Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/hGHnWB2fC8ZRqAeaydNOwX7WqUY.roa
File:                     hGHnWB2fC8ZRqAeaydNOwX7WqUY.roa (raw, json)
Hash identifier:          a1L6xkMULPrvUhHAJ/QrYna/lU91gmmSOTDmNle1rUQ=
Subject key identifier:   84:61:E7:58:1D:9F:0B:C6:51:A8:07:9A:C9:D3:4E:C1:7E:D6:A9:46
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0C09
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/hGHnWB2fC8ZRqAeaydNOwX7WqUY.roa
Signing time:             Sun 07 Feb 2021 11:34:40 +0000
ROA not before:           Sun 07 Feb 2021 11:34:40 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     17709
IP address blocks:        210.202.0.0/19 maxlen: 19

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3081 (0xc09)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Feb  7 11:34:40 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=8461E7581D9F0BC651A8079AC9D34EC17ED6A946
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:6f:d3:04:14:3f:fd:f4:78:a3:6c:b7:c9:94:
                    5f:28:ac:b6:68:53:e3:82:d5:cc:7d:f8:41:04:81:
                    70:de:20:ab:f3:62:46:60:62:7e:47:8e:23:75:0c:
                    20:b1:44:7c:9e:25:46:d3:40:59:1d:a7:c8:7b:bd:
                    77:ac:2b:b2:e1:fb:37:8f:fe:00:89:9f:e9:9f:92:
                    79:66:1f:c0:64:d3:ea:6e:e5:20:6c:9a:82:8f:78:
                    7c:fb:46:5f:5e:b9:af:eb:5d:2c:ee:cb:5e:1b:8e:
                    13:be:f4:18:e8:05:65:4d:b9:2a:24:cd:12:2f:bf:
                    59:0f:8b:8e:fa:78:c3:89:09:3a:f9:e3:21:b2:1f:
                    f7:9f:94:d6:f4:04:bd:c5:92:ca:c6:f6:f1:4a:f0:
                    2d:c8:e7:53:10:8f:55:1d:01:a2:93:9d:e7:c9:d3:
                    29:f6:08:c3:57:87:ed:53:c7:de:61:30:80:6f:db:
                    34:46:b5:df:fd:3c:51:b4:7c:42:b4:41:c9:54:d9:
                    27:72:da:4d:20:a8:97:df:ba:e8:7d:fd:b9:79:fe:
                    7e:72:8e:fc:b1:e4:fc:94:12:e7:ed:bf:45:dd:3e:
                    18:3b:85:4d:a1:b9:46:f4:d8:16:58:44:1d:b9:50:
                    74:2e:34:06:51:95:36:e4:8d:03:b5:e7:42:b0:f9:
                    9a:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:61:E7:58:1D:9F:0B:C6:51:A8:07:9A:C9:D3:4E:C1:7E:D6:A9:46
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/hGHnWB2fC8ZRqAeaydNOwX7WqUY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.202.0.0/19

    Signature Algorithm: sha256WithRSAEncryption
         85:c8:8a:d6:76:51:bf:a9:32:8f:43:3f:3d:c9:b4:a6:ce:3d:
         a4:f0:01:42:7a:5c:fd:74:19:72:c9:4d:dd:77:68:5c:83:60:
         75:58:bb:17:21:26:37:bd:3f:af:d6:5b:41:31:93:f5:20:62:
         13:0e:67:33:08:a4:d7:0f:60:d7:7b:a5:92:ad:9d:53:33:f1:
         bc:51:d9:67:8a:cd:14:dd:30:f2:9b:f9:11:58:e3:4a:e9:e5:
         c2:9c:58:9f:fa:09:ec:74:90:7a:6b:97:46:9a:41:29:c4:db:
         52:03:64:96:04:ce:cb:65:48:89:49:98:a1:c2:c5:55:80:73:
         44:c3:38:0e:5c:42:4b:cf:b4:ba:76:34:d0:8d:a0:3d:b4:cd:
         b6:a5:78:f6:6f:76:a4:66:02:3e:ce:58:6f:14:9c:c1:e3:8c:
         a4:7c:67:e7:31:1d:7d:16:df:e2:25:2a:a2:8d:5f:13:f8:60:
         a1:7a:60:46:be:8e:31:2a:1c:71:62:4b:2d:db:6c:9b:32:97:
         63:37:f8:28:b4:97:92:6c:49:7b:8f:c9:73:79:51:fa:a5:7a:
         9d:4a:96:f3:a0:a3:43:9f:29:e2:14:fb:9c:60:8c:92:ab:5e:
         03:ae:52:0f:84:5e:cb:5c:3f:39:2b:79:70:ae:fd:5f:bc:48:
         99:3f:7e:9a
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDAkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAyMDcx
MTM0NDBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDg0NjFFNzU4MUQ5RjBC
QzY1MUE4MDc5QUM5RDM0RUMxN0VENkE5NDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVb9MEFD/99HijbLfJlF8orLZoU+OC1cx9+EEEgXDeIKvzYkZg
Yn5HjiN1DCCxRHyeJUbTQFkdp8h7vXesK7Lh+zeP/gCJn+mfknlmH8Bk0+pu5SBs
moKPeHz7Rl9eua/rXSzuy14bjhO+9BjoBWVNuSokzRIvv1kPi476eMOJCTr54yGy
H/eflNb0BL3FksrG9vFK8C3I51MQj1UdAaKTnefJ0yn2CMNXh+1Tx95hMIBv2zRG
td/9PFG0fEK0QclU2Sdy2k0gqJffuuh9/bl5/n5yjvyx5PyUEuftv0XdPhg7hU2h
uUb02BZYRB25UHQuNAZRlTbkjQO150Kw+ZojAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUhGHnWB2fC8ZRqAeaydNOwX7WqUYwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvaEdIbldCMmZDOFpScUFlYXlkTk93
WDdXcVVZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdLKADAN
BgkqhkiG9w0BAQsFAAOCAQEAhciK1nZRv6kyj0M/Pcm0ps49pPABQnpc/XQZcslN
3XdoXINgdVi7FyEmN70/r9ZbQTGT9SBiEw5nMwik1w9g13ulkq2dUzPxvFHZZ4rN
FN0w8pv5EVjjSunlwpxYn/oJ7HSQemuXRppBKcTbUgNklgTOy2VIiUmYocLFVYBz
RMM4DlxCS8+0unY00I2gPbTNtqV49m92pGYCPs5YbxScweOMpHxn5zEdfRbf4iUq
oo1fE/hgoXpgRr6OMSoccWJLLdtsmzKXYzf4KLSXkmxJe4/Jc3lR+qV6nUqW86Cj
Q58p4hT7nGCMkqteA65SD4Rey1w/OSt5cK79X7xImT9+mg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:01 2024 by rpki-client on console-ams.rpki-client.org