Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/hqO4qfUzrAUBBvuFruEXOad4rpI.roa
File:                     hqO4qfUzrAUBBvuFruEXOad4rpI.roa (raw, json)
Hash identifier:          uxlq3QmBX9bRfdP0AQLX0NAHMGTcoDe7rEnn2rsViZQ=
Subject key identifier:   86:A3:B8:A9:F5:33:AC:05:01:06:FB:85:AE:E1:17:39:A7:78:AE:92
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       1311
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/hqO4qfUzrAUBBvuFruEXOad4rpI.roa
Signing time:             Fri 01 Sep 2023 08:05:20 +0000
ROA not before:           Fri 01 Sep 2023 08:05:20 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     18419
IP address blocks:        124.218.112.0/21 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4881 (0x1311)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep  1 08:05:20 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=86A3B8A9F533AC050106FB85AEE11739A778AE92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:31:ac:0d:57:24:63:02:9d:fa:37:02:1a:0a:
                    92:73:05:0a:ec:80:5e:22:a6:53:c2:66:b4:eb:a5:
                    18:83:35:1d:e7:be:0a:89:8e:b8:ca:fc:8c:96:91:
                    3e:e6:fa:9f:78:d2:07:09:a6:a9:2b:c0:38:32:66:
                    1b:2c:86:ec:58:9c:a5:1d:f9:f7:da:81:76:dd:7d:
                    96:e6:d9:12:53:ab:23:4e:fa:7a:5c:8c:c9:63:bb:
                    6e:64:1d:f5:65:ba:4f:ed:8a:9f:d6:0c:e4:ae:81:
                    2a:8a:9d:2a:04:7f:67:88:cf:fa:d6:ed:5e:b3:40:
                    c0:15:1e:22:d3:e9:bc:d3:c0:a5:3b:9b:aa:cd:47:
                    93:ce:8c:5c:f4:d0:70:85:38:ec:7c:3e:b4:d3:33:
                    ec:0a:3d:96:17:d9:8f:ba:94:bc:50:f6:64:97:46:
                    05:46:20:4e:87:56:66:7e:e3:75:a0:9c:66:63:38:
                    48:f2:ea:13:0b:52:95:7d:54:69:f6:41:4a:49:4f:
                    c9:c3:92:30:c3:9b:cb:ac:4e:82:90:f2:b7:9e:fc:
                    a7:99:40:c2:97:be:93:ce:60:7b:c2:9e:51:04:cb:
                    9e:74:9d:eb:47:09:cf:5e:76:fc:70:0c:73:f5:65:
                    44:38:d2:6e:d2:26:f1:3a:f9:16:e8:13:e7:6a:24:
                    4b:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:A3:B8:A9:F5:33:AC:05:01:06:FB:85:AE:E1:17:39:A7:78:AE:92
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/hqO4qfUzrAUBBvuFruEXOad4rpI.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  124.218.112.0/21

    Signature Algorithm: sha256WithRSAEncryption
         b7:2c:85:ad:1e:0c:7c:d8:98:65:19:4c:49:93:bb:9b:7f:02:
         39:ba:79:0c:bb:b0:ec:65:3d:37:6d:3c:c4:91:5f:a2:0e:10:
         8f:6f:4b:97:26:c0:34:6d:7a:4f:87:c1:b8:ec:e8:ae:24:69:
         97:d5:9c:e6:15:cc:41:2b:68:7a:f8:1d:10:29:9d:45:7f:01:
         1d:a2:60:c6:17:da:40:4e:57:d8:30:63:38:00:91:cc:a2:b8:
         fe:43:04:84:b1:4b:49:7b:71:81:f5:39:94:cf:cd:3c:68:c4:
         fe:e9:40:2e:5f:de:a4:b5:2e:34:41:54:e6:55:0c:94:ce:5a:
         ca:23:d1:33:87:22:8e:f3:87:9a:87:8a:5d:02:84:7c:0e:41:
         39:64:d1:e3:6e:58:4b:5e:03:c2:5d:dd:94:cd:67:e9:17:5c:
         7b:bc:2e:70:c0:37:3e:41:d3:a8:3f:b0:91:fb:27:dc:a8:82:
         01:28:53:15:9d:b4:50:14:bc:00:09:94:82:7c:9e:98:93:63:
         55:66:59:6d:fa:46:21:18:4f:bf:50:2a:99:46:84:6d:ee:1b:
         e6:6e:91:97:1f:76:73:93:d2:89:1f:17:c5:3e:49:77:92:ac:
         a6:6d:fd:7c:6c:70:cc:7f:cd:21:78:e3:8b:eb:eb:f3:3d:6d:
         60:24:ea:9b
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICExEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MjBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDg2QTNCOEE5RjUzM0FD
MDUwMTA2RkI4NUFFRTExNzM5QTc3OEFFOTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaMawNVyRjAp36NwIaCpJzBQrsgF4iplPCZrTrpRiDNR3nvgqJ
jrjK/IyWkT7m+p940gcJpqkrwDgyZhsshuxYnKUd+ffagXbdfZbm2RJTqyNO+npc
jMlju25kHfVluk/tip/WDOSugSqKnSoEf2eIz/rW7V6zQMAVHiLT6bzTwKU7m6rN
R5POjFz00HCFOOx8PrTTM+wKPZYX2Y+6lLxQ9mSXRgVGIE6HVmZ+43WgnGZjOEjy
6hMLUpV9VGn2QUpJT8nDkjDDm8usToKQ8ree/KeZQMKXvpPOYHvCnlEEy550netH
Cc9edvxwDHP1ZUQ40m7SJvE6+RboE+dqJEufAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUhqO4qfUzrAUBBvuFruEXOad4rpIwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvaHFPNHFmVXpyQVVCQnZ1RnJ1RVhP
YWQ0cnBJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3zacDAN
BgkqhkiG9w0BAQsFAAOCAQEAtyyFrR4MfNiYZRlMSZO7m38CObp5DLuw7GU9N208
xJFfog4Qj29LlybANG16T4fBuOzoriRpl9Wc5hXMQStoevgdECmdRX8BHaJgxhfa
QE5X2DBjOACRzKK4/kMEhLFLSXtxgfU5lM/NPGjE/ulALl/epLUuNEFU5lUMlM5a
yiPRM4cijvOHmoeKXQKEfA5BOWTR425YS14Dwl3dlM1n6Rdce7wucMA3PkHTqD+w
kfsn3KiCAShTFZ20UBS8AAmUgnyemJNjVWZZbfpGIRhPv1AqmUaEbe4b5m6Rlx92
c5PSiR8XxT5Jd5Kspm39fGxwzH/NIXjji+vr8z1tYCTqmw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:01 2024 by rpki-client on console-ams.rpki-client.org