Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/oGAiwlHYDDoZNIiY1tOZXCFSSNU.roa
File:                     oGAiwlHYDDoZNIiY1tOZXCFSSNU.roa (raw, json)
Hash identifier:          vqdboyC8K+s4+K/2kjA650e3MwRP4Yd0w1MndN9SkSI=
Subject key identifier:   A0:60:22:C2:51:D8:0C:3A:19:34:88:98:D6:D3:99:5C:21:52:48:D5
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0DFC
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/oGAiwlHYDDoZNIiY1tOZXCFSSNU.roa
Signing time:             Wed 29 Sep 2021 02:39:49 +0000
ROA not before:           Wed 29 Sep 2021 02:39:49 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     24155
IP address blocks:        210.63.224.0/21 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3580 (0xdfc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 29 02:39:49 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=A06022C251D80C3A19348898D6D3995C215248D5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:af:4b:63:4c:af:55:70:18:fd:01:7c:c8:8b:
                    8e:ae:8d:81:bf:d8:68:a9:88:7d:64:c9:f8:ea:9a:
                    1c:c2:2d:74:86:a3:08:9b:96:60:d6:b1:3b:9e:b8:
                    b3:92:8f:5e:1e:44:68:3d:a5:8c:cd:f0:cb:a7:96:
                    dd:f7:e0:b2:2b:37:ac:1f:1b:04:9e:26:76:53:c4:
                    96:75:52:02:21:c7:02:fe:d6:85:44:01:e2:5c:a2:
                    9e:9b:4b:ff:66:e2:68:ce:e4:a5:e6:24:89:bb:18:
                    54:81:2d:53:6c:7f:b7:a6:d4:b4:cc:c5:ec:97:bb:
                    ba:01:b2:b5:db:c0:a5:30:49:c0:40:7c:0d:83:37:
                    1a:80:06:97:41:67:41:24:c5:c7:94:b6:71:52:a1:
                    fb:1f:62:56:45:10:74:53:d6:0a:b1:ce:a7:33:ea:
                    e9:5b:12:50:ae:c6:a7:9f:92:56:f8:da:a3:fd:36:
                    f7:77:97:bf:b7:27:7f:d6:91:d2:f2:10:aa:40:22:
                    6e:d2:c0:b6:1d:f7:47:dd:60:00:6d:9f:e5:76:1c:
                    98:c5:8e:46:2a:d3:0b:01:c1:01:3a:0c:a4:ea:6c:
                    ff:32:93:ba:7c:cb:b7:c8:ab:0e:f9:27:2e:91:dc:
                    fb:ab:54:8d:7c:2c:da:2f:6d:e5:35:6b:c1:64:9e:
                    e8:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:60:22:C2:51:D8:0C:3A:19:34:88:98:D6:D3:99:5C:21:52:48:D5
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/oGAiwlHYDDoZNIiY1tOZXCFSSNU.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.63.224.0/21

    Signature Algorithm: sha256WithRSAEncryption
         64:f5:0e:d2:42:22:aa:4c:cf:68:ec:44:83:37:be:56:21:18:
         b9:52:86:01:e9:31:02:ef:41:4c:73:06:fc:6d:51:7b:e5:66:
         cb:a2:56:84:3d:48:17:81:8a:56:72:58:85:a7:b7:81:3d:e7:
         73:ae:64:65:76:74:62:f0:a2:36:ec:22:df:2e:78:6e:b4:85:
         15:3c:8a:16:8f:db:5f:49:91:25:0f:dd:b0:ae:ac:82:2c:c9:
         20:97:22:e2:f0:02:d7:39:37:34:c1:00:7c:8a:f7:32:7f:ab:
         be:4e:98:6e:44:44:17:cf:7a:1b:71:fc:32:85:2b:b1:43:a5:
         27:81:64:42:0f:04:86:9b:e0:b1:0d:48:20:e7:b0:29:2b:23:
         03:9e:59:c4:10:24:32:8c:d6:14:34:76:6d:70:88:cd:4a:75:
         2b:17:a4:70:36:92:e8:33:83:3f:f9:b1:c8:29:27:74:7e:12:
         51:5a:cc:34:1d:ce:e2:62:b8:ff:dd:a6:93:28:8e:98:11:9b:
         b6:49:97:eb:fd:ed:3a:a9:62:2b:25:61:bb:dc:d6:70:52:85:
         ae:99:be:7e:4e:95:4a:3c:76:4c:14:71:24:eb:e9:35:4f:ba:
         4a:4f:ee:b1:f9:d9:68:b3:ef:ac:9f:1f:18:6f:94:b0:88:fc:
         c8:c2:ff:6b
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDfwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5NDlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEEwNjAyMkMyNTFEODBD
M0ExOTM0ODg5OEQ2RDM5OTVDMjE1MjQ4RDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtr0tjTK9VcBj9AXzIi46ujYG/2GipiH1kyfjqmhzCLXSGowib
lmDWsTueuLOSj14eRGg9pYzN8Munlt334LIrN6wfGwSeJnZTxJZ1UgIhxwL+1oVE
AeJcop6bS/9m4mjO5KXmJIm7GFSBLVNsf7em1LTMxeyXu7oBsrXbwKUwScBAfA2D
NxqABpdBZ0EkxceUtnFSofsfYlZFEHRT1gqxzqcz6ulbElCuxqefklb42qP9Nvd3
l7+3J3/WkdLyEKpAIm7SwLYd90fdYABtn+V2HJjFjkYq0wsBwQE6DKTqbP8yk7p8
y7fIqw75Jy6R3PurVI18LNovbeU1a8FknuifAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUoGAiwlHYDDoZNIiY1tOZXCFSSNUwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvb0dBaXdsSFlERG9aTklpWTF0T1pY
Q0ZTU05VLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA9I/4DAN
BgkqhkiG9w0BAQsFAAOCAQEAZPUO0kIiqkzPaOxEgze+ViEYuVKGAekxAu9BTHMG
/G1Re+Vmy6JWhD1IF4GKVnJYhae3gT3nc65kZXZ0YvCiNuwi3y54brSFFTyKFo/b
X0mRJQ/dsK6sgizJIJci4vAC1zk3NMEAfIr3Mn+rvk6YbkREF896G3H8MoUrsUOl
J4FkQg8EhpvgsQ1IIOewKSsjA55ZxBAkMozWFDR2bXCIzUp1KxekcDaS6DODP/mx
yCkndH4SUVrMNB3O4mK4/92mkyiOmBGbtkmX6/3tOqliKyVhu9zWcFKFrpm+fk6V
Sjx2TBRxJOvpNU+6Sk/usfnZaLPvrJ8fGG+UsIj8yML/aw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:01 2024 by rpki-client on console-ams.rpki-client.org