Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/l3Ccncon1d8I6X_MgHcyQlycU4M.roa
File:                     l3Ccncon1d8I6X_MgHcyQlycU4M.roa (raw, json)
Hash identifier:          qQWOsUqglIayf7/a/tnqaNnTaCnGVwOLM4nhQYn428o=
Subject key identifier:   97:70:9C:9D:CA:27:D5:DF:08:E9:7F:CC:80:77:32:42:5C:9C:53:83
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       10AA
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/l3Ccncon1d8I6X_MgHcyQlycU4M.roa
Signing time:             Tue 16 May 2023 08:36:28 +0000
ROA not before:           Tue 16 May 2023 08:36:28 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     17709
IP address blocks:        124.218.0.0/16 maxlen: 17

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4266 (0x10aa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: May 16 08:36:28 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=97709C9DCA27D5DF08E97FCC807732425C9C5383
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:72:4c:a8:05:4d:b3:26:c5:2d:fe:31:7c:88:
                    b1:bf:9a:14:de:18:c6:05:9a:69:76:ee:67:fe:33:
                    2b:3d:a0:f6:1e:b9:a1:75:94:7e:a0:c9:8c:7a:b9:
                    d9:a7:79:36:33:cf:ee:e2:d2:35:53:c6:0d:c5:7b:
                    6f:fd:8a:5b:ec:bc:32:27:4b:07:08:4c:4d:3e:71:
                    f0:5b:a9:e5:22:b5:fd:bd:c6:ea:b3:95:f0:b2:8b:
                    bf:58:7e:b5:ab:de:12:77:63:58:1d:e9:2b:77:62:
                    57:2e:48:da:77:86:44:f7:a3:b6:8f:04:1e:03:51:
                    f7:51:80:89:88:c9:c8:51:c8:d5:59:22:f5:40:40:
                    e1:12:0d:05:ee:aa:c5:e8:a4:66:07:a2:c1:af:c7:
                    89:34:2d:a7:d1:a0:31:55:6c:f0:aa:87:2f:19:a9:
                    72:92:e8:b5:74:a3:6f:77:b8:61:8e:f7:34:96:40:
                    67:15:26:44:34:50:4c:23:3e:d2:22:5b:be:45:c0:
                    74:39:c2:5c:b4:08:40:f3:2a:d0:0f:60:ea:7e:5c:
                    7c:58:65:bf:3c:ec:9b:0f:79:5f:f3:4b:10:e1:77:
                    ed:52:82:53:b8:71:45:e0:40:30:fa:60:96:97:c6:
                    6e:9e:67:71:ca:f2:0a:1f:e5:94:78:78:09:c7:dc:
                    15:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:70:9C:9D:CA:27:D5:DF:08:E9:7F:CC:80:77:32:42:5C:9C:53:83
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/l3Ccncon1d8I6X_MgHcyQlycU4M.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  124.218.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         85:9d:b8:0f:42:20:ae:26:52:8a:70:2d:aa:c8:4e:af:53:51:
         30:d4:72:4d:7a:3c:08:61:4c:2e:2c:d1:f0:ae:94:c0:5c:53:
         fb:e0:00:aa:72:79:66:dc:e9:4c:d8:2b:63:cb:3a:13:a1:b3:
         8f:06:e9:e2:54:4a:14:f4:1b:83:9b:f6:9a:96:a9:1b:42:eb:
         70:4d:76:0e:fe:59:e0:62:38:26:0b:51:e8:1f:12:64:4e:0f:
         dc:18:90:b2:62:21:9b:5f:18:70:7e:2d:c3:85:50:86:fd:c3:
         bc:a7:ed:8a:b1:58:45:98:d3:6e:4d:f4:a4:fc:e0:de:ca:85:
         42:dd:8b:44:0a:c4:2c:ab:58:62:f4:11:5f:df:17:65:97:2b:
         49:35:20:95:3a:87:c8:82:0b:da:06:88:aa:4e:05:e0:f5:9f:
         6d:21:b1:c6:04:58:2a:73:1f:bf:ad:01:c4:fc:45:4d:e0:6a:
         a6:73:73:94:49:d6:b2:26:bf:c4:2b:aa:5b:02:47:e4:73:0d:
         ff:25:42:82:f2:d5:fc:9c:eb:c5:d9:e8:66:77:f3:f7:3b:e8:
         e8:cf:6b:4b:ac:20:fb:80:e6:46:8e:25:63:7f:15:bb:ee:f7:
         8e:25:86:ec:e6:50:36:14:0a:96:b5:56:6b:b6:d1:c4:50:e2:
         ab:b1:4d:ce
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICEKowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2MjhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDk3NzA5QzlEQ0EyN0Q1
REYwOEU5N0ZDQzgwNzczMjQyNUM5QzUzODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcckyoBU2zJsUt/jF8iLG/mhTeGMYFmml27mf+Mys9oPYeuaF1
lH6gyYx6udmneTYzz+7i0jVTxg3Fe2/9ilvsvDInSwcITE0+cfBbqeUitf29xuqz
lfCyi79YfrWr3hJ3Y1gd6St3YlcuSNp3hkT3o7aPBB4DUfdRgImIychRyNVZIvVA
QOESDQXuqsXopGYHosGvx4k0LafRoDFVbPCqhy8ZqXKS6LV0o293uGGO9zSWQGcV
JkQ0UEwjPtIiW75FwHQ5wly0CEDzKtAPYOp+XHxYZb887JsPeV/zSxDhd+1SglO4
cUXgQDD6YJaXxm6eZ3HK8gof5ZR4eAnH3BW1AgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUl3Ccncon1d8I6X/MgHcyQlycU4MwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvbDNDY25jb24xZDhJNlhfTWdIY3lR
bHljVTRNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAHzaMA0G
CSqGSIb3DQEBCwUAA4IBAQCFnbgPQiCuJlKKcC2qyE6vU1Ew1HJNejwIYUwuLNHw
rpTAXFP74ACqcnlm3OlM2CtjyzoTobOPBuniVEoU9BuDm/aalqkbQutwTXYO/lng
YjgmC1HoHxJkTg/cGJCyYiGbXxhwfi3DhVCG/cO8p+2KsVhFmNNuTfSk/ODeyoVC
3YtECsQsq1hi9BFf3xdllytJNSCVOofIggvaBoiqTgXg9Z9tIbHGBFgqcx+/rQHE
/EVN4Gqmc3OUSdayJr/EK6pbAkfkcw3/JUKC8tX8nOvF2ehmd/P3O+joz2tLrCD7
gOZGjiVjfxW77veOJYbs5lA2FAqWtVZrttHEUOKrsU3O
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:01 2024 by rpki-client on console-ams.rpki-client.org