Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/xMU-bNY-1khiwGLVfvX_6evnMqs.roa
File:                     xMU-bNY-1khiwGLVfvX_6evnMqs.roa (raw, json)
Hash identifier:          dAKHVlZP3dNJr0Yd6N8ReSY9p01/1aVjn/JvyxOeCVg=
Subject key identifier:   C4:C5:3E:6C:D6:3E:D6:48:62:C0:62:D5:7E:F5:FF:E9:EB:E7:32:AB
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0E1E
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/xMU-bNY-1khiwGLVfvX_6evnMqs.roa
Signing time:             Wed 29 Sep 2021 02:39:59 +0000
ROA not before:           Wed 29 Sep 2021 02:39:59 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     24154
IP address blocks:        210.200.0.0/19 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3614 (0xe1e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 29 02:39:59 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=C4C53E6CD63ED64862C062D57EF5FFE9EBE732AB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:66:1a:b1:4a:ba:84:7a:93:e0:3c:8d:97:ab:
                    b9:0a:da:6e:c4:dd:f9:f5:58:cd:94:7f:f2:82:8b:
                    a0:fe:7f:dc:f5:7e:ee:57:05:97:7b:0c:fa:67:b8:
                    b4:47:d5:65:f9:6f:5d:2b:10:66:06:49:ec:87:04:
                    e2:0a:73:60:2b:d8:1d:6d:3a:cd:3a:b2:4a:3a:fa:
                    1b:52:01:2d:db:c5:f0:b1:c5:1d:c2:ed:e0:2b:3c:
                    96:15:62:63:41:b7:47:0a:8e:95:ef:27:ed:36:c8:
                    10:f5:ed:65:2c:67:74:2f:ae:23:d8:14:c1:7f:08:
                    fc:fa:ae:8b:77:46:36:2b:0a:6f:f5:9b:b7:b1:f6:
                    b1:0c:0e:bd:9c:dc:40:7f:d8:4d:a4:bb:e3:4c:3b:
                    d9:88:96:f5:8d:d3:a7:cf:e0:6f:6b:a6:0e:1e:0f:
                    1c:d7:4a:e8:9b:de:c7:49:7b:95:7b:d3:63:15:2e:
                    04:6b:a8:95:e2:d9:f7:3e:42:c1:fb:1e:c1:bb:73:
                    90:0d:69:c6:1a:cc:d4:77:ab:d3:6f:34:29:dd:26:
                    70:ed:49:82:8d:43:6f:ce:71:7d:3e:80:6b:92:de:
                    3f:3f:28:c7:57:7a:44:0f:30:83:fc:39:77:06:1e:
                    e9:e2:d9:91:de:00:8a:b9:0f:b5:7c:85:6f:ba:5d:
                    54:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:C5:3E:6C:D6:3E:D6:48:62:C0:62:D5:7E:F5:FF:E9:EB:E7:32:AB
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/xMU-bNY-1khiwGLVfvX_6evnMqs.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.200.0.0/19

    Signature Algorithm: sha256WithRSAEncryption
         1e:5e:5c:8a:f8:f8:6f:bf:50:0b:8d:7e:40:04:2e:63:03:e1:
         e6:8a:3f:6c:b9:29:42:d1:1d:f8:0a:e0:61:c5:22:f3:47:63:
         2e:fd:a8:bb:35:66:7b:a0:71:fb:4f:b3:9f:4c:b9:11:12:67:
         88:f3:f0:3d:ab:41:c6:ed:66:bb:fa:7d:14:01:ab:1d:37:60:
         6c:38:f9:fa:a8:58:fb:5e:cc:e6:76:e2:5b:96:3b:f6:20:06:
         8a:6c:af:a4:36:f6:b1:2d:1e:43:81:e1:72:f2:62:24:63:5f:
         cf:52:ff:1e:fb:2b:3a:4a:76:69:ed:1b:0c:6d:1d:71:f8:c2:
         47:5b:0f:80:a5:5d:22:a8:89:03:2e:c8:ad:aa:8b:f1:f0:97:
         e5:21:e9:58:3e:e2:46:40:9d:e6:40:63:6c:a7:b0:69:39:a8:
         c4:c6:1e:68:8b:57:6a:92:eb:58:44:19:5f:cc:28:40:02:d7:
         b5:df:e2:7c:27:e7:3e:a9:ca:6e:7a:c9:c9:4a:47:0e:30:f1:
         25:65:c6:f2:ed:67:76:c2:55:65:46:83:88:1f:8f:ba:48:f5:
         a9:02:13:55:92:3b:3f:75:c5:cc:0d:42:0c:32:2b:86:7f:ea:
         3a:3e:3f:89:bb:8e:c1:47:a1:ba:23:e1:13:b0:90:44:cc:3a:
         28:c6:7f:c5
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDh4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5NTlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEM0QzUzRTZDRDYzRUQ2
NDg2MkMwNjJENTdFRjVGRkU5RUJFNzMyQUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBZhqxSrqEepPgPI2Xq7kK2m7E3fn1WM2Uf/KCi6D+f9z1fu5X
BZd7DPpnuLRH1WX5b10rEGYGSeyHBOIKc2Ar2B1tOs06sko6+htSAS3bxfCxxR3C
7eArPJYVYmNBt0cKjpXvJ+02yBD17WUsZ3QvriPYFMF/CPz6rot3RjYrCm/1m7ex
9rEMDr2c3EB/2E2ku+NMO9mIlvWN06fP4G9rpg4eDxzXSuib3sdJe5V702MVLgRr
qJXi2fc+QsH7HsG7c5ANacYazNR3q9NvNCndJnDtSYKNQ2/OcX0+gGuS3j8/KMdX
ekQPMIP8OXcGHuni2ZHeAIq5D7V8hW+6XVSJAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUxMU+bNY+1khiwGLVfvX/6evnMqswHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wveE1VLWJOWS0xa2hpd0dMVmZ2WF82
ZXZuTXFzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdLIADAN
BgkqhkiG9w0BAQsFAAOCAQEAHl5civj4b79QC41+QAQuYwPh5oo/bLkpQtEd+Arg
YcUi80djLv2ouzVme6Bx+0+zn0y5ERJniPPwPatBxu1mu/p9FAGrHTdgbDj5+qhY
+17M5nbiW5Y79iAGimyvpDb2sS0eQ4HhcvJiJGNfz1L/HvsrOkp2ae0bDG0dcfjC
R1sPgKVdIqiJAy7IraqL8fCX5SHpWD7iRkCd5kBjbKewaTmoxMYeaItXapLrWEQZ
X8woQALXtd/ifCfnPqnKbnrJyUpHDjDxJWXG8u1ndsJVZUaDiB+Pukj1qQITVZI7
P3XFzA1CDDIrhn/qOj4/ibuOwUehuiPhE7CQRMw6KMZ/xQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org