Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/z2qPcw8TLNX7WosmU5VcfNx80Dk.roa
File:                     z2qPcw8TLNX7WosmU5VcfNx80Dk.roa (raw, json)
Hash identifier:          qg6/SfPuGh2g6tf0NB2T8CLpx6+vbN1f3JXn3PA5Edo=
Subject key identifier:   CF:6A:8F:73:0F:13:2C:D5:FB:5A:8B:26:53:95:5C:7C:DC:7C:D0:39
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       1065
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/z2qPcw8TLNX7WosmU5VcfNx80Dk.roa
Signing time:             Tue 16 May 2023 08:36:09 +0000
ROA not before:           Tue 16 May 2023 08:36:09 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     131142
IP address blocks:        223.22.252.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4197 (0x1065)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: May 16 08:36:09 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=CF6A8F730F132CD5FB5A8B2653955C7CDC7CD039
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:a2:71:4f:ff:78:2e:17:6f:32:0d:0b:58:66:
                    38:56:ad:3a:61:29:5e:0e:46:db:22:19:9e:c4:9d:
                    05:55:ee:24:42:c7:f8:b6:21:c7:81:cf:f9:e7:25:
                    26:28:36:10:a1:40:fa:5c:29:a2:13:f7:e9:dc:88:
                    e5:7d:de:43:8c:e8:b9:ef:92:5d:fc:c6:ae:73:a1:
                    24:f6:48:76:db:35:e0:de:92:a3:8c:41:3c:82:4f:
                    b9:d4:0d:ea:47:86:00:a5:7e:65:b5:8f:55:56:3b:
                    1b:3b:d4:53:4f:9f:d8:ea:66:3d:37:79:83:31:79:
                    f7:60:a8:19:fd:c1:a5:f9:e5:9d:72:fe:c7:f5:ed:
                    c3:bb:5b:da:5b:59:25:ea:08:b2:5b:14:4f:a5:ec:
                    58:33:2d:e1:46:f1:f3:51:4e:40:d3:a9:8d:d9:50:
                    8e:06:6c:75:1a:58:14:da:69:c1:bb:90:d8:21:b1:
                    91:75:b5:54:b9:bb:43:9d:93:27:1f:ff:cd:20:a1:
                    88:83:25:92:d9:48:ac:3f:fc:af:7b:f5:92:21:fa:
                    ba:f9:ce:76:fd:8d:f6:81:18:98:82:8e:ce:e8:3a:
                    b3:08:f0:3c:c7:f3:27:e8:0e:08:24:4f:37:36:78:
                    d9:00:be:24:cc:1e:89:d0:6c:42:53:5f:81:a9:92:
                    fa:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:6A:8F:73:0F:13:2C:D5:FB:5A:8B:26:53:95:5C:7C:DC:7C:D0:39
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/z2qPcw8TLNX7WosmU5VcfNx80Dk.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  223.22.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         15:0a:c6:eb:a2:f4:c1:a1:6d:3f:fd:aa:85:4b:2d:4a:07:46:
         d4:be:6c:9e:fa:8c:96:ef:ed:c5:fd:e0:13:7b:81:d3:ca:da:
         6a:18:d7:84:b5:dd:38:49:d3:b8:41:77:45:c8:e9:da:69:5e:
         e0:8c:e9:8f:b1:4f:89:71:10:d9:c8:6e:7a:04:15:96:ae:b0:
         6e:10:df:a5:e4:7e:29:ab:83:70:1f:7c:d3:3f:65:f7:28:70:
         9e:9d:b9:1d:5a:b2:74:2b:9d:18:97:34:e4:f8:b8:46:7c:da:
         50:ae:11:63:be:4f:d8:d1:11:00:de:61:3c:f0:30:f9:2c:4e:
         0a:a1:4c:57:91:a7:7f:17:15:af:f6:17:ea:64:98:80:6d:bb:
         39:fe:43:d1:a7:03:c0:f3:72:bc:80:93:d1:16:61:9e:1f:c9:
         2e:05:78:5b:a9:97:39:6c:7d:04:e4:25:eb:96:f2:2b:a0:83:
         26:24:84:04:a6:41:77:bb:c0:5c:4c:f0:ce:90:a7:50:39:3a:
         c9:37:22:32:b3:1a:5e:67:9c:c5:b1:0c:25:8d:88:4f:25:e1:
         f8:cc:38:a4:65:ea:39:a1:bc:f3:db:4c:8e:0d:43:6f:de:5c:
         a6:74:7f:43:63:52:08:ea:24:07:87:ff:5e:a0:9f:c3:66:71:
         e1:65:1f:7c
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEGUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2MDlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKENGNkE4RjczMEYxMzJD
RDVGQjVBOEIyNjUzOTU1QzdDREM3Q0QwMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYonFP/3guF28yDQtYZjhWrTphKV4ORtsiGZ7EnQVV7iRCx/i2
IceBz/nnJSYoNhChQPpcKaIT9+nciOV93kOM6Lnvkl38xq5zoST2SHbbNeDekqOM
QTyCT7nUDepHhgClfmW1j1VWOxs71FNPn9jqZj03eYMxefdgqBn9waX55Z1y/sf1
7cO7W9pbWSXqCLJbFE+l7FgzLeFG8fNRTkDTqY3ZUI4GbHUaWBTaacG7kNghsZF1
tVS5u0Odkycf/80goYiDJZLZSKw//K979ZIh+rr5znb9jfaBGJiCjs7oOrMI8DzH
8yfoDggkTzc2eNkAviTMHonQbEJTX4GpkvrzAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUz2qPcw8TLNX7WosmU5VcfNx80DkwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvejJxUGN3OFRMTlg3V29zbVU1VmNm
Tng4MERrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAt8W/DAN
BgkqhkiG9w0BAQsFAAOCAQEAFQrG66L0waFtP/2qhUstSgdG1L5snvqMlu/txf3g
E3uB08raahjXhLXdOEnTuEF3Rcjp2mle4Izpj7FPiXEQ2chuegQVlq6wbhDfpeR+
KauDcB980z9l9yhwnp25HVqydCudGJc05Pi4RnzaUK4RY75P2NERAN5hPPAw+SxO
CqFMV5GnfxcVr/YX6mSYgG27Of5D0acDwPNyvICT0RZhnh/JLgV4W6mXOWx9BOQl
65byK6CDJiSEBKZBd7vAXEzwzpCnUDk6yTciMrMaXmecxbEMJY2ITyXh+Mw4pGXq
OaG889tMjg1Db95cpnR/Q2NSCOokB4f/XqCfw2Zx4WUffA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:02 2024 by rpki-client on console-ams.rpki-client.org