Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/hM1nVQVM_XN77lTYG5KknnyGMr4.roa
File:                     hM1nVQVM_XN77lTYG5KknnyGMr4.roa (raw, json)
Hash identifier:          2tbGtzkZMece9yx+j1nMqoIj703wT3v420+efGGfoLU=
Subject key identifier:   84:CD:67:55:05:4C:FD:73:7B:EE:54:D8:1B:92:A4:9E:7C:86:32:BE
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       12FF
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/hM1nVQVM_XN77lTYG5KknnyGMr4.roa
Signing time:             Fri 01 Sep 2023 08:05:16 +0000
ROA not before:           Fri 01 Sep 2023 08:05:16 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     17709
IP address blocks:        210.58.0.0/16 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4863 (0x12ff)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep  1 08:05:16 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=84CD6755054CFD737BEE54D81B92A49E7C8632BE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:06:9b:9c:80:02:34:fc:19:35:74:f7:ef:18:
                    1b:4b:ad:12:c1:0e:0e:de:f0:2f:66:9a:ba:6a:cd:
                    c0:22:55:ea:3e:c1:63:4a:b7:34:37:ab:ef:8e:bb:
                    0a:e0:f1:6e:4a:89:60:9a:8c:46:74:21:0d:d7:d1:
                    19:4b:8d:27:1e:eb:4b:ce:b4:c8:41:88:d3:d0:71:
                    91:2e:12:21:72:cf:a1:72:63:d4:e3:42:d6:60:24:
                    d6:96:e8:3e:38:68:5a:ae:df:47:5d:e2:91:17:8f:
                    9c:b4:19:68:54:10:29:e7:df:61:20:c9:e7:3d:0e:
                    09:d6:e6:ec:3a:b9:98:b5:92:00:35:0d:dd:46:c7:
                    8d:fc:ba:98:44:45:59:60:2f:bd:3b:ef:fe:e7:ce:
                    c2:90:51:c3:c5:07:e2:36:af:fa:83:a7:83:ab:b4:
                    f5:4e:97:f9:8c:f4:a8:bb:d6:a9:8a:31:ec:56:5e:
                    b4:bb:fc:39:5f:0f:f6:9d:90:d8:de:5d:a3:b8:59:
                    fc:b4:46:87:5b:30:c5:b2:76:e1:c7:4c:38:91:58:
                    48:f6:d3:85:a5:2b:c9:76:10:e2:ad:a0:b9:d3:84:
                    75:e6:aa:95:94:fe:eb:76:e9:23:7e:b6:5d:51:b6:
                    af:f7:01:be:f9:5e:07:ec:2a:e8:be:ae:e1:56:6b:
                    bc:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:CD:67:55:05:4C:FD:73:7B:EE:54:D8:1B:92:A4:9E:7C:86:32:BE
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/hM1nVQVM_XN77lTYG5KknnyGMr4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.58.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         7d:c0:e6:b5:c6:79:5c:a8:aa:d8:e7:69:be:95:bd:7e:fd:d1:
         f2:bb:69:3f:e1:b6:a7:6a:60:d9:cd:c2:da:9f:f4:6a:da:84:
         ca:75:6e:54:6f:9e:e0:b4:39:c0:4b:a5:04:fe:f6:33:3b:ff:
         ae:86:94:71:2d:8a:4a:8c:41:40:da:ce:b7:3d:99:0f:fd:10:
         73:cc:a1:2b:31:b3:e0:2b:83:59:2f:69:3a:b0:89:f3:19:d1:
         ef:da:c8:3d:4a:87:88:17:31:6a:99:79:93:99:31:bc:9d:87:
         d8:1a:63:5d:db:b2:95:81:66:f1:66:90:46:c3:01:c2:62:38:
         56:66:14:e4:0b:7c:b5:90:41:46:5a:35:80:94:b7:51:ef:f9:
         e0:e0:91:86:86:ab:81:3a:2e:65:e4:9d:ca:b3:07:48:ce:53:
         7c:5e:6b:7b:fe:8d:ab:96:03:07:3b:99:21:dd:8d:93:4f:46:
         c5:59:b1:ff:24:af:55:63:a0:a1:35:8c:53:bd:f1:b7:e2:c8:
         d9:2b:33:13:9c:07:c5:5a:09:3c:23:17:de:68:9d:01:b9:0e:
         36:02:7e:60:fd:d1:9d:66:77:91:cf:c2:7b:52:60:1d:2b:e5:
         11:ee:8e:84:b7:01:6a:79:f2:ac:6e:fd:22:24:13:2b:27:84:
         46:c9:29:7e
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICEv8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MTZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDg0Q0Q2NzU1MDU0Q0ZE
NzM3QkVFNTREODFCOTJBNDlFN0M4NjMyQkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCBpucgAI0/Bk1dPfvGBtLrRLBDg7e8C9mmrpqzcAiVeo+wWNK
tzQ3q++Ouwrg8W5KiWCajEZ0IQ3X0RlLjSce60vOtMhBiNPQcZEuEiFyz6FyY9Tj
QtZgJNaW6D44aFqu30dd4pEXj5y0GWhUECnn32Egyec9DgnW5uw6uZi1kgA1Dd1G
x438uphERVlgL7077/7nzsKQUcPFB+I2r/qDp4OrtPVOl/mM9Ki71qmKMexWXrS7
/DlfD/adkNjeXaO4Wfy0RodbMMWyduHHTDiRWEj204WlK8l2EOKtoLnThHXmqpWU
/ut26SN+tl1Rtq/3Ab75XgfsKui+ruFWa7xRAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUhM1nVQVM/XN77lTYG5KknnyGMr4wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvaE0xblZRVk1fWE43N2xUWUc1S2tu
bnlHTXI0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANI6MA0G
CSqGSIb3DQEBCwUAA4IBAQB9wOa1xnlcqKrY52m+lb1+/dHyu2k/4banamDZzcLa
n/Rq2oTKdW5Ub57gtDnAS6UE/vYzO/+uhpRxLYpKjEFA2s63PZkP/RBzzKErMbPg
K4NZL2k6sInzGdHv2sg9SoeIFzFqmXmTmTG8nYfYGmNd27KVgWbxZpBGwwHCYjhW
ZhTkC3y1kEFGWjWAlLdR7/ng4JGGhquBOi5l5J3KswdIzlN8Xmt7/o2rlgMHO5kh
3Y2TT0bFWbH/JK9VY6ChNYxTvfG34sjZKzMTnAfFWgk8IxfeaJ0BuQ42An5g/dGd
ZneRz8J7UmAdK+UR7o6EtwFqefKsbv0iJBMrJ4RGySl+
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:01 2024 by rpki-client on console-ams.rpki-client.org