Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/viVblW2D-lTFnN10xBTbr86Ybkc.roa
File:                     viVblW2D-lTFnN10xBTbr86Ybkc.roa (raw, json)
Hash identifier:          dhUj2hhl94aFOSnnu4o6l2t9XUyCLduKZNZyaMR06cI=
Subject key identifier:   BE:25:5B:95:6D:83:FA:54:C5:9C:DD:74:C4:14:DB:AF:CE:98:6E:47
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0ACA
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/viVblW2D-lTFnN10xBTbr86Ybkc.roa
Signing time:             Thu 21 Jan 2021 01:32:04 +0000
ROA not before:           Thu 21 Jan 2021 01:32:04 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     22787
IP address blocks:        210.58.89.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2762 (0xaca)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Jan 21 01:32:04 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=BE255B956D83FA54C59CDD74C414DBAFCE986E47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:19:53:e8:a3:e6:e0:c0:92:ff:47:cd:90:a9:
                    4a:dc:2a:13:7b:6d:8f:e2:a6:4d:25:82:8f:c2:97:
                    b4:20:8e:ed:e0:51:a0:98:92:fc:07:f0:e7:77:bd:
                    49:0c:08:12:be:5b:af:74:ef:42:c2:66:70:5b:60:
                    6d:64:35:e1:f4:db:a7:db:e0:b1:63:5f:a8:90:65:
                    80:1d:fa:26:7f:0c:47:10:b5:60:00:92:64:ef:c0:
                    42:c0:9d:a4:f7:60:e7:1a:93:5f:37:6b:eb:e4:a8:
                    1d:46:d7:e0:f2:e0:59:30:82:6f:ff:0c:0e:35:b5:
                    bc:44:5a:a2:01:ac:6f:1a:ed:25:40:cc:4f:4b:6d:
                    dc:7b:72:8d:4f:74:2b:87:31:8f:57:cb:22:c5:86:
                    7c:9d:14:b0:7e:48:59:3f:0a:d7:e6:92:d6:e4:59:
                    c8:7b:76:0a:af:a4:95:d4:21:74:27:e3:cc:ed:f7:
                    19:d3:c3:2d:f1:12:1a:a9:d6:fa:05:22:40:22:b5:
                    7e:27:d2:03:7e:d7:09:e3:e8:d8:7e:6e:be:bc:8d:
                    a9:74:62:31:b9:8f:02:ec:8a:f9:0b:87:3f:fa:45:
                    5c:d9:a7:4e:5e:9a:9d:d1:df:7c:a0:e5:a0:10:84:
                    d2:c6:ee:6d:24:3c:3f:bd:81:3b:8a:66:e0:b9:5e:
                    f6:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:25:5B:95:6D:83:FA:54:C5:9C:DD:74:C4:14:DB:AF:CE:98:6E:47
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/viVblW2D-lTFnN10xBTbr86Ybkc.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.58.89.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:aa:70:f7:d2:50:46:04:06:35:07:6c:fd:8c:12:e0:d1:b3:
         21:e9:cb:b7:b1:85:ea:11:f8:55:6f:2c:9d:52:41:21:9e:0e:
         10:79:ea:1a:7e:97:06:ec:e0:0f:10:7c:4a:7a:bc:e8:df:b4:
         7e:fe:f2:fa:01:22:f2:05:21:66:ee:04:b0:55:e3:66:89:02:
         f5:1e:58:90:3e:bd:bd:ff:b6:04:07:4a:09:24:ca:53:e7:cb:
         4a:03:2c:a9:10:0f:e6:8a:5d:05:e5:81:52:e9:1e:76:e3:96:
         ce:3b:7e:4e:7e:5d:2f:62:1e:4e:5f:1f:2a:4f:a7:2a:01:aa:
         db:e3:e3:35:a3:f8:ac:31:12:db:18:db:98:a4:5b:af:ad:5b:
         58:b7:43:59:f3:e7:be:2f:54:c8:f9:88:c4:0e:5f:8c:05:06:
         8a:fb:90:bb:e0:11:a3:8b:71:f9:b2:74:2a:6d:53:b1:84:cf:
         41:a0:76:a3:9f:97:db:5c:2b:8a:bd:18:75:61:fe:4b:fa:88:
         05:9b:b6:90:44:c3:f5:31:1e:e1:6f:ee:2e:9e:27:62:5a:a0:
         fc:b6:79:c5:ba:6a:92:97:a4:bb:7f:40:79:4f:09:5a:a6:09:
         fe:af:43:4a:d2:ea:36:01:0e:49:9f:b2:9f:43:b0:4a:7d:45:
         9c:36:8a:d1
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCsowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAxMjEw
MTMyMDRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEJFMjU1Qjk1NkQ4M0ZB
NTRDNTlDREQ3NEM0MTREQkFGQ0U5ODZFNDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEGVPoo+bgwJL/R82QqUrcKhN7bY/ipk0lgo/Cl7Qgju3gUaCY
kvwH8Od3vUkMCBK+W69070LCZnBbYG1kNeH026fb4LFjX6iQZYAd+iZ/DEcQtWAA
kmTvwELAnaT3YOcak183a+vkqB1G1+Dy4Fkwgm//DA41tbxEWqIBrG8a7SVAzE9L
bdx7co1PdCuHMY9XyyLFhnydFLB+SFk/CtfmktbkWch7dgqvpJXUIXQn48zt9xnT
wy3xEhqp1voFIkAitX4n0gN+1wnj6Nh+br68jal0YjG5jwLsivkLhz/6RVzZp05e
mp3R33yg5aAQhNLG7m0kPD+9gTuKZuC5XvaXAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUviVblW2D+lTFnN10xBTbr86YbkcwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvdmlWYmxXMkQtbFRGbk4xMHhCVGJy
ODZZYmtjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANI6WTAN
BgkqhkiG9w0BAQsFAAOCAQEAVqpw99JQRgQGNQds/YwS4NGzIenLt7GF6hH4VW8s
nVJBIZ4OEHnqGn6XBuzgDxB8Snq86N+0fv7y+gEi8gUhZu4EsFXjZokC9R5YkD69
vf+2BAdKCSTKU+fLSgMsqRAP5opdBeWBUukeduOWzjt+Tn5dL2IeTl8fKk+nKgGq
2+PjNaP4rDES2xjbmKRbr61bWLdDWfPnvi9UyPmIxA5fjAUGivuQu+ARo4tx+bJ0
Km1TsYTPQaB2o5+X21wrir0YdWH+S/qIBZu2kETD9TEe4W/uLp4nYlqg/LZ5xbpq
kpeku39AeU8JWqYJ/q9DStLqNgEOSZ+yn0OwSn1FnDaK0Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org