Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/rKi5EK5B-Pf66AtinVd32tJlFRc.roa
File:                     rKi5EK5B-Pf66AtinVd32tJlFRc.roa (raw, json)
Hash identifier:          EJdl44kLd5hh231ZOa/KVTCQ8WbWOKpS3tZac5KT8tc=
Subject key identifier:   AC:A8:B9:10:AE:41:F8:F7:FA:E8:0B:62:9D:57:77:DA:D2:65:15:17
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0F63
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/rKi5EK5B-Pf66AtinVd32tJlFRc.roa
Signing time:             Thu 15 Sep 2022 02:39:44 +0000
ROA not before:           Thu 15 Sep 2022 02:39:44 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     7482
IP address blocks:        202.178.128.0/17 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3939 (0xf63)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 15 02:39:44 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=ACA8B910AE41F8F7FAE80B629D5777DAD2651517
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:10:38:de:fa:ab:f5:3f:a6:46:0d:1e:20:3d:
                    0f:e6:3f:c6:3f:04:4c:f1:5b:4b:5f:d8:13:96:a3:
                    bb:a3:f2:42:54:eb:94:9c:c1:f5:e2:98:3c:58:c8:
                    a5:4d:8a:08:25:e7:d3:1e:28:fe:08:9a:90:8d:68:
                    a3:bc:5f:8f:be:20:85:1b:8c:d1:20:ed:36:d2:61:
                    90:d0:c7:f0:75:fb:90:0f:94:61:fd:06:1a:c8:a1:
                    5a:36:44:8c:0b:46:c3:7d:e8:ed:41:ac:c2:9a:81:
                    99:b5:ce:5f:91:1d:ef:cf:71:e8:4a:b9:83:d8:81:
                    1c:bf:61:e3:93:b7:0c:ad:06:b3:e9:f9:76:56:88:
                    f0:8b:7c:3f:35:dd:0a:13:75:fe:28:de:79:f7:f5:
                    0c:e3:78:ca:9d:5e:49:ff:25:25:64:98:8a:fb:f1:
                    de:6b:7f:8f:d6:e7:cf:be:5d:65:77:ff:b3:8a:ab:
                    74:54:30:b3:01:17:a8:87:0f:66:6f:61:21:71:84:
                    4a:1e:03:a3:18:52:d5:e8:50:1c:61:d6:48:b3:f4:
                    e6:1f:5d:5d:00:97:98:ab:41:63:bb:c5:a0:bd:b3:
                    8b:3b:29:9e:d0:af:5e:9e:53:7f:8d:33:1d:98:8c:
                    5b:e4:b5:88:39:7b:31:68:ee:86:e6:6a:a4:c1:5e:
                    3a:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:A8:B9:10:AE:41:F8:F7:FA:E8:0B:62:9D:57:77:DA:D2:65:15:17
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/rKi5EK5B-Pf66AtinVd32tJlFRc.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.178.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         7a:d1:c3:d3:64:a8:88:5b:6c:dc:c0:91:a5:64:1d:57:35:8e:
         4b:c3:e2:b6:b6:cf:86:37:6c:c4:7e:e9:b9:da:a6:04:51:03:
         75:73:ae:1c:ef:e3:54:66:60:00:08:de:a0:d3:71:42:3a:e6:
         8f:5e:3f:48:5a:f3:f4:91:5f:ad:0a:7f:2a:c9:e1:26:0e:cc:
         fd:b7:da:74:99:68:8a:2e:f9:c6:12:9c:0f:ef:db:40:06:2e:
         af:f3:a4:01:b5:af:d4:15:be:da:05:ff:a9:da:fa:17:46:c6:
         4a:f7:3d:3e:da:b0:1a:ee:3f:70:5c:cd:5b:c7:ac:17:fa:9c:
         15:52:19:68:1e:a8:1c:7c:b5:c0:59:c5:ee:ec:48:f9:83:1e:
         a0:de:80:8d:2a:46:7f:a4:02:a2:fe:94:8c:8d:e2:3e:9d:ce:
         1b:30:e9:a6:bd:20:69:19:e1:41:44:2d:78:ad:49:e7:dc:93:
         51:8d:15:ee:4e:9e:03:68:bf:60:d3:77:4f:c8:c8:e5:ca:92:
         2c:17:1f:4c:d4:84:7c:82:0b:78:11:b5:c3:63:a6:23:15:d8:
         4c:5d:05:bb:63:c6:35:8c:96:33:ae:40:6a:f1:1c:f1:29:98:
         f5:cf:4e:a0:76:b0:e3:d1:68:f7:bb:46:77:d9:48:60:40:bc:
         27:60:3f:6c
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICD2MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMjA5MTUw
MjM5NDRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEFDQThCOTEwQUU0MUY4
RjdGQUU4MEI2MjlENTc3N0RBRDI2NTE1MTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoEDje+qv1P6ZGDR4gPQ/mP8Y/BEzxW0tf2BOWo7uj8kJU65Sc
wfXimDxYyKVNiggl59MeKP4ImpCNaKO8X4++IIUbjNEg7TbSYZDQx/B1+5APlGH9
BhrIoVo2RIwLRsN96O1BrMKagZm1zl+RHe/PcehKuYPYgRy/YeOTtwytBrPp+XZW
iPCLfD813QoTdf4o3nn39QzjeMqdXkn/JSVkmIr78d5rf4/W58++XWV3/7OKq3RU
MLMBF6iHD2ZvYSFxhEoeA6MYUtXoUBxh1kiz9OYfXV0Al5irQWO7xaC9s4s7KZ7Q
r16eU3+NMx2YjFvktYg5ezFo7obmaqTBXjotAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUrKi5EK5B+Pf66AtinVd32tJlFRcwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvcktpNUVLNUItUGY2NkF0aW5WZDMy
dEpsRlJjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB8qygDAN
BgkqhkiG9w0BAQsFAAOCAQEAetHD02SoiFts3MCRpWQdVzWOS8PitrbPhjdsxH7p
udqmBFEDdXOuHO/jVGZgAAjeoNNxQjrmj14/SFrz9JFfrQp/KsnhJg7M/bfadJlo
ii75xhKcD+/bQAYur/OkAbWv1BW+2gX/qdr6F0bGSvc9PtqwGu4/cFzNW8esF/qc
FVIZaB6oHHy1wFnF7uxI+YMeoN6AjSpGf6QCov6UjI3iPp3OGzDppr0gaRnhQUQt
eK1J59yTUY0V7k6eA2i/YNN3T8jI5cqSLBcfTNSEfIILeBG1w2OmIxXYTF0Fu2PG
NYyWM65AavEc8SmY9c9OoHaw49Fo97tGd9lIYEC8J2A/bA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org