Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/r1VW9TpzHmf70qTLHEdx2yC46ok.roa
File:                     r1VW9TpzHmf70qTLHEdx2yC46ok.roa (raw, json)
Hash identifier:          ahHgPMvsjAmbVHQ43K08dd1+OwLsvm4P1uDs6PUDs8w=
Subject key identifier:   AF:55:56:F5:3A:73:1E:67:FB:D2:A4:CB:1C:47:71:DB:20:B8:EA:89
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0C1B
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/r1VW9TpzHmf70qTLHEdx2yC46ok.roa
Signing time:             Sun 07 Feb 2021 11:34:55 +0000
ROA not before:           Sun 07 Feb 2021 11:34:55 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     17709
IP address blocks:        210.202.192.0/18 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3099 (0xc1b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Feb  7 11:34:55 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=AF5556F53A731E67FBD2A4CB1C4771DB20B8EA89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:26:a7:62:dd:c6:41:7a:dc:3a:4c:10:e1:2f:
                    f8:54:b1:93:12:ee:22:77:b5:95:cf:11:c1:54:61:
                    d2:f4:fd:d5:5d:43:a1:68:cd:2a:59:4a:39:05:05:
                    ee:01:97:27:5e:cd:be:32:5e:d8:61:cf:34:c6:64:
                    6b:1a:4f:fe:e3:14:fe:ea:34:d6:c6:6a:c6:22:07:
                    c3:3a:57:8f:6d:33:ea:fe:f5:d9:5c:45:66:d4:55:
                    cd:fd:6f:39:c6:11:17:46:2f:8b:6a:f1:e8:0c:21:
                    83:94:fd:e8:94:13:95:5c:c6:50:a8:4f:e6:22:7c:
                    b2:2b:88:e5:0c:05:35:f3:98:27:4d:74:ea:9f:06:
                    6e:6d:5f:59:02:b6:76:49:73:29:b0:a8:53:ee:b4:
                    d2:ce:fd:92:17:d5:d5:a7:6e:0c:b1:06:db:76:0e:
                    23:47:50:9f:cf:1d:d2:e5:0d:f3:08:5a:73:ab:e4:
                    bd:82:43:bd:d5:2f:e3:aa:3f:0c:fd:60:3b:95:3f:
                    f5:3a:21:3f:ee:88:6f:ff:2d:a7:41:ee:a6:08:c9:
                    59:e8:4e:75:a4:53:d7:77:e1:f4:41:77:25:97:25:
                    05:64:69:59:ed:ef:03:2b:94:91:e3:2e:c4:3a:67:
                    15:f8:a5:a7:d2:24:26:90:88:20:31:0d:ea:f3:65:
                    e4:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:55:56:F5:3A:73:1E:67:FB:D2:A4:CB:1C:47:71:DB:20:B8:EA:89
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/r1VW9TpzHmf70qTLHEdx2yC46ok.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.202.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         7d:01:d8:24:cc:c8:2e:54:b4:28:26:af:3e:90:30:0a:8e:e1:
         90:ad:c2:0e:5b:74:6e:7d:e5:0f:f0:ba:01:f5:33:53:18:06:
         ce:5b:55:ce:00:27:8c:41:fa:e2:5f:be:e5:fe:36:93:a9:28:
         b2:2a:82:de:bb:e0:76:bf:c9:e6:99:a4:7d:7b:ee:75:c8:21:
         98:e1:83:0e:12:50:d7:07:ca:42:15:38:a4:14:10:3b:d8:37:
         eb:0c:3d:77:82:35:fd:4f:a9:7e:9e:b5:78:26:a8:99:f2:52:
         28:3f:01:52:58:5b:34:2b:84:b9:d5:0c:9d:d0:5c:27:65:f0:
         5f:fc:f7:a0:00:52:d9:a5:fb:93:d9:54:21:f6:53:37:9a:0c:
         75:5b:b8:ae:c2:80:41:d6:8f:d7:1e:44:05:b0:82:18:51:05:
         24:dc:a8:58:b6:e6:4b:32:40:71:48:5d:13:f8:21:49:78:2d:
         09:ca:92:98:50:29:5b:1b:f2:ab:eb:48:60:6e:7c:fb:96:ca:
         3f:e0:97:11:b9:e1:96:a4:ee:bd:16:4b:19:bc:81:01:42:16:
         84:14:73:fa:40:d7:8a:02:92:bb:b8:f5:8b:fb:63:8f:91:06:
         3f:99:21:19:8a:88:b1:8a:70:dd:79:c7:10:e8:80:a9:d9:b8:
         6a:cf:d0:da
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDBswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAyMDcx
MTM0NTVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEFGNTU1NkY1M0E3MzFF
NjdGQkQyQTRDQjFDNDc3MURCMjBCOEVBODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjJqdi3cZBetw6TBDhL/hUsZMS7iJ3tZXPEcFUYdL0/dVdQ6Fo
zSpZSjkFBe4Blydezb4yXthhzzTGZGsaT/7jFP7qNNbGasYiB8M6V49tM+r+9dlc
RWbUVc39bznGERdGL4tq8egMIYOU/eiUE5VcxlCoT+YifLIriOUMBTXzmCdNdOqf
Bm5tX1kCtnZJcymwqFPutNLO/ZIX1dWnbgyxBtt2DiNHUJ/PHdLlDfMIWnOr5L2C
Q73VL+OqPwz9YDuVP/U6IT/uiG//LadB7qYIyVnoTnWkU9d34fRBdyWXJQVkaVnt
7wMrlJHjLsQ6ZxX4pafSJCaQiCAxDerzZeQbAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUr1VW9TpzHmf70qTLHEdx2yC46okwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvcjFWVzlUcHpIbWY3MHFUTEhFZHgy
eUM0Nm9rLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBtLKwDAN
BgkqhkiG9w0BAQsFAAOCAQEAfQHYJMzILlS0KCavPpAwCo7hkK3CDlt0bn3lD/C6
AfUzUxgGzltVzgAnjEH64l++5f42k6kosiqC3rvgdr/J5pmkfXvudcghmOGDDhJQ
1wfKQhU4pBQQO9g36ww9d4I1/U+pfp61eCaomfJSKD8BUlhbNCuEudUMndBcJ2Xw
X/z3oABS2aX7k9lUIfZTN5oMdVu4rsKAQdaP1x5EBbCCGFEFJNyoWLbmSzJAcUhd
E/ghSXgtCcqSmFApWxvyq+tIYG58+5bKP+CXEbnhlqTuvRZLGbyBAUIWhBRz+kDX
igKSu7j1i/tjj5EGP5khGYqIsYpw3XnHEOiAqdm4as/Q2g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org