Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/wbhX-3HtzBmoqprK59x0OkJNe0Y.roa
File:                     wbhX-3HtzBmoqprK59x0OkJNe0Y.roa (raw, json)
Hash identifier:          pfQsp5fCfJFscNaEbs3oqZorIHYyWl8swaXGpKMZ614=
Subject key identifier:   C1:B8:57:FB:71:ED:CC:19:A8:AA:9A:CA:E7:DC:74:3A:42:4D:7B:46
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0F63
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/wbhX-3HtzBmoqprK59x0OkJNe0Y.roa
Signing time:             Thu 15 Sep 2022 02:40:12 +0000
ROA not before:           Thu 15 Sep 2022 02:40:12 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     17709
IP address blocks:        222.157.0.0/16 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3939 (0xf63)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 15 02:40:12 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=C1B857FB71EDCC19A8AA9ACAE7DC743A424D7B46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fa:6a:0f:9b:11:43:e9:19:5c:d8:2c:83:44:1e:
                    19:fa:ce:0d:9a:c0:7d:cc:c4:08:33:4d:ee:f7:5d:
                    5c:76:5e:8e:92:a4:30:b1:b2:ac:72:d8:e5:97:df:
                    1e:2e:6f:6c:1c:c4:19:e2:d6:7f:a8:f6:50:d2:72:
                    63:ff:ca:e3:80:3f:e7:3e:03:ec:28:6a:00:5d:b0:
                    cf:94:56:52:1e:cb:e7:2f:7f:62:ec:95:a5:1c:b6:
                    31:c2:ed:6e:55:fb:e9:03:c6:5d:70:d9:2d:bf:3a:
                    04:dd:57:82:dc:75:20:8a:ec:22:ed:2e:42:18:d2:
                    70:74:0a:bd:23:d2:77:d3:64:c8:27:62:03:eb:8d:
                    dc:dc:4b:18:d1:5d:ed:8d:76:a0:f7:56:1e:8f:a8:
                    9e:fe:0b:08:7d:72:7c:5b:4d:cd:40:d1:7e:ba:57:
                    3f:d9:74:66:f5:f0:7a:d8:dd:7e:75:a6:2e:ca:58:
                    e3:98:0e:a7:28:01:a7:47:59:cd:91:5b:f7:c6:63:
                    46:2f:54:bc:cf:79:21:f5:0f:3d:7e:f5:07:1c:71:
                    7a:82:cf:4d:2e:b9:74:03:20:05:e7:0a:71:af:5b:
                    c5:e1:7c:c2:06:c8:cf:f1:b6:9c:ae:63:10:30:d7:
                    72:76:40:bf:bc:78:b7:c6:9d:03:c8:80:5e:28:6d:
                    9c:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:B8:57:FB:71:ED:CC:19:A8:AA:9A:CA:E7:DC:74:3A:42:4D:7B:46
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/wbhX-3HtzBmoqprK59x0OkJNe0Y.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  222.157.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         17:31:0c:7e:b8:48:89:e4:e2:45:da:10:89:76:91:42:7c:2b:
         7a:b4:26:b8:81:c4:fc:28:ec:8e:4c:16:fa:5b:46:34:e0:cc:
         21:ee:97:46:a2:7b:80:e1:03:df:6f:1e:2d:24:0e:04:56:db:
         e1:f2:bf:c7:bf:d0:1b:cd:fb:57:23:4c:dc:5c:0d:35:50:36:
         5d:98:67:6d:55:9a:2e:22:b7:7c:87:04:a8:f8:df:73:fb:3e:
         b7:59:4b:f6:a6:df:25:7e:20:a2:b0:2d:e5:14:bf:ec:dc:72:
         54:de:49:71:5a:91:18:0f:48:6d:be:f8:6d:1d:28:09:4d:6f:
         d3:ff:d3:8c:54:36:41:96:fd:4f:f1:be:a8:cb:03:e2:26:9d:
         d2:77:b3:7d:17:32:12:31:91:69:61:31:7a:d8:27:2f:66:e6:
         3b:1e:2a:62:29:12:75:9a:43:50:c5:e6:c9:c9:33:4f:48:6c:
         0e:9f:71:57:92:ef:8d:0d:e1:8e:7f:e8:17:28:2f:8a:c9:67:
         58:41:a2:a7:f3:24:b7:fa:1b:df:c2:ca:30:39:1f:bb:ea:43:
         d6:51:bc:56:cb:5e:2e:41:83:c3:d9:af:ca:f5:11:c4:cc:61:
         59:8c:d3:94:d4:74:9c:53:6c:97:c3:48:57:39:0f:92:f7:f7:
         ef:d8:3c:76
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICD2MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMjA5MTUw
MjQwMTJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEMxQjg1N0ZCNzFFREND
MTlBOEFBOUFDQUU3REM3NDNBNDI0RDdCNDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD6ag+bEUPpGVzYLINEHhn6zg2awH3MxAgzTe73XVx2Xo6SpDCx
sqxy2OWX3x4ub2wcxBni1n+o9lDScmP/yuOAP+c+A+woagBdsM+UVlIey+cvf2Ls
laUctjHC7W5V++kDxl1w2S2/OgTdV4LcdSCK7CLtLkIY0nB0Cr0j0nfTZMgnYgPr
jdzcSxjRXe2NdqD3Vh6PqJ7+Cwh9cnxbTc1A0X66Vz/ZdGb18HrY3X51pi7KWOOY
DqcoAadHWc2RW/fGY0YvVLzPeSH1Dz1+9QcccXqCz00uuXQDIAXnCnGvW8XhfMIG
yM/xtpyuYxAw13J2QL+8eLfGnQPIgF4obZzdAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUwbhX+3HtzBmoqprK59x0OkJNe0YwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvd2JoWC0zSHR6Qm1vcXBySzU5eDBP
a0pOZTBZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAN6dMA0G
CSqGSIb3DQEBCwUAA4IBAQAXMQx+uEiJ5OJF2hCJdpFCfCt6tCa4gcT8KOyOTBb6
W0Y04Mwh7pdGonuA4QPfbx4tJA4EVtvh8r/Hv9AbzftXI0zcXA01UDZdmGdtVZou
Ird8hwSo+N9z+z63WUv2pt8lfiCisC3lFL/s3HJU3klxWpEYD0htvvhtHSgJTW/T
/9OMVDZBlv1P8b6oywPiJp3Sd7N9FzISMZFpYTF62CcvZuY7HipiKRJ1mkNQxebJ
yTNPSGwOn3FXku+NDeGOf+gXKC+KyWdYQaKn8yS3+hvfwsowOR+76kPWUbxWy14u
QYPD2a/K9RHEzGFZjNOU1HScU2yXw0hXOQ+S9/fv2Dx2
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org