Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/hg-T5DTalDdsZ37Okibib29-GkM.roa
File:                     hg-T5DTalDdsZ37Okibib29-GkM.roa (raw, json)
Hash identifier:          4vrxd+hiPgC4Qnx2eJTSHxIuMoqHYRGBsnMlivd1bbQ=
Subject key identifier:   86:0F:93:E4:34:DA:94:37:6C:67:7E:CE:92:26:E2:6F:6F:7E:1A:43
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       12C7
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/hg-T5DTalDdsZ37Okibib29-GkM.roa
Signing time:             Fri 01 Sep 2023 08:04:58 +0000
ROA not before:           Fri 01 Sep 2023 08:04:58 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     17709
IP address blocks:        2404::/36 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4807 (0x12c7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep  1 08:04:58 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=860F93E434DA94376C677ECE9226E26F6F7E1A43
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:ea:fd:7f:60:33:d2:65:29:a5:87:90:5e:0c:
                    39:6c:59:c0:63:f3:1c:7c:9e:57:7b:a0:0f:b9:60:
                    84:1a:07:e9:2a:6d:c3:97:9d:92:d6:b7:e5:70:98:
                    1c:ac:e0:0b:2d:78:27:38:7c:18:3b:9a:82:48:e8:
                    ea:fc:f6:6b:7e:73:cb:53:cb:81:cc:0f:1e:f0:33:
                    bf:e9:95:ca:3f:cd:c6:e6:66:ef:c0:43:56:97:c7:
                    8c:82:b2:f5:13:e2:ff:3c:38:e1:c8:03:54:25:3b:
                    80:6a:9a:29:f5:53:60:ed:fc:54:d0:9a:37:fe:9c:
                    7c:dc:9b:46:0e:48:f5:6c:54:8c:2f:98:cf:a4:48:
                    ec:5d:83:8c:ac:e1:0d:48:a9:21:c4:d2:90:50:67:
                    34:b7:4e:75:db:54:02:90:2e:96:c5:74:de:5c:94:
                    92:9d:1e:71:0e:29:de:5d:36:aa:ab:2f:e3:ce:4f:
                    32:b7:1f:00:9e:4a:01:e5:1b:6c:5b:47:a5:c0:e6:
                    2a:ad:c9:20:05:e3:fa:01:11:21:e6:de:72:9d:72:
                    a4:ff:4e:4e:cb:34:a0:67:cc:d2:e6:cf:0b:ab:cf:
                    35:a9:b1:98:07:ce:ea:38:d5:95:dc:a9:35:49:8c:
                    91:35:63:09:ba:a5:35:75:0b:4d:ca:82:b2:f7:50:
                    06:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:0F:93:E4:34:DA:94:37:6C:67:7E:CE:92:26:E2:6F:6F:7E:1A:43
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/hg-T5DTalDdsZ37Okibib29-GkM.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404::/36

    Signature Algorithm: sha256WithRSAEncryption
         30:c0:76:6c:74:f5:5d:0b:e3:af:fa:3d:40:32:85:de:b6:4d:
         9d:3d:30:a9:b0:dd:71:fc:fb:61:b7:03:7f:a2:e6:e5:0c:0f:
         2f:ca:17:e6:40:3b:8b:06:f4:66:6c:fa:66:ba:cb:dd:26:50:
         2a:7e:7e:e3:b1:7a:53:5b:0a:6c:a7:b1:cb:ca:7c:85:a5:6f:
         11:49:98:5f:35:bf:eb:ae:63:dc:ab:e9:bd:f7:d2:da:e6:0b:
         e4:f2:81:32:b8:33:96:34:f6:40:c6:25:cd:53:a2:99:b2:4b:
         f6:bc:91:19:af:38:9c:e9:92:5f:3a:c3:9a:dd:e5:d4:16:dd:
         f7:11:76:22:e1:ea:54:8d:17:49:60:4d:62:c5:0d:ae:fe:4a:
         4e:e2:a9:00:d3:01:8a:41:14:b4:36:38:6b:c3:cf:e1:ab:14:
         ab:f8:dd:03:5c:a1:c8:86:b3:eb:7a:33:26:3e:df:26:8c:de:
         a1:cf:01:d6:a2:7c:0e:a3:a0:2d:ab:1a:38:ce:53:8e:d8:de:
         04:6f:17:71:dc:16:f2:d6:c4:8f:e2:f2:dc:76:53:b5:35:5d:
         c6:44:86:8b:3a:88:e0:b9:0f:87:22:5b:94:1f:50:7e:75:55:
         8b:7b:8f:38:90:73:04:9e:b4:d5:ad:66:ec:b0:7c:70:30:46:
         48:13:08:e9
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICEscwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0NThaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDg2MEY5M0U0MzREQTk0
Mzc2QzY3N0VDRTkyMjZFMjZGNkY3RTFBNDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDV6v1/YDPSZSmlh5BeDDlsWcBj8xx8nld7oA+5YIQaB+kqbcOX
nZLWt+VwmBys4AsteCc4fBg7moJI6Or89mt+c8tTy4HMDx7wM7/plco/zcbmZu/A
Q1aXx4yCsvUT4v88OOHIA1QlO4Bqmin1U2Dt/FTQmjf+nHzcm0YOSPVsVIwvmM+k
SOxdg4ys4Q1IqSHE0pBQZzS3TnXbVAKQLpbFdN5clJKdHnEOKd5dNqqrL+POTzK3
HwCeSgHlG2xbR6XA5iqtySAF4/oBESHm3nKdcqT/Tk7LNKBnzNLmzwurzzWpsZgH
zuo41ZXcqTVJjJE1Ywm6pTV1C03KgrL3UAb3AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUhg+T5DTalDdsZ37Okibib29+GkMwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvaGctVDVEVGFsRGRzWjM3T2tpYmli
MjktR2tNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCQEAAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAwwHZsdPVdC+Ov+j1AMoXetk2dPTCpsN1x/Pth
twN/oublDA8vyhfmQDuLBvRmbPpmusvdJlAqfn7jsXpTWwpsp7HLynyFpW8RSZhf
Nb/rrmPcq+m999La5gvk8oEyuDOWNPZAxiXNU6KZskv2vJEZrzic6ZJfOsOa3eXU
Ft33EXYi4epUjRdJYE1ixQ2u/kpO4qkA0wGKQRS0Njhrw8/hqxSr+N0DXKHIhrPr
ejMmPt8mjN6hzwHWonwOo6Atqxo4zlOO2N4Ebxdx3Bby1sSP4vLcdlO1NV3GRIaL
OojguQ+HIluUH1B+dVWLe484kHMEnrTVrWbssHxwMEZIEwjp
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org