Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/im2rVs-MKMgaauEB4nxvHzmQHbU.roa
File:                     im2rVs-MKMgaauEB4nxvHzmQHbU.roa (raw, json)
Hash identifier:          nDwCwfjxy+r/uV2p0jfvfyczi8WmKB4b9crg4MB2+sU=
Subject key identifier:   8A:6D:AB:56:CF:8C:28:C8:1A:6A:E1:01:E2:7C:6F:1F:39:90:1D:B5
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0F63
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/im2rVs-MKMgaauEB4nxvHzmQHbU.roa
Signing time:             Thu 15 Sep 2022 02:39:53 +0000
ROA not before:           Thu 15 Sep 2022 02:39:53 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     17709
IP address blocks:        210.203.20.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3939 (0xf63)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 15 02:39:53 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=8A6DAB56CF8C28C81A6AE101E27C6F1F39901DB5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:51:90:7b:c0:d7:21:66:56:4f:c1:73:79:be:
                    54:3c:11:55:ba:eb:67:5e:61:79:d3:1c:f5:63:f2:
                    bd:00:e2:8c:41:a1:13:86:40:09:bf:dc:6e:bf:3b:
                    7e:95:d7:e1:d7:04:a4:7c:28:e9:05:a2:c5:0a:92:
                    5b:5f:c7:b4:b4:40:1b:66:8b:db:5d:7a:08:21:08:
                    6f:68:ff:1d:c9:91:11:33:fd:bf:54:21:0d:f5:2e:
                    c0:4f:45:b3:f7:3a:c7:51:bb:bd:a6:03:b3:0c:0d:
                    8a:1e:d4:b5:92:fd:0f:ec:bb:cf:b0:9d:33:2d:75:
                    7f:b0:3a:bb:f2:f3:b0:e0:23:b2:25:be:69:0f:9d:
                    bb:47:5c:1b:ed:3a:8f:0a:a8:81:14:2e:3d:f4:43:
                    5f:38:84:01:5a:21:ae:4d:93:79:79:7d:62:db:3a:
                    23:a6:11:1c:f5:03:94:03:3f:f5:06:e6:2f:ad:5b:
                    29:80:9d:03:9b:ec:82:62:81:82:a5:29:a1:df:00:
                    a9:e2:1d:7a:95:de:76:39:8a:15:6b:1b:cb:f9:a0:
                    55:a7:de:ae:ef:47:08:a1:d0:d6:b5:92:83:5e:73:
                    8e:d8:49:9d:c0:89:f8:b7:4b:9f:1c:93:f8:ab:44:
                    56:87:49:5b:0b:26:25:55:29:e7:6b:36:c3:f1:db:
                    74:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:6D:AB:56:CF:8C:28:C8:1A:6A:E1:01:E2:7C:6F:1F:39:90:1D:B5
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/im2rVs-MKMgaauEB4nxvHzmQHbU.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.203.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         01:f5:c2:15:b0:0d:c4:4b:bb:16:0e:a0:0a:4c:92:44:93:56:
         ef:24:83:55:96:3d:e8:09:1f:61:b1:2e:dd:71:32:06:8e:74:
         c2:12:0f:59:ec:71:8a:14:fb:a7:c8:b9:fb:20:72:83:b6:c8:
         9d:05:2c:d9:0c:af:1a:8f:2b:da:39:1d:c7:5f:a7:10:2f:ed:
         91:f0:bd:35:46:f0:8a:70:cd:ba:91:d0:88:87:e8:06:9e:e3:
         5b:ff:15:e0:4b:4d:f3:14:4b:03:01:cb:45:35:41:b3:dc:7d:
         52:43:72:f0:75:15:98:86:3b:dc:22:ef:96:66:93:5b:29:9e:
         bd:6f:3f:2c:87:7f:8d:ca:a2:9f:a2:2f:7b:dd:dc:cb:01:87:
         bd:9b:6d:00:7c:45:98:3a:84:cc:12:f0:4f:af:5f:4c:a6:4e:
         0c:9f:d5:83:6e:81:82:dd:fa:ce:99:a5:2b:72:82:b1:7c:f1:
         86:1b:6f:8a:ba:38:a5:3e:65:8e:ce:8e:20:b5:f7:4c:c2:c4:
         b6:c2:49:7b:d8:63:e8:7f:1f:a4:12:fb:5c:79:5b:23:f3:ca:
         43:03:7d:1a:db:fb:63:1b:e9:44:67:97:95:67:e6:52:01:5e:
         c8:ad:8e:59:5a:4d:c5:50:56:cb:69:c3:d6:66:4a:81:ab:a3:
         69:ca:32:76
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICD2MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMjA5MTUw
MjM5NTNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDhBNkRBQjU2Q0Y4QzI4
QzgxQTZBRTEwMUUyN0M2RjFGMzk5MDFEQjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+UZB7wNchZlZPwXN5vlQ8EVW662deYXnTHPVj8r0A4oxBoROG
QAm/3G6/O36V1+HXBKR8KOkFosUKkltfx7S0QBtmi9tdegghCG9o/x3JkREz/b9U
IQ31LsBPRbP3OsdRu72mA7MMDYoe1LWS/Q/su8+wnTMtdX+wOrvy87DgI7IlvmkP
nbtHXBvtOo8KqIEULj30Q184hAFaIa5Nk3l5fWLbOiOmERz1A5QDP/UG5i+tWymA
nQOb7IJigYKlKaHfAKniHXqV3nY5ihVrG8v5oFWn3q7vRwih0Na1koNec47YSZ3A
ifi3S58ck/irRFaHSVsLJiVVKedrNsPx23RVAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUim2rVs+MKMgaauEB4nxvHzmQHbUwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvaW0yclZzLU1LTWdhYXVFQjRueHZI
em1RSGJVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtLLFDAN
BgkqhkiG9w0BAQsFAAOCAQEAAfXCFbANxEu7Fg6gCkySRJNW7ySDVZY96AkfYbEu
3XEyBo50whIPWexxihT7p8i5+yByg7bInQUs2QyvGo8r2jkdx1+nEC/tkfC9NUbw
inDNupHQiIfoBp7jW/8V4EtN8xRLAwHLRTVBs9x9UkNy8HUVmIY73CLvlmaTWyme
vW8/LId/jcqin6Ive93cywGHvZttAHxFmDqEzBLwT69fTKZODJ/Vg26Bgt36zpml
K3KCsXzxhhtviro4pT5ljs6OILX3TMLEtsJJe9hj6H8fpBL7XHlbI/PKQwN9Gtv7
YxvpRGeXlWfmUgFeyK2OWVpNxVBWy2nD1mZKgaujacoydg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org