Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/k40J1LKWykcE8j2iAcNAHuHv6ss.roa
File:                     k40J1LKWykcE8j2iAcNAHuHv6ss.roa (raw, json)
Hash identifier:          qAqpvF4J5AX60Vg9RL14u4wrGJsmTHnJfIaGwzvTEEc=
Subject key identifier:   93:8D:09:D4:B2:96:CA:47:04:F2:3D:A2:01:C3:40:1E:E1:EF:EA:CB
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0F63
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/k40J1LKWykcE8j2iAcNAHuHv6ss.roa
Signing time:             Thu 15 Sep 2022 02:39:44 +0000
ROA not before:           Thu 15 Sep 2022 02:39:44 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     17709
IP address blocks:        222.156.0.0/16 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3939 (0xf63)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 15 02:39:44 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=938D09D4B296CA4704F23DA201C3401EE1EFEACB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:89:4e:bc:a6:8f:d8:0a:1b:8b:37:8d:13:3b:
                    f1:a0:be:cf:18:97:3b:3b:eb:72:15:9f:a3:9c:29:
                    29:65:d7:d7:74:ca:15:00:f0:49:55:4c:2e:30:31:
                    d5:73:df:f8:a4:c4:8b:d4:ea:39:0d:a1:47:dd:74:
                    3c:77:c1:58:a2:d0:7d:dc:bf:26:df:8e:1d:fd:be:
                    e5:68:70:0d:0f:fa:90:79:a1:a0:ea:4f:85:7e:1b:
                    4e:6a:cc:1e:c4:f9:6d:1d:60:34:08:25:8c:e0:44:
                    a1:9f:1d:b1:29:99:10:4a:8c:60:bd:6d:5f:68:aa:
                    4a:0b:f8:d2:9e:e4:e1:05:56:ae:47:3b:bb:83:6b:
                    82:6d:d7:ca:67:a8:74:62:d4:ee:a1:25:19:16:07:
                    f6:bb:c2:1a:40:33:40:96:9b:10:c4:63:ed:c8:5a:
                    9e:be:f4:16:c4:e8:99:a2:fd:0f:46:0f:f1:c8:61:
                    9e:6e:8b:57:7a:ed:b4:47:d5:67:73:51:a7:2f:32:
                    69:f9:e0:da:15:d3:0c:4d:b8:c3:24:d8:8a:42:a7:
                    0f:e6:18:03:56:b8:15:58:98:6d:11:3c:73:2e:d6:
                    11:f7:e2:33:e5:df:9d:a8:2e:f8:87:a5:46:9b:72:
                    65:ab:bd:60:45:0a:72:e4:43:71:fb:28:6e:5b:83:
                    54:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:8D:09:D4:B2:96:CA:47:04:F2:3D:A2:01:C3:40:1E:E1:EF:EA:CB
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/k40J1LKWykcE8j2iAcNAHuHv6ss.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  222.156.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         37:1b:25:6a:28:fd:31:ea:7a:b7:2b:25:68:2e:00:c7:e3:13:
         da:4f:0b:6a:b7:99:55:e3:d4:9d:08:74:e5:c4:b1:7b:62:1d:
         9f:7b:ca:97:20:02:ef:17:49:f6:bf:80:12:1f:56:13:e9:bf:
         58:06:ee:26:ee:8b:56:0f:6a:34:af:5f:6d:c2:f7:30:ea:39:
         6b:a6:91:03:97:61:97:34:00:a7:78:e7:13:a0:2b:da:bd:cc:
         02:a9:5d:e6:07:d5:44:57:d7:b4:d3:e0:c5:e1:79:d6:5c:cb:
         e1:1d:67:98:70:35:e7:df:cd:de:24:60:64:25:30:57:a8:6e:
         09:22:f4:ae:49:fd:b8:37:1d:f5:70:c1:bb:11:90:84:99:fa:
         fe:9b:8a:a1:f9:7e:14:34:3a:d2:7a:fe:88:a4:84:d4:5c:30:
         59:29:c3:a3:4f:ac:62:99:26:f5:2e:d2:f8:6b:5e:d7:d9:e0:
         c4:66:9a:d0:30:ca:95:4f:63:41:c7:b0:bf:36:d8:1e:40:f0:
         dd:d5:6f:60:99:29:fd:4d:92:f4:58:93:3c:68:14:8b:c1:8c:
         3e:b5:c0:27:bb:e5:86:74:48:2f:34:93:a1:5c:92:6e:6b:c1:
         94:1c:eb:57:fc:06:39:92:a2:ce:9c:56:d5:bb:f6:a7:39:07:
         f0:bc:ed:af
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICD2MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMjA5MTUw
MjM5NDRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDkzOEQwOUQ0QjI5NkNB
NDcwNEYyM0RBMjAxQzM0MDFFRTFFRkVBQ0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgiU68po/YChuLN40TO/Ggvs8Ylzs763IVn6OcKSll19d0yhUA
8ElVTC4wMdVz3/ikxIvU6jkNoUfddDx3wVii0H3cvybfjh39vuVocA0P+pB5oaDq
T4V+G05qzB7E+W0dYDQIJYzgRKGfHbEpmRBKjGC9bV9oqkoL+NKe5OEFVq5HO7uD
a4Jt18pnqHRi1O6hJRkWB/a7whpAM0CWmxDEY+3IWp6+9BbE6Jmi/Q9GD/HIYZ5u
i1d67bRH1WdzUacvMmn54NoV0wxNuMMk2IpCpw/mGANWuBVYmG0RPHMu1hH34jPl
352oLviHpUabcmWrvWBFCnLkQ3H7KG5bg1SFAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUk40J1LKWykcE8j2iAcNAHuHv6sswHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvazQwSjFMS1d5a2NFOGoyaUFjTkFI
dUh2NnNzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAN6cMA0G
CSqGSIb3DQEBCwUAA4IBAQA3GyVqKP0x6nq3KyVoLgDH4xPaTwtqt5lV49SdCHTl
xLF7Yh2fe8qXIALvF0n2v4ASH1YT6b9YBu4m7otWD2o0r19twvcw6jlrppEDl2GX
NACneOcToCvavcwCqV3mB9VEV9e00+DF4XnWXMvhHWeYcDXn383eJGBkJTBXqG4J
IvSuSf24Nx31cMG7EZCEmfr+m4qh+X4UNDrSev6IpITUXDBZKcOjT6ximSb1LtL4
a17X2eDEZprQMMqVT2NBx7C/NtgeQPDd1W9gmSn9TZL0WJM8aBSLwYw+tcAnu+WG
dEgvNJOhXJJua8GUHOtX/AY5kqLOnFbVu/anOQfwvO2v
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:01 2024 by rpki-client on console-ams.rpki-client.org