Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/hZBq_WSElWnzr5_Wbb-QtMth9xs.roa
File:                     hZBq_WSElWnzr5_Wbb-QtMth9xs.roa (raw, json)
Hash identifier:          CmcR86uISN5XJLZzYuObA575NnIpW2LZlvuWubK4rOc=
Subject key identifier:   85:90:6A:FD:64:84:95:69:F3:AF:9F:D6:6D:BF:90:B4:CB:61:F7:1B
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0919
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/hZBq_WSElWnzr5_Wbb-QtMth9xs.roa
Signing time:             Tue 29 Sep 2020 10:01:28 +0000
ROA not before:           Tue 29 Sep 2020 10:01:28 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     17709
IP address blocks:        210.200.64.0/18 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2329 (0x919)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 29 10:01:28 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=85906AFD64849569F3AF9FD66DBF90B4CB61F71B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:fc:3e:62:76:78:9a:67:f0:bd:28:9c:22:ce:
                    a3:a8:69:ae:7d:c7:db:94:e6:04:0e:ad:f8:2c:87:
                    00:ca:23:38:52:57:1a:ec:c5:0c:ec:b5:ef:74:0b:
                    b3:1a:b4:95:3e:25:96:58:30:3e:f4:76:81:9e:a3:
                    63:68:7d:ad:4d:e1:ac:14:8b:8e:aa:e9:a1:af:52:
                    af:1d:cd:01:c4:85:6a:af:5b:4a:3e:9a:28:80:9f:
                    25:39:7d:7f:8a:0f:bc:ef:3a:8d:f6:6f:bd:c8:4e:
                    31:1a:b1:18:c7:0d:1a:d9:c7:a3:63:23:a0:b3:ae:
                    87:75:32:ea:c8:c3:f9:4b:1f:67:c9:b7:a4:68:2c:
                    e7:ff:27:af:7e:d0:43:2e:77:d7:b9:f8:a5:34:2a:
                    a2:3f:4d:39:9b:20:91:38:7e:80:81:c2:14:44:61:
                    91:bd:19:8d:e5:ac:56:e8:34:48:4b:a9:c8:0b:d3:
                    8f:6f:a9:c8:84:eb:04:5b:a6:ec:ef:a6:dc:27:e4:
                    78:56:e8:2c:51:ea:7b:fb:1c:1b:11:ae:a5:46:d5:
                    f5:36:0a:6d:67:3d:85:a7:b8:d2:cd:40:1a:3f:0f:
                    13:a2:84:75:7b:d8:e3:cb:05:bd:70:fc:79:5f:e7:
                    3a:5d:ae:fb:b8:a2:90:73:b8:19:b8:c4:0a:9e:1b:
                    a3:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:90:6A:FD:64:84:95:69:F3:AF:9F:D6:6D:BF:90:B4:CB:61:F7:1B
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/hZBq_WSElWnzr5_Wbb-QtMth9xs.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.200.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         27:0e:69:25:03:00:ad:17:c9:cb:3a:90:14:c6:a2:43:4b:20:
         5c:fa:14:6a:f9:27:29:29:23:00:df:d0:5c:62:37:49:07:5f:
         19:0f:f3:d8:2c:71:25:1c:f1:1a:07:c7:ea:a3:e2:60:bc:87:
         62:87:60:cb:0e:96:94:3b:2c:ca:a6:51:87:d0:a3:5b:ab:27:
         0d:88:8b:9f:5e:58:8a:da:32:05:69:cc:f5:6a:f5:d8:b8:ff:
         3c:ab:b8:0e:8d:0a:1f:54:56:a9:81:4b:35:b8:96:f7:80:b1:
         65:a3:50:36:32:43:9a:0e:98:61:03:9e:d6:26:47:9f:c9:85:
         82:38:0f:b7:69:17:36:6f:81:68:82:50:2e:b9:94:05:ba:f1:
         7a:3f:59:02:02:07:da:be:c8:83:b6:3e:75:a0:9b:15:86:1f:
         b9:af:a3:d0:2c:f6:fd:d5:54:e1:1f:0b:87:52:b2:46:25:bd:
         db:e7:d2:78:fa:dc:bf:c9:07:11:b3:d7:71:c7:c5:82:9a:84:
         c3:18:4a:89:40:01:b8:80:de:3a:7f:15:cb:c5:01:bd:1c:09:
         8c:6a:53:2e:27:d3:f2:4d:e2:4a:d6:9d:13:42:36:df:af:93:
         72:e2:aa:b8:ac:a4:a6:14:4b:2c:37:29:7a:d5:52:95:f5:b6:
         51:5f:b4:5e
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCRkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMDA5Mjkx
MDAxMjhaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDg1OTA2QUZENjQ4NDk1
NjlGM0FGOUZENjZEQkY5MEI0Q0I2MUY3MUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDA/D5idniaZ/C9KJwizqOoaa59x9uU5gQOrfgshwDKIzhSVxrs
xQzste90C7MatJU+JZZYMD70doGeo2Nofa1N4awUi46q6aGvUq8dzQHEhWqvW0o+
miiAnyU5fX+KD7zvOo32b73ITjEasRjHDRrZx6NjI6Czrod1MurIw/lLH2fJt6Ro
LOf/J69+0EMud9e5+KU0KqI/TTmbIJE4foCBwhREYZG9GY3lrFboNEhLqcgL049v
qciE6wRbpuzvptwn5HhW6CxR6nv7HBsRrqVG1fU2Cm1nPYWnuNLNQBo/DxOihHV7
2OPLBb1w/Hlf5zpdrvu4opBzuBm4xAqeG6OzAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUhZBq/WSElWnzr5/Wbb+QtMth9xswHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvaFpCcV9XU0VsV256cjVfV2JiLVF0
TXRoOXhzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBtLIQDAN
BgkqhkiG9w0BAQsFAAOCAQEAJw5pJQMArRfJyzqQFMaiQ0sgXPoUavknKSkjAN/Q
XGI3SQdfGQ/z2CxxJRzxGgfH6qPiYLyHYodgyw6WlDssyqZRh9CjW6snDYiLn15Y
itoyBWnM9Wr12Lj/PKu4Do0KH1RWqYFLNbiW94CxZaNQNjJDmg6YYQOe1iZHn8mF
gjgPt2kXNm+BaIJQLrmUBbrxej9ZAgIH2r7Ig7Y+daCbFYYfua+j0Cz2/dVU4R8L
h1KyRiW92+fSePrcv8kHEbPXccfFgpqEwxhKiUABuIDeOn8Vy8UBvRwJjGpTLifT
8k3iStadE0I236+TcuKquKykphRLLDcpetVSlfW2UV+0Xg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org