Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/qck3aqLB8kEzQjcEUMJTJnLflpg.roa
File:                     qck3aqLB8kEzQjcEUMJTJnLflpg.roa (raw, json)
Hash identifier:          /PsBfXynU45OfLREGORbgezirYyIi400DQY7p30/Nmk=
Subject key identifier:   A9:C9:37:6A:A2:C1:F2:41:33:42:37:04:50:C2:53:26:72:DF:96:98
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0DF4
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/qck3aqLB8kEzQjcEUMJTJnLflpg.roa
Signing time:             Wed 29 Sep 2021 02:39:47 +0000
ROA not before:           Wed 29 Sep 2021 02:39:47 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     7482
IP address blocks:        210.203.0.0/18 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3572 (0xdf4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 29 02:39:47 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=A9C9376AA2C1F2413342370450C2532672DF9698
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:76:88:b1:f9:08:22:70:09:01:84:1f:1b:1d:
                    98:b0:80:49:0f:54:4f:4f:c1:69:5c:e5:a8:00:da:
                    00:cd:5d:a7:95:7c:5a:16:67:2c:21:46:ca:f9:74:
                    d1:d8:0b:7f:4b:ca:1d:10:8f:4c:1d:fb:f1:35:db:
                    fa:cc:9e:35:a8:d7:7e:fe:15:62:94:dc:2c:42:6b:
                    24:0e:0c:25:bd:cf:fa:71:cd:93:95:64:f2:7b:3c:
                    f9:ef:4b:4a:1e:56:dc:cd:19:e2:05:b9:06:57:cd:
                    96:c3:63:4d:b5:cf:79:4e:fc:ea:5b:5b:68:9b:00:
                    b1:e5:0d:ca:5a:0d:7b:8c:74:92:0a:a5:1a:12:63:
                    c4:84:6a:d8:de:16:38:cc:f3:3d:7e:1e:d0:97:00:
                    d5:d0:e5:91:34:43:5e:56:6d:56:7b:61:1c:d3:a6:
                    cc:f8:9d:cf:77:b8:5f:4d:00:4b:ff:3c:91:b0:aa:
                    40:28:ef:25:3e:93:87:a3:17:f0:c6:a6:cd:71:d7:
                    00:4b:45:39:ef:d7:c2:4e:13:dd:21:15:d3:c4:3a:
                    6a:d9:38:9b:63:4f:8a:da:ec:54:02:19:e6:94:2c:
                    12:b3:4d:05:45:4b:9d:0d:57:57:d0:7e:11:b8:00:
                    f2:49:bf:71:b5:ca:42:ab:e0:92:63:29:c3:8d:b9:
                    86:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:C9:37:6A:A2:C1:F2:41:33:42:37:04:50:C2:53:26:72:DF:96:98
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/qck3aqLB8kEzQjcEUMJTJnLflpg.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.203.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         82:0f:ac:58:dd:95:21:3b:fd:b7:50:85:1d:0c:59:43:26:c8:
         29:b4:96:e2:b4:5e:0d:68:2d:de:35:e8:5e:42:62:25:a1:46:
         9c:80:de:a8:6a:8d:72:42:e4:78:5e:44:96:9b:16:f9:fc:bc:
         4e:7b:d6:da:fb:d0:b1:49:ce:23:64:e0:3b:f4:4f:c1:51:04:
         cf:92:ae:d9:bd:93:93:4a:74:26:62:3d:b9:d9:87:59:4c:11:
         25:4b:4c:91:de:60:3a:b2:b1:bc:2b:d3:2e:ba:a3:f6:6e:d9:
         3b:51:9b:21:58:10:b9:f0:74:b1:97:72:45:da:83:55:92:3f:
         28:86:71:fe:c6:62:26:0d:d7:9e:bc:82:38:97:95:a1:99:0b:
         07:8a:8a:2e:f1:55:56:48:a7:62:40:1b:66:47:f6:b6:27:28:
         9b:68:76:40:1a:f3:0b:75:2c:d5:ec:35:fe:88:3b:30:16:cd:
         6d:44:1e:43:ee:8a:48:00:4b:9e:95:d5:a4:f5:2e:05:25:71:
         65:a1:5e:c1:21:0c:86:aa:bc:fb:94:bd:c6:e8:ff:b2:9b:61:
         3d:74:d0:b6:30:3f:c6:14:db:b8:aa:62:40:6e:27:53:7e:b5:
         5e:54:87:9d:c4:f5:2a:aa:59:e5:ac:74:f0:d4:1f:4e:12:15:
         47:0e:ae:4d
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDfQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5NDdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEE5QzkzNzZBQTJDMUYy
NDEzMzQyMzcwNDUwQzI1MzI2NzJERjk2OTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCWdoix+QgicAkBhB8bHZiwgEkPVE9PwWlc5agA2gDNXaeVfFoW
ZywhRsr5dNHYC39Lyh0Qj0wd+/E12/rMnjWo137+FWKU3CxCayQODCW9z/pxzZOV
ZPJ7PPnvS0oeVtzNGeIFuQZXzZbDY021z3lO/OpbW2ibALHlDcpaDXuMdJIKpRoS
Y8SEatjeFjjM8z1+HtCXANXQ5ZE0Q15WbVZ7YRzTpsz4nc93uF9NAEv/PJGwqkAo
7yU+k4ejF/DGps1x1wBLRTnv18JOE90hFdPEOmrZOJtjT4ra7FQCGeaULBKzTQVF
S50NV1fQfhG4APJJv3G1ykKr4JJjKcONuYbJAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUqck3aqLB8kEzQjcEUMJTJnLflpgwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvcWNrM2FxTEI4a0V6UWpjRVVNSlRK
bkxmbHBnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBtLLADAN
BgkqhkiG9w0BAQsFAAOCAQEAgg+sWN2VITv9t1CFHQxZQybIKbSW4rReDWgt3jXo
XkJiJaFGnIDeqGqNckLkeF5ElpsW+fy8TnvW2vvQsUnOI2TgO/RPwVEEz5Ku2b2T
k0p0JmI9udmHWUwRJUtMkd5gOrKxvCvTLrqj9m7ZO1GbIVgQufB0sZdyRdqDVZI/
KIZx/sZiJg3XnryCOJeVoZkLB4qKLvFVVkinYkAbZkf2ticom2h2QBrzC3Us1ew1
/og7MBbNbUQeQ+6KSABLnpXVpPUuBSVxZaFewSEMhqq8+5S9xuj/spthPXTQtjA/
xhTbuKpiQG4nU361XlSHncT1KqpZ5ax08NQfThIVRw6uTQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:01 2024 by rpki-client on console-ams.rpki-client.org