPIkY3W9cncptWeQ/AwJ3NjWzsfhiztDJw+T0C59OVABTjBAJU1z14oXq
XKp8Y5QByT8HYAunPZXSNtpEJcn/dmcYFTr4vxnM0E67CMuYcdhyojs7xS2KjIBZ
sNAuzF6v6DVA8OdWuMJZ9BSQHvb8ANyleAI1AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUh4inGk/Gq7SWb8Qf8tPYxC6emWMwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvaDRpbkdrX0dxN1NXYjhRZjh0UFl4
QzZlbVdNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANLIETAN
BgkqhkiG9w0BAQsFAAOCAQEAK65pS8rKDmo57BWzSB66ZBHS2ffV0nPzhVNAqEU2
s9jaTvpHwc2LTSqJqmmUqb8TWo85sUTBDEklMeMcgLX+oXhHq7GZIcMQrTDgZ2Dt
vG1lJWlF/CIQYaOrl7crOwE/KI80Xf+fhDejnJ9llJ88JARBv4ek+f4uGRiLH5P+
VPjr2LNQ9XctKT3nnZW9gIDgaSrgy4ljP+wihgUKSSi//3tv3DmDaBNMuyXe37rt
30gxJ+5BpX8C0+2soTQhvU6b/etpPGOcR7H7G5JxC2Z9aI3io4Oq++HKIRza5EuD
xmedUcDR/+wNyaR+8rJ0wfd+GT0HwPh+3AbLlYeN5KxaRw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:01 2024 by rpki-client on console-ams.rpki-client.org