Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/qUihS2Ph1xTdPMCtyVvQs4zhuO0.roa
File:                     qUihS2Ph1xTdPMCtyVvQs4zhuO0.roa (raw, json)
Hash identifier:          3x+KpM/duhKqIVDGpztOtat1HMVhPJE3wNd1jkluG5s=
Subject key identifier:   A9:48:A1:4B:63:E1:D7:14:DD:3C:C0:AD:C9:5B:D0:B3:8C:E1:B8:ED
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       1145
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/qUihS2Ph1xTdPMCtyVvQs4zhuO0.roa
Signing time:             Mon 07 Aug 2023 07:47:16 +0000
ROA not before:           Mon 07 Aug 2023 07:47:16 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     17709
IP address blocks:        203.79.128.0/17 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4421 (0x1145)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Aug  7 07:47:16 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=A948A14B63E1D714DD3CC0ADC95BD0B38CE1B8ED
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:fd:ac:16:0f:a7:2d:3c:68:fc:ce:b5:ac:b8:
                    81:5a:38:6d:0c:e9:7b:2e:b2:77:b8:5d:35:c6:46:
                    a7:09:0f:00:71:f0:fe:ff:28:da:18:21:c6:30:d2:
                    94:de:68:fd:13:45:3c:9c:7c:10:5d:ce:55:eb:d8:
                    64:88:6f:cb:8a:f1:4c:79:2e:b5:72:db:98:54:4d:
                    b5:d7:ad:6c:92:2f:38:db:d1:7f:d0:d7:e8:62:b6:
                    b6:3b:30:9d:20:52:dd:8f:d8:74:b5:8c:0a:92:66:
                    2f:a4:19:91:a8:3c:74:a2:7a:c7:e5:df:d7:03:40:
                    98:11:c5:e6:25:23:8c:ad:ef:44:f2:76:d1:ce:c3:
                    93:af:1a:f7:e6:9f:5b:24:22:6a:7c:0a:d4:bd:45:
                    71:16:6f:28:2c:6a:62:b0:8c:78:88:60:88:10:99:
                    dc:41:fe:73:87:5e:c3:ad:f1:25:00:09:89:56:21:
                    93:b3:99:ff:20:d0:2f:4d:74:85:b7:05:77:6d:f7:
                    1a:1e:dc:23:a1:10:7f:7b:b1:53:df:ad:c8:31:23:
                    73:e6:c2:d4:56:e1:bd:29:25:f5:f8:ea:db:c5:d2:
                    de:2d:03:53:fa:a7:3a:77:3c:1a:5d:75:b5:b4:f5:
                    00:84:ed:f3:0d:ea:d7:c7:50:50:f7:84:ab:85:80:
                    eb:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:48:A1:4B:63:E1:D7:14:DD:3C:C0:AD:C9:5B:D0:B3:8C:E1:B8:ED
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/qUihS2Ph1xTdPMCtyVvQs4zhuO0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.79.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         bb:8f:dd:0f:5b:13:17:22:01:e8:01:4c:59:b0:c8:89:5c:ec:
         4e:2b:59:49:c0:3b:0e:64:8c:91:18:da:b9:fe:e4:d1:64:f4:
         af:3b:98:8a:59:9f:3d:93:d3:89:ce:8c:d8:d1:6f:7d:6e:12:
         f7:df:a6:16:ef:24:d4:71:8d:1a:d4:85:97:fd:62:38:3d:aa:
         bd:a7:4a:91:4b:89:83:e2:1d:12:a6:a3:cb:3c:40:a5:57:82:
         3e:58:b9:9e:5d:99:11:57:54:bb:c0:0e:15:45:c1:8d:aa:35:
         a4:8c:1b:bd:a7:a7:38:65:7f:e5:24:7d:0c:1d:61:ab:03:0c:
         53:98:22:26:95:fa:59:ae:7d:95:7c:ca:e8:01:91:4f:70:c2:
         a0:e0:b1:62:2c:a2:e2:a7:fa:c3:fe:e1:18:ea:97:5f:83:27:
         a1:84:f7:c1:2e:d0:26:ec:ba:c4:a5:e6:ae:a3:70:59:87:59:
         2c:e0:1a:a1:e8:2f:35:5f:99:23:23:ff:3e:19:c2:51:b7:bd:
         55:64:64:a2:08:56:d2:f3:ad:76:12:1a:54:a5:e7:9a:fa:36:
         7d:ea:79:4e:9e:7c:11:f8:6c:98:d5:f5:68:df:03:09:ed:36:
         ee:56:d2:af:6a:a2:6e:55:17:88:91:b9:78:22:c4:e2:43:7b:
         5d:ed:54:07
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEUUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA4MDcw
NzQ3MTZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEE5NDhBMTRCNjNFMUQ3
MTRERDNDQzBBREM5NUJEMEIzOENFMUI4RUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDN/awWD6ctPGj8zrWsuIFaOG0M6Xsusne4XTXGRqcJDwBx8P7/
KNoYIcYw0pTeaP0TRTycfBBdzlXr2GSIb8uK8Ux5LrVy25hUTbXXrWySLzjb0X/Q
1+hitrY7MJ0gUt2P2HS1jAqSZi+kGZGoPHSiesfl39cDQJgRxeYlI4yt70TydtHO
w5OvGvfmn1skImp8CtS9RXEWbygsamKwjHiIYIgQmdxB/nOHXsOt8SUACYlWIZOz
mf8g0C9NdIW3BXdt9xoe3COhEH97sVPfrcgxI3PmwtRW4b0pJfX46tvF0t4tA1P6
pzp3PBpddbW09QCE7fMN6tfHUFD3hKuFgOsbAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUqUihS2Ph1xTdPMCtyVvQs4zhuO0wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvcVVpaFMyUGgxeFRkUE1DdHlWdlFz
NHpodU8wLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB8tPgDAN
BgkqhkiG9w0BAQsFAAOCAQEAu4/dD1sTFyIB6AFMWbDIiVzsTitZScA7DmSMkRja
uf7k0WT0rzuYilmfPZPTic6M2NFvfW4S99+mFu8k1HGNGtSFl/1iOD2qvadKkUuJ
g+IdEqajyzxApVeCPli5nl2ZEVdUu8AOFUXBjao1pIwbvaenOGV/5SR9DB1hqwMM
U5giJpX6Wa59lXzK6AGRT3DCoOCxYiyi4qf6w/7hGOqXX4MnoYT3wS7QJuy6xKXm
rqNwWYdZLOAaoegvNV+ZIyP/PhnCUbe9VWRkoghW0vOtdhIaVKXnmvo2fep5Tp58
EfhsmNX1aN8DCe027lbSr2qiblUXiJG5eCLE4kN7Xe1UBw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:01 2024 by rpki-client on console-ams.rpki-client.org