Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/hjS8tt_gU4J0oGx3LFW3LhKMV8k.roa
File:                     hjS8tt_gU4J0oGx3LFW3LhKMV8k.roa (raw, json)
Hash identifier:          2kpNmlWGZQL32qbS1qNH6uTAgOSiM37LTfN4R4qHNLI=
Subject key identifier:   86:34:BC:B6:DF:E0:53:82:74:A0:6C:77:2C:55:B7:2E:12:8C:57:C9
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       1034
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/hjS8tt_gU4J0oGx3LFW3LhKMV8k.roa
Signing time:             Tue 16 May 2023 08:35:53 +0000
ROA not before:           Tue 16 May 2023 08:35:53 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     17709
IP address blocks:        210.63.253.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4148 (0x1034)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: May 16 08:35:53 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=8634BCB6DFE0538274A06C772C55B72E128C57C9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:74:26:25:9b:ca:90:11:27:0d:96:71:3b:1c:
                    10:e7:4d:e4:f8:7c:09:01:b5:82:10:c2:77:79:aa:
                    8d:8c:e9:08:11:5f:f9:87:fe:e3:5a:cd:d0:f8:e1:
                    12:f2:6e:2e:57:62:7b:5b:61:bd:16:6d:b7:d4:f0:
                    db:17:7b:e6:f6:14:b3:43:99:9a:01:cc:1d:62:e6:
                    8c:ee:a8:21:39:7c:62:8f:75:03:05:a9:65:d6:26:
                    47:5e:78:1a:65:96:08:ef:a7:a4:47:78:f3:15:c5:
                    53:11:ea:05:32:e5:a1:ed:b3:40:c3:1e:ec:93:a7:
                    e2:b2:7e:ee:5f:3a:b4:70:ea:6d:ff:3c:7c:cf:62:
                    e6:86:3e:4c:f4:56:c3:fc:d0:70:2f:f3:48:0a:77:
                    03:8f:94:f2:85:e5:46:1c:8c:eb:f1:fa:e3:12:5a:
                    08:38:45:f7:d8:4c:cd:f6:e4:c8:7d:ba:c8:ea:c5:
                    20:b7:f1:73:12:f9:e1:64:e0:56:56:a3:ed:4b:44:
                    4f:bb:9a:e5:91:26:84:4b:74:2f:ab:3f:dc:18:55:
                    51:4b:0c:b2:bf:2c:75:6d:6f:d0:34:e3:b2:2d:33:
                    54:fe:e9:2f:b6:29:f9:f7:a8:fc:9b:93:12:18:7a:
                    c5:14:46:39:e6:0f:c1:c7:83:51:1b:ff:4d:f3:ef:
                    ac:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:34:BC:B6:DF:E0:53:82:74:A0:6C:77:2C:55:B7:2E:12:8C:57:C9
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/hjS8tt_gU4J0oGx3LFW3LhKMV8k.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.63.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:d2:a5:f7:21:a3:ad:ca:a7:52:5f:31:47:25:ce:03:70:f4:
         b7:17:e8:ec:f6:48:3e:df:7b:21:53:11:bc:59:24:d8:4c:18:
         39:65:f4:50:2d:2e:f0:46:da:43:d9:c7:b6:a4:57:cb:2f:b9:
         14:ae:e9:0c:1e:c4:20:3e:34:67:db:bf:5a:3f:50:a6:c0:32:
         3c:ad:15:24:cb:2f:59:60:f7:a5:38:c0:4e:df:1c:86:18:85:
         aa:97:51:1e:8f:91:a5:21:0d:3d:70:79:fc:b5:c6:73:36:67:
         4a:19:b6:00:37:b5:85:36:15:0c:0a:7a:6d:f7:c3:24:3f:64:
         e9:7d:48:01:94:2a:94:18:e6:ce:13:4f:23:bb:21:03:e1:fa:
         0a:ad:37:a4:65:33:8e:43:c0:f6:c0:0e:d5:3f:c7:47:b4:68:
         0f:eb:61:8a:b2:cc:4f:88:16:43:c5:23:a3:16:9e:4a:09:9d:
         98:39:03:c0:93:e7:ac:e3:d9:2f:03:f5:76:81:af:e6:af:9a:
         68:33:7a:45:47:3c:a7:04:4f:3a:ec:b2:a7:b1:18:39:a3:f2:
         23:6c:24:ea:f5:90:db:37:6a:d6:16:7f:22:6a:eb:a7:45:91:
         58:94:a9:fc:d8:01:e1:2b:5c:b6:c4:21:5b:b7:0c:68:6a:79:
         90:ae:03:b6
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEDQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM1NTNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDg2MzRCQ0I2REZFMDUz
ODI3NEEwNkM3NzJDNTVCNzJFMTI4QzU3QzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDydCYlm8qQEScNlnE7HBDnTeT4fAkBtYIQwnd5qo2M6QgRX/mH
/uNazdD44RLybi5XYntbYb0WbbfU8NsXe+b2FLNDmZoBzB1i5ozuqCE5fGKPdQMF
qWXWJkdeeBpllgjvp6RHePMVxVMR6gUy5aHts0DDHuyTp+Kyfu5fOrRw6m3/PHzP
YuaGPkz0VsP80HAv80gKdwOPlPKF5UYcjOvx+uMSWgg4RffYTM325Mh9usjqxSC3
8XMS+eFk4FZWo+1LRE+7muWRJoRLdC+rP9wYVVFLDLK/LHVtb9A047ItM1T+6S+2
Kfn3qPybkxIYesUURjnmD8HHg1Eb/03z76yFAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUhjS8tt/gU4J0oGx3LFW3LhKMV8kwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvaGpTOHR0X2dVNEowb0d4M0xGVzNM
aEtNVjhrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANI//TAN
BgkqhkiG9w0BAQsFAAOCAQEAN9Kl9yGjrcqnUl8xRyXOA3D0txfo7PZIPt97IVMR
vFkk2EwYOWX0UC0u8EbaQ9nHtqRXyy+5FK7pDB7EID40Z9u/Wj9QpsAyPK0VJMsv
WWD3pTjATt8chhiFqpdRHo+RpSENPXB5/LXGczZnShm2ADe1hTYVDAp6bffDJD9k
6X1IAZQqlBjmzhNPI7shA+H6Cq03pGUzjkPA9sAO1T/HR7RoD+thirLMT4gWQ8Uj
oxaeSgmdmDkDwJPnrOPZLwP1doGv5q+aaDN6RUc8pwRPOuyyp7EYOaPyI2wk6vWQ
2zdq1hZ/Imrrp0WRWJSp/NgB4StctsQhW7cMaGp5kK4Dtg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org