Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/zpwHWhGhUnnDr_uA9G6BLlGeTpw.roa
File:                     zpwHWhGhUnnDr_uA9G6BLlGeTpw.roa (raw, json)
Hash identifier:          UnJACF5Z5cUwBhKNZo6aKXyQlmc8FFFAaf7IVdYwBkY=
Subject key identifier:   CE:9C:07:5A:11:A1:52:79:C3:AF:FB:80:F4:6E:81:2E:51:9E:4E:9C
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       12FB
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/zpwHWhGhUnnDr_uA9G6BLlGeTpw.roa
Signing time:             Fri 01 Sep 2023 08:05:15 +0000
ROA not before:           Fri 01 Sep 2023 08:05:15 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     9922
IP address blocks:        124.218.160.0/21 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4859 (0x12fb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep  1 08:05:15 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=CE9C075A11A15279C3AFFB80F46E812E519E4E9C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:64:8e:fc:43:47:46:6c:69:8c:36:7e:e9:7e:
                    d8:84:c3:d4:99:83:db:d7:1d:2a:98:18:0c:d1:0e:
                    1a:f2:48:a3:2f:09:d2:1c:43:9c:c9:57:c3:08:77:
                    7f:2e:5a:b8:9f:a0:d7:0e:6c:e5:1a:e3:fb:40:ed:
                    be:90:57:b5:d4:18:e2:fc:10:00:41:93:3c:b2:0e:
                    3d:0f:b4:5e:1a:33:ab:ae:64:ad:42:91:b4:45:09:
                    34:9a:6f:8b:0c:67:67:a6:21:42:c2:a5:89:1d:e5:
                    fe:6c:d0:07:c6:d1:a2:a2:1a:58:bd:ae:1d:2a:82:
                    c8:72:62:ab:ed:61:a2:ff:9e:fa:1c:59:59:ae:69:
                    6a:59:0e:4f:5d:15:16:b5:25:89:1b:a4:fb:15:60:
                    33:27:66:92:fa:18:4c:3b:4a:22:81:2f:e6:93:77:
                    f0:44:92:a3:2b:4d:bd:c7:ea:95:30:38:89:45:fd:
                    bf:1e:e4:0f:81:7a:f3:d7:3b:56:b9:5d:34:38:db:
                    45:07:01:e2:3e:55:aa:bd:b7:45:c8:dd:81:f3:21:
                    5b:a6:0c:8d:f4:d9:d0:93:15:d4:3d:ff:93:5e:cf:
                    46:1c:77:0b:a8:fc:97:49:f3:a6:d8:c3:44:ac:6e:
                    02:89:fa:7b:8b:4b:18:ac:62:93:b1:c0:7e:0f:4c:
                    81:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:9C:07:5A:11:A1:52:79:C3:AF:FB:80:F4:6E:81:2E:51:9E:4E:9C
            X509v3 Authority Key Identifier:
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/zpwHWhGhUnnDr_uA9G6BLlGeTpw.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  124.218.160.0/21

    Signature Algorithm: sha256WithRSAEncryption
         9b:6b:5d:d5:02:ca:42:8a:1e:97:84:35:40:13:cb:87:17:0b:
         b2:e8:4b:c6:aa:e9:36:2e:5a:4c:8a:94:92:ae:8b:e2:26:86:
         52:d2:58:05:b7:29:5b:94:fc:31:d2:7a:ee:3c:2a:de:29:74:
         87:76:69:e2:26:22:55:ee:3c:9c:5a:57:c7:d5:65:f5:d9:56:
         ad:7f:3d:ac:79:59:db:6f:e2:29:3c:10:fc:b7:5b:84:76:cf:
         bb:31:54:f9:f6:49:c8:d9:4c:19:de:3d:e2:c3:69:2d:a1:bf:
         b4:24:ff:23:ac:45:90:41:a4:1a:17:f6:15:e2:c8:0e:db:dc:
         7a:ff:83:3d:9f:10:74:cc:cb:d8:9d:1b:89:47:42:2f:82:a1:
         d5:02:20:39:52:9a:e6:4a:25:be:57:05:17:db:96:d9:f2:ba:
         5b:23:aa:44:21:d8:87:55:ab:63:3e:7b:e5:66:4e:93:a4:c8:
         3d:9a:4e:64:48:6b:7e:4d:a7:a4:45:fd:d8:76:49:9b:ff:4b:
         be:82:a8:8d:26:cd:0a:61:a2:62:27:a5:6f:80:95:da:d4:13:
         91:db:18:72:98:0b:27:00:2e:30:87:5a:68:b1:32:2c:3d:ea:
         b8:d6:ae:b4:75:af:a9:bc:b7:d5:a0:49:a2:22:7e:52:75:46:
         3e:2d:b8:04
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEvswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MTVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKENFOUMwNzVBMTFBMTUy
NzlDM0FGRkI4MEY0NkU4MTJFNTE5RTRFOUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJZI78Q0dGbGmMNn7pftiEw9SZg9vXHSqYGAzRDhrySKMvCdIc
Q5zJV8MId38uWrifoNcObOUa4/tA7b6QV7XUGOL8EABBkzyyDj0PtF4aM6uuZK1C
kbRFCTSab4sMZ2emIULCpYkd5f5s0AfG0aKiGli9rh0qgshyYqvtYaL/nvocWVmu
aWpZDk9dFRa1JYkbpPsVYDMnZpL6GEw7SiKBL+aTd/BEkqMrTb3H6pUwOIlF/b8e
5A+BevPXO1a5XTQ420UHAeI+Vaq9t0XI3YHzIVumDI302dCTFdQ9/5Nez0Ycdwuo
/JdJ86bYw0SsbgKJ+nuLSxisYpOxwH4PTIENAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUzpwHWhGhUnnDr/uA9G6BLlGeTpwwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvenB3SFdoR2hVbm5Ecl91QTlHNkJM
bEdlVHB3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3zaoDAN
BgkqhkiG9w0BAQsFAAOCAQEAm2td1QLKQooel4Q1QBPLhxcLsuhLxqrpNi5aTIqU
kq6L4iaGUtJYBbcpW5T8MdJ67jwq3il0h3Zp4iYiVe48nFpXx9Vl9dlWrX89rHlZ
22/iKTwQ/LdbhHbPuzFU+fZJyNlMGd494sNpLaG/tCT/I6xFkEGkGhf2FeLIDtvc
ev+DPZ8QdMzL2J0biUdCL4Kh1QIgOVKa5kolvlcFF9uW2fK6WyOqRCHYh1WrYz57
5WZOk6TIPZpOZEhrfk2npEX92HZJm/9LvoKojSbNCmGiYielb4CV2tQTkdsYcpgL
JwAuMIdaaLEyLD3quNautHWvqby31aBJoiJ+UnVGPi24BA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:02 2024 by rpki-client on console-ams.rpki-client.org