Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/kJbrovG4vPHozmA5uZRE2RKh9XY.roa
File:                     kJbrovG4vPHozmA5uZRE2RKh9XY.roa (raw, json)
Hash identifier:          BnyW7+K2daBgECHrhZndtiqRYnuM/oInp4COVKI6pZg=
Subject key identifier:   90:96:EB:A2:F1:B8:BC:F1:E8:CE:60:39:B9:94:44:D9:12:A1:F5:76
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0CA5
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/kJbrovG4vPHozmA5uZRE2RKh9XY.roa
Signing time:             Sun 07 Feb 2021 11:50:13 +0000
ROA not before:           Sun 07 Feb 2021 11:50:13 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     17709
IP address blocks:        202.178.128.0/17 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3237 (0xca5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Feb  7 11:50:13 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=9096EBA2F1B8BCF1E8CE6039B99444D912A1F576
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:89:fb:56:43:2c:21:06:b4:55:13:b6:6d:1a:
                    10:7c:e2:2b:98:a8:4f:ab:63:ff:7d:14:49:1a:bc:
                    4b:54:58:d8:8c:94:05:75:d0:3b:4b:c8:03:79:7d:
                    c9:98:fd:d6:d8:b1:de:e0:65:d0:52:27:a4:24:35:
                    08:3a:a5:b6:8d:d5:64:9f:f5:fb:34:bf:f8:ba:14:
                    13:a8:18:7f:8b:7e:b1:a4:62:98:2e:98:9a:9f:f9:
                    c9:ed:cc:28:a9:b1:82:24:8e:b1:a7:ef:22:53:6c:
                    89:26:d8:1b:ca:85:68:22:d0:83:ec:3b:1a:b0:5a:
                    d0:0c:0c:ba:c5:43:e2:fc:60:af:1e:3e:d7:6b:d0:
                    a4:1a:05:f4:d3:43:5e:e4:08:2c:1b:25:57:68:1a:
                    c0:ac:87:a9:c0:f3:a0:e3:88:84:44:fe:d9:ec:a3:
                    ab:5d:74:09:74:26:ed:a7:cd:8d:37:98:73:00:57:
                    50:05:a0:64:2c:8d:74:f6:b1:46:70:f9:26:be:93:
                    d5:c4:e2:d0:2c:3b:0b:73:85:9f:54:a1:3d:75:b6:
                    86:08:68:96:df:a2:7a:85:2e:ce:fe:d8:9d:3b:8d:
                    dc:7e:6b:1b:6b:d7:df:8f:6d:f6:a1:2d:bf:3d:db:
                    3f:a9:d2:4f:5f:bd:d0:18:27:bc:cd:70:25:45:63:
                    9e:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:96:EB:A2:F1:B8:BC:F1:E8:CE:60:39:B9:94:44:D9:12:A1:F5:76
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/kJbrovG4vPHozmA5uZRE2RKh9XY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.178.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         ad:36:ca:23:6f:e1:6c:68:85:87:54:66:01:4a:90:a5:c3:8d:
         d5:59:62:0d:5d:93:98:d7:73:59:be:b7:0a:c8:8e:86:f5:74:
         7c:73:2b:67:cf:c0:9b:20:48:7a:98:0c:d3:4d:5c:43:04:21:
         57:f8:99:8e:1a:a8:29:01:29:fd:14:dc:bb:5e:2d:d0:d4:fd:
         2b:78:c7:1c:82:d1:67:2f:eb:62:93:e6:0c:4d:be:08:2d:a3:
         0c:af:32:a2:5a:9b:57:be:86:c8:e5:db:56:03:1f:4e:00:4e:
         ab:f6:b8:b7:a0:4a:da:6d:6f:94:e3:f0:93:23:b8:cc:2e:01:
         9a:69:b0:19:0a:fb:53:10:cb:20:e2:bb:4b:8b:18:20:01:a8:
         49:e8:f3:c4:82:f4:c6:21:05:24:f7:2a:f4:90:30:75:12:1f:
         7d:9a:ee:9c:14:0b:89:54:d4:3b:02:60:60:af:f8:57:12:db:
         2d:8d:59:b7:00:d7:d3:1f:85:88:eb:20:fd:d9:58:c8:5b:2f:
         91:4e:54:23:94:84:33:b5:8f:40:d2:77:80:09:b6:4e:2e:d1:
         5f:3e:6f:7a:99:f2:38:05:65:46:68:48:21:63:5f:16:4a:3d:
         7c:fa:4c:5e:5d:84:85:3b:49:09:ed:e1:19:13:8c:98:c0:c1:
         09:ae:4b:36
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDKUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAyMDcx
MTUwMTNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDkwOTZFQkEyRjFCOEJD
RjFFOENFNjAzOUI5OTQ0NEQ5MTJBMUY1NzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCziftWQywhBrRVE7ZtGhB84iuYqE+rY/99FEkavEtUWNiMlAV1
0DtLyAN5fcmY/dbYsd7gZdBSJ6QkNQg6pbaN1WSf9fs0v/i6FBOoGH+LfrGkYpgu
mJqf+cntzCipsYIkjrGn7yJTbIkm2BvKhWgi0IPsOxqwWtAMDLrFQ+L8YK8ePtdr
0KQaBfTTQ17kCCwbJVdoGsCsh6nA86DjiIRE/tnso6tddAl0Ju2nzY03mHMAV1AF
oGQsjXT2sUZw+Sa+k9XE4tAsOwtzhZ9UoT11toYIaJbfonqFLs7+2J07jdx+axtr
19+PbfahLb892z+p0k9fvdAYJ7zNcCVFY54DAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUkJbrovG4vPHozmA5uZRE2RKh9XYwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wva0picm92RzR2UEhvem1BNXVaUkUy
UktoOVhZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB8qygDAN
BgkqhkiG9w0BAQsFAAOCAQEArTbKI2/hbGiFh1RmAUqQpcON1VliDV2TmNdzWb63
CsiOhvV0fHMrZ8/AmyBIepgM001cQwQhV/iZjhqoKQEp/RTcu14t0NT9K3jHHILR
Zy/rYpPmDE2+CC2jDK8yolqbV76GyOXbVgMfTgBOq/a4t6BK2m1vlOPwkyO4zC4B
mmmwGQr7UxDLIOK7S4sYIAGoSejzxIL0xiEFJPcq9JAwdRIffZrunBQLiVTUOwJg
YK/4VxLbLY1ZtwDX0x+FiOsg/dlYyFsvkU5UI5SEM7WPQNJ3gAm2Ti7RXz5vepny
OAVlRmhIIWNfFko9fPpMXl2EhTtJCe3hGROMmMDBCa5LNg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org