Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/xuQP3wkb0cr8t03q1UG1qsq6Hbs.roa
File:                     xuQP3wkb0cr8t03q1UG1qsq6Hbs.roa (raw, json)
Hash identifier:          gEyn6FVByUyt911vz0ofEDcZdsnJccfA45MkfAM8Y+k=
Subject key identifier:   C6:E4:0F:DF:09:1B:D1:CA:FC:B7:4D:EA:D5:41:B5:AA:CA:BA:1D:BB
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       12F9
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/xuQP3wkb0cr8t03q1UG1qsq6Hbs.roa
Signing time:             Fri 01 Sep 2023 08:05:14 +0000
ROA not before:           Fri 01 Sep 2023 08:05:14 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     17709
IP address blocks:        210.63.200.0/21 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4857 (0x12f9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep  1 08:05:14 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=C6E40FDF091BD1CAFCB74DEAD541B5AACABA1DBB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:d5:97:37:65:f5:9d:b6:03:63:4d:d7:9f:68:
                    11:57:6f:d8:ad:df:b2:7d:c1:ac:af:3c:c2:0b:ba:
                    9d:e2:56:e9:ba:54:75:78:7e:3a:db:1f:ca:a3:7a:
                    3a:7d:c3:02:48:e4:b3:4a:71:6c:b8:65:93:06:d3:
                    34:30:2a:2a:62:a0:6e:ab:e3:fe:33:27:76:2e:21:
                    37:0b:d5:ce:d5:3e:b4:89:ca:44:5b:2d:62:a6:00:
                    fb:35:9f:ff:78:40:05:5e:dd:8b:19:61:da:f5:ce:
                    ba:7c:23:9b:f3:4b:49:1e:3c:d5:1f:f9:31:a3:33:
                    8d:52:13:b0:27:6b:b5:28:48:b0:84:ef:8f:68:44:
                    07:f1:a3:f9:25:24:3a:5e:50:bd:69:55:1a:87:ae:
                    2d:bc:4f:67:2f:70:e7:c2:71:95:0f:b7:23:df:01:
                    29:30:67:6d:58:8f:3d:fb:e8:42:24:78:d1:a2:23:
                    a9:1f:00:6d:ca:56:d2:47:bc:0e:20:5a:b5:b4:f6:
                    d6:e9:f9:24:c0:02:bb:43:c8:ad:92:0d:43:f3:cb:
                    b5:a9:a9:88:3f:83:ed:6c:2f:a3:e3:3f:69:d4:22:
                    e2:ff:ed:37:2b:c9:6a:1a:ad:51:f9:f1:58:ca:25:
                    bc:cc:f7:d4:fb:43:37:64:e2:e8:99:17:09:77:08:
                    d2:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:E4:0F:DF:09:1B:D1:CA:FC:B7:4D:EA:D5:41:B5:AA:CA:BA:1D:BB
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/xuQP3wkb0cr8t03q1UG1qsq6Hbs.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.63.200.0/21

    Signature Algorithm: sha256WithRSAEncryption
         50:30:fb:3b:57:d9:76:1b:69:ba:6d:01:03:6f:6d:37:dd:ce:
         a5:b9:95:9d:cc:4c:48:b9:dc:0e:22:41:e1:7f:a9:ee:6e:8d:
         85:96:7c:7b:b0:83:4b:2b:39:c3:b3:90:ef:48:ea:d2:ad:d9:
         2e:c9:3d:cb:69:6f:11:1b:8e:42:e6:af:4e:38:54:9d:10:04:
         18:26:02:a1:11:22:78:46:b0:00:ef:60:1f:86:ca:fa:58:59:
         99:bf:63:ce:50:51:36:6e:71:d2:6e:41:cd:28:cb:57:93:be:
         37:01:6c:93:46:19:6d:a3:05:4d:92:56:dc:b8:63:b3:88:8b:
         3e:ae:8a:0b:05:e4:14:ba:c2:61:0c:e9:97:d7:f5:7f:9c:0b:
         64:99:02:9c:0e:b6:8c:3e:cf:a0:e1:bb:e7:bf:e2:61:b2:d2:
         6c:72:1f:58:c8:2f:3f:ff:e3:64:4a:6c:e0:9c:d5:98:5e:ef:
         9f:20:75:a5:34:56:44:fd:05:b8:66:35:7e:6d:22:46:6f:fa:
         46:0c:00:48:4a:1d:dd:46:ae:18:10:dd:71:72:76:f4:59:45:
         3e:90:29:56:f4:8c:4d:dc:5d:53:b5:41:ee:6d:23:86:49:dd:
         5f:a2:88:d1:c5:f4:7e:30:08:a4:ab:a2:d7:95:21:57:c5:50:
         3c:4b:50:b4
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEvkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MTRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEM2RTQwRkRGMDkxQkQx
Q0FGQ0I3NERFQUQ1NDFCNUFBQ0FCQTFEQkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDa1Zc3ZfWdtgNjTdefaBFXb9it37J9wayvPMILup3iVum6VHV4
fjrbH8qjejp9wwJI5LNKcWy4ZZMG0zQwKipioG6r4/4zJ3YuITcL1c7VPrSJykRb
LWKmAPs1n/94QAVe3YsZYdr1zrp8I5vzS0kePNUf+TGjM41SE7Ana7UoSLCE749o
RAfxo/klJDpeUL1pVRqHri28T2cvcOfCcZUPtyPfASkwZ21Yjz376EIkeNGiI6kf
AG3KVtJHvA4gWrW09tbp+STAArtDyK2SDUPzy7WpqYg/g+1sL6PjP2nUIuL/7Tcr
yWoarVH58VjKJbzM99T7Qzdk4uiZFwl3CNKFAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUxuQP3wkb0cr8t03q1UG1qsq6HbswHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wveHVRUDN3a2IwY3I4dDAzcTFVRzFx
c3E2SGJzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA9I/yDAN
BgkqhkiG9w0BAQsFAAOCAQEAUDD7O1fZdhtpum0BA29tN93OpbmVncxMSLncDiJB
4X+p7m6NhZZ8e7CDSys5w7OQ70jq0q3ZLsk9y2lvERuOQuavTjhUnRAEGCYCoREi
eEawAO9gH4bK+lhZmb9jzlBRNm5x0m5BzSjLV5O+NwFsk0YZbaMFTZJW3Lhjs4iL
Pq6KCwXkFLrCYQzpl9f1f5wLZJkCnA62jD7PoOG757/iYbLSbHIfWMgvP//jZEps
4JzVmF7vnyB1pTRWRP0FuGY1fm0iRm/6RgwASEod3UauGBDdcXJ29FlFPpApVvSM
TdxdU7VB7m0jhkndX6KI0cX0fjAIpKui15UhV8VQPEtQtA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org