Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ASNET/NOKYRr2bMQOewq4YnaPSBW2JS-w.roa
File:                     NOKYRr2bMQOewq4YnaPSBW2JS-w.roa (raw, json)
Hash identifier:          VcTfg2C32TeIW6HWqCpbuOiv9nxUzAdYpN+P4O94fqw=
Subject key identifier:   34:E2:98:46:BD:9B:31:03:9E:C2:AE:18:9D:A3:D2:05:6D:89:4B:EC
Certificate issuer:       /CN=70984F008CA28F6475DB426353BFD1C433D8BC1A
Certificate serial:       0B2C
Authority key identifier: 70:98:4F:00:8C:A2:8F:64:75:DB:42:63:53:BF:D1:C4:33:D8:BC:1A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/cJhPAIyij2R120JjU7_RxDPYvBo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/ASNET/NOKYRr2bMQOewq4YnaPSBW2JS-w.roa
Signing time:             Fri 01 Sep 2023 08:24:02 +0000
ROA not before:           Fri 01 Sep 2023 08:24:02 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     9264
IP address blocks:        103.130.252.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2860 (0xb2c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70984F008CA28F6475DB426353BFD1C433D8BC1A
        Validity
            Not Before: Sep  1 08:24:02 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=34E29846BD9B31039EC2AE189DA3D2056D894BEC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:b8:03:c6:51:40:19:8e:1b:dc:72:32:4c:d8:
                    a7:8d:30:2a:2e:fa:43:e7:f6:09:13:46:04:c8:2c:
                    1b:c5:85:b2:67:0b:77:3d:c5:40:c7:1e:19:4d:40:
                    12:41:bb:b1:80:85:8a:4d:28:6e:b2:11:fd:25:4e:
                    98:a9:fa:2e:09:11:99:3e:16:68:ee:90:7b:32:89:
                    36:34:90:3e:d4:c6:36:6f:9e:05:9c:28:1b:e5:b1:
                    2c:b2:ce:86:94:c5:3a:a7:1d:33:1f:aa:4a:9a:95:
                    94:53:a8:4c:bd:22:cb:81:37:96:fc:ca:d0:57:26:
                    bb:6d:be:8a:77:30:4f:d8:e7:3e:90:bc:42:ba:5e:
                    99:94:4d:ac:34:62:6d:10:db:72:e1:f8:57:78:50:
                    39:04:8d:52:fe:0d:0e:1d:57:e7:0f:07:09:60:22:
                    e6:4c:2f:2c:59:28:51:f3:2e:62:17:a2:75:ef:74:
                    3c:ef:23:d4:3b:09:17:41:a3:e5:f8:59:20:70:65:
                    31:98:e9:1b:5e:ae:70:cb:7b:24:cb:e7:98:62:9f:
                    9b:67:af:e8:2b:ab:54:6f:fa:9c:52:8a:ce:36:02:
                    1d:1c:29:2c:46:27:17:97:57:00:07:eb:97:e4:6b:
                    17:5e:9f:74:85:f6:06:3b:ca:ec:27:06:92:d0:49:
                    c1:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:E2:98:46:BD:9B:31:03:9E:C2:AE:18:9D:A3:D2:05:6D:89:4B:EC
            X509v3 Authority Key Identifier:
                keyid:70:98:4F:00:8C:A2:8F:64:75:DB:42:63:53:BF:D1:C4:33:D8:BC:1A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ASNET/cJhPAIyij2R120JjU7_RxDPYvBo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/cJhPAIyij2R120JjU7_RxDPYvBo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ASNET/NOKYRr2bMQOewq4YnaPSBW2JS-w.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.130.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b6:13:b3:bb:7c:49:6c:cf:7b:03:14:f6:0e:38:00:6d:f8:ea:
         5c:03:57:da:76:68:24:1a:4e:e8:63:06:5c:25:75:81:cc:c4:
         ff:e7:61:9c:ea:96:1b:f8:ec:06:33:ad:f0:71:23:d9:3a:1c:
         13:63:9f:71:aa:e7:86:c7:4c:57:4e:f5:f9:1e:b3:6c:8f:3a:
         41:44:9a:6c:45:b2:5a:bf:34:b8:9d:37:70:fb:c2:15:11:f5:
         4c:5a:8c:de:c7:b9:42:6d:79:d6:9e:4d:be:16:17:24:5e:d3:
         b4:3a:a1:5b:1a:fc:1a:18:f6:c1:c5:3e:94:e1:0c:f0:b0:67:
         17:e0:93:1b:6a:dd:47:15:a1:dc:33:6f:7c:92:b0:05:ea:4f:
         0f:6a:85:20:5d:5a:15:b8:3d:5e:5a:58:cb:c4:ed:2f:b6:fd:
         32:d0:98:07:d1:5d:b1:83:a6:88:0e:4e:bf:c1:d6:d1:02:97:
         34:50:fe:af:ed:6d:ba:3e:42:18:5d:e3:dc:b9:4a:8b:20:b8:
         44:35:59:a2:61:4a:b4:7b:8e:9a:89:19:9b:ac:3b:e6:ce:b6:
         81:43:bb:fb:4e:be:24:93:64:a8:28:ef:b3:4f:d3:89:60:c4:
         46:6c:69:56:14:1a:78:0e:4f:95:19:3c:64:3d:37:77:69:8b:
         2c:00:c2:37
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCywwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzA5
ODRGMDA4Q0EyOEY2NDc1REI0MjYzNTNCRkQxQzQzM0Q4QkMxQTAeFw0yMzA5MDEw
ODI0MDJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDM0RTI5ODQ2QkQ5QjMx
MDM5RUMyQUUxODlEQTNEMjA1NkQ4OTRCRUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5uAPGUUAZjhvccjJM2KeNMCou+kPn9gkTRgTILBvFhbJnC3c9
xUDHHhlNQBJBu7GAhYpNKG6yEf0lTpip+i4JEZk+FmjukHsyiTY0kD7UxjZvngWc
KBvlsSyyzoaUxTqnHTMfqkqalZRTqEy9IsuBN5b8ytBXJrttvop3ME/Y5z6QvEK6
XpmUTaw0Ym0Q23Lh+Fd4UDkEjVL+DQ4dV+cPBwlgIuZMLyxZKFHzLmIXonXvdDzv
I9Q7CRdBo+X4WSBwZTGY6RternDLeyTL55hin5tnr+grq1Rv+pxSis42Ah0cKSxG
JxeXVwAH65fkaxden3SF9gY7yuwnBpLQScErAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUNOKYRr2bMQOewq4YnaPSBW2JS+wwHwYDVR0jBBgwFoAUcJhPAIyij2R120Jj
U7/RxDPYvBowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVNORVQv
Y0poUEFJeWlqMlIxMjBKalU3X1J4RFBZdkJvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9jSmhQQUl5aWoyUjEyMEpqVTdfUnhEUFl2Qm8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9BU05FVC9OT0tZUnIyYk1RT2V3cTRZbmFQ
U0JXMkpTLXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ4L8
MA0GCSqGSIb3DQEBCwUAA4IBAQC2E7O7fElsz3sDFPYOOABt+OpcA1fadmgkGk7o
YwZcJXWBzMT/52Gc6pYb+OwGM63wcSPZOhwTY59xqueGx0xXTvX5HrNsjzpBRJps
RbJavzS4nTdw+8IVEfVMWozex7lCbXnWnk2+FhckXtO0OqFbGvwaGPbBxT6U4Qzw
sGcX4JMbat1HFaHcM298krAF6k8PaoUgXVoVuD1eWljLxO0vtv0y0JgH0V2xg6aI
Dk6/wdbRApc0UP6v7W26PkIYXePcuUqLILhENVmiYUq0e46aiRmbrDvmzraBQ7v7
Tr4kk2SoKO+zT9OJYMRGbGlWFBp4Dk+VGTxkPTd3aYssAMI3
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:10 2024 by rpki-client on console-ams.rpki-client.org