Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/iI_qjvn1pk61ZEwtO4SC_PZC0XA.roa
File:                     iI_qjvn1pk61ZEwtO4SC_PZC0XA.roa (raw, json)
Hash identifier:          iggNtwvos0RenNOyrtdSSPjzCwtms8wz8Bxa7okM2z8=
Subject key identifier:   88:8F:EA:8E:F9:F5:A6:4E:B5:64:4C:2D:3B:84:82:FC:F6:42:D1:70
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       1078
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/iI_qjvn1pk61ZEwtO4SC_PZC0XA.roa
Signing time:             Tue 16 May 2023 08:36:14 +0000
ROA not before:           Tue 16 May 2023 08:36:14 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     7482
IP address blocks:        124.219.0.0/17 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4216 (0x1078)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: May 16 08:36:14 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=888FEA8EF9F5A64EB5644C2D3B8482FCF642D170
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:47:6e:37:dd:4d:c5:80:90:f4:0a:42:81:c7:
                    31:f4:9f:54:f6:75:bb:8e:00:49:01:e7:23:1c:dc:
                    3c:3a:14:c9:76:53:4b:5b:f8:4b:ed:4a:e1:76:5d:
                    42:74:bf:22:02:74:94:b8:1f:a7:26:93:c8:d0:b8:
                    26:6d:99:1a:f4:0f:88:da:0a:c4:61:45:83:97:3d:
                    9c:6e:50:58:70:fd:7b:0e:02:05:a2:78:0c:6f:2c:
                    76:b9:b5:1b:91:cc:fa:0a:5b:c2:e1:b7:f8:80:0b:
                    0d:06:4a:0c:d5:72:4c:4c:2e:37:0f:61:74:0a:9c:
                    4e:2f:e1:cd:21:91:f6:81:cf:bc:14:a1:51:8a:85:
                    16:f3:c6:8e:0f:6f:87:12:53:cf:9b:3d:fa:85:e1:
                    03:78:28:0d:e0:4d:30:51:fa:51:1d:95:de:71:f0:
                    60:13:7a:79:21:40:c7:35:ae:59:dd:c9:fe:2b:a7:
                    32:97:92:b8:f0:8b:65:03:6a:c9:c4:26:03:81:48:
                    55:e3:ff:fd:68:d0:bb:40:07:ce:74:99:bc:dc:4f:
                    29:96:78:bb:b6:6a:3a:a7:21:08:78:07:23:13:97:
                    b5:75:05:29:9f:ff:6f:82:9c:4e:28:65:42:34:19:
                    52:b3:62:6c:e4:cc:9b:98:63:5f:97:6c:09:62:78:
                    1e:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:8F:EA:8E:F9:F5:A6:4E:B5:64:4C:2D:3B:84:82:FC:F6:42:D1:70
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/iI_qjvn1pk61ZEwtO4SC_PZC0XA.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  124.219.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         37:bb:53:f3:10:4b:f8:20:37:c5:4a:52:8d:cd:ef:c3:15:f8:
         56:23:6a:b6:2b:f5:e1:10:16:06:19:25:3c:1d:f0:d7:89:e2:
         45:5e:95:da:f9:63:09:d4:b2:24:3e:79:ae:74:9f:c8:71:74:
         cb:92:ed:29:5b:2b:87:a6:eb:0c:16:a3:95:ea:1b:4f:ca:9a:
         d4:98:ef:52:12:1b:57:0c:96:ff:f2:75:65:36:f6:0f:f8:d3:
         e1:1d:d6:ce:6b:71:e5:d4:d9:b7:06:22:03:f4:45:b8:01:b0:
         de:a0:43:4e:6a:ce:56:b7:12:14:6f:3f:a5:d3:7b:ee:92:e1:
         14:ac:37:da:4f:e4:0c:f1:d8:2a:43:c1:d4:fd:1e:0d:7f:47:
         88:68:a2:83:2e:d0:42:73:41:35:80:94:c9:2c:fc:49:49:46:
         23:5c:a2:e0:e6:21:e6:2f:48:23:fb:64:27:be:f7:35:dc:20:
         b8:2d:1b:d4:c3:02:bf:bb:1b:20:a3:ef:4a:5b:b3:35:d1:11:
         0f:f3:59:fa:98:37:83:f2:ff:0d:73:05:b1:95:84:97:e9:02:
         3d:67:53:5e:1c:2b:6e:7a:e8:82:11:bd:09:74:ba:54:e8:ab:
         09:04:30:fe:51:e2:9e:1e:97:fb:80:e4:2d:a8:17:df:46:66:
         89:f7:6d:88
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEHgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2MTRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDg4OEZFQThFRjlGNUE2
NEVCNTY0NEMyRDNCODQ4MkZDRjY0MkQxNzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBR2433U3FgJD0CkKBxzH0n1T2dbuOAEkB5yMc3Dw6FMl2U0tb
+EvtSuF2XUJ0vyICdJS4H6cmk8jQuCZtmRr0D4jaCsRhRYOXPZxuUFhw/XsOAgWi
eAxvLHa5tRuRzPoKW8Lht/iACw0GSgzVckxMLjcPYXQKnE4v4c0hkfaBz7wUoVGK
hRbzxo4Pb4cSU8+bPfqF4QN4KA3gTTBR+lEdld5x8GATenkhQMc1rlndyf4rpzKX
krjwi2UDasnEJgOBSFXj//1o0LtAB850mbzcTymWeLu2ajqnIQh4ByMTl7V1BSmf
/2+CnE4oZUI0GVKzYmzkzJuYY1+XbAlieB7dAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUiI/qjvn1pk61ZEwtO4SC/PZC0XAwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvaUlfcWp2bjFwazYxWkV3dE80U0Nf
UFpDMFhBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB3zbADAN
BgkqhkiG9w0BAQsFAAOCAQEAN7tT8xBL+CA3xUpSjc3vwxX4ViNqtiv14RAWBhkl
PB3w14niRV6V2vljCdSyJD55rnSfyHF0y5LtKVsrh6brDBajleobT8qa1JjvUhIb
VwyW//J1ZTb2D/jT4R3Wzmtx5dTZtwYiA/RFuAGw3qBDTmrOVrcSFG8/pdN77pLh
FKw32k/kDPHYKkPB1P0eDX9HiGiigy7QQnNBNYCUySz8SUlGI1yi4OYh5i9II/tk
J773NdwguC0b1MMCv7sbIKPvSluzNdERD/NZ+pg3g/L/DXMFsZWEl+kCPWdTXhwr
bnroghG9CXS6VOirCQQw/lHinh6X+4DkLagX30ZmifdtiA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:01 2024 by rpki-client on console-ams.rpki-client.org