Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/n7qWgNWwg3iWTwjcESmENiXc8Og.roa
File:                     n7qWgNWwg3iWTwjcESmENiXc8Og.roa (raw, json)
Hash identifier:          YxPHAEWkpb2Nsf01i3Y9cUzjI8j2hLAPJSQfJ231Buk=
Subject key identifier:   9F:BA:96:80:D5:B0:83:78:96:4F:08:DC:11:29:84:36:25:DC:F0:E8
Certificate issuer:       /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial:       0C66
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/n7qWgNWwg3iWTwjcESmENiXc8Og.roa
Signing time:             Fri 01 Sep 2023 08:26:31 +0000
ROA not before:           Fri 01 Sep 2023 08:26:31 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     18429
IP address blocks:        61.57.156.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3174 (0xc66)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
        Validity
            Not Before: Sep  1 08:26:31 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=9FBA9680D5B08378964F08DC1129843625DCF0E8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:a6:c0:20:d0:4e:e0:e2:dd:d9:ab:b4:92:d0:
                    e3:c5:fb:9a:19:8a:7e:52:92:d1:2e:b1:6b:e5:c2:
                    ac:f3:a2:a3:52:27:a2:14:aa:90:9f:68:57:0e:f5:
                    c5:99:c0:86:d5:e6:bb:25:ef:9a:51:97:41:d4:37:
                    9f:2d:d7:06:83:41:0c:a7:5b:e3:1a:5d:bf:ea:29:
                    a7:e8:03:c7:f8:2b:96:17:d8:09:06:67:7a:71:39:
                    1e:a8:03:e2:72:f4:f5:9b:38:d9:c3:63:05:42:54:
                    67:5a:ac:dc:2d:30:8f:93:8b:a7:a1:2e:a7:26:ce:
                    3a:49:44:66:94:e1:ae:06:39:12:ea:83:e1:34:97:
                    e7:4b:b2:69:e6:ca:26:2b:79:ce:15:f2:f5:a2:e3:
                    1b:2f:43:80:b6:4a:33:a8:03:a2:db:42:11:14:62:
                    74:c6:25:eb:37:c4:41:35:09:5e:38:ba:f9:8d:92:
                    b3:45:00:51:94:58:f3:db:4b:1e:92:64:92:6c:9e:
                    69:eb:a0:44:2a:49:f0:b5:47:ac:3c:31:b2:df:9a:
                    a8:92:92:56:42:81:4b:ff:fd:1e:51:85:c7:00:99:
                    09:57:87:4b:ed:7d:cd:23:9d:f8:30:1b:f9:41:f4:
                    a7:fe:d4:2b:22:7c:61:f7:fc:99:1a:8f:db:d4:83:
                    91:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:BA:96:80:D5:B0:83:78:96:4F:08:DC:11:29:84:36:25:DC:F0:E8
            X509v3 Authority Key Identifier:
                keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/n7qWgNWwg3iWTwjcESmENiXc8Og.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.57.156.0/22

    Signature Algorithm: sha256WithRSAEncryption
         21:28:36:dc:26:d3:ef:5b:f4:bb:fe:23:02:72:05:db:6b:cf:
         38:ae:17:8b:3e:98:44:05:93:8d:b0:b8:ea:35:13:7d:9f:16:
         be:70:d1:8c:44:e9:64:52:9a:38:16:db:75:85:9a:dd:d8:bd:
         dd:73:2c:0e:68:40:f1:8f:2d:45:6e:ce:48:ab:ff:f6:28:4d:
         e7:b0:87:87:79:68:9c:42:69:c4:37:d0:8e:70:86:4f:30:40:
         0c:e1:25:1f:21:cb:af:a0:29:4b:7e:79:68:8e:30:5a:db:8e:
         09:8d:9f:5c:cd:f1:79:6e:c8:a2:ca:d7:b9:e6:0e:1a:3e:4e:
         60:12:44:4d:06:04:37:67:37:11:27:09:32:5b:36:a4:42:04:
         82:7c:b9:ca:1f:09:6f:35:ed:17:cf:ca:31:5f:63:25:cc:a3:
         f0:ef:c8:79:96:f2:67:7d:d6:cb:75:df:bb:fd:69:f8:f6:e4:
         3c:a3:90:4b:db:05:b5:ac:e2:38:79:99:1c:4b:a0:f3:f8:5c:
         13:2d:79:ce:67:ba:ec:15:73:28:32:b8:da:df:d7:56:ff:1e:
         ff:1b:e2:b8:a8:d8:a5:b5:d0:fe:33:eb:a2:37:76:20:c4:e2:
         3b:7e:43:16:9f:11:70:4b:48:d6:37:ef:89:b1:74:8c:76:88:
         80:b3:1c:be
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDGYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMzA5MDEw
ODI2MzFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDlGQkE5NjgwRDVCMDgz
Nzg5NjRGMDhEQzExMjk4NDM2MjVEQ0YwRTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVpsAg0E7g4t3Zq7SS0OPF+5oZin5SktEusWvlwqzzoqNSJ6IU
qpCfaFcO9cWZwIbV5rsl75pRl0HUN58t1waDQQynW+MaXb/qKafoA8f4K5YX2AkG
Z3pxOR6oA+Jy9PWbONnDYwVCVGdarNwtMI+Ti6ehLqcmzjpJRGaU4a4GORLqg+E0
l+dLsmnmyiYrec4V8vWi4xsvQ4C2SjOoA6LbQhEUYnTGJes3xEE1CV44uvmNkrNF
AFGUWPPbSx6SZJJsnmnroEQqSfC1R6w8MbLfmqiSklZCgUv//R5RhccAmQlXh0vt
fc0jnfgwG/lB9Kf+1CsifGH3/Jkaj9vUg5HTAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUn7qWgNWwg3iWTwjcESmENiXc8OgwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9uN3FXZ05Xd2czaVdUd2pjRVNt
RU5pWGM4T2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCPTmc
MA0GCSqGSIb3DQEBCwUAA4IBAQAhKDbcJtPvW/S7/iMCcgXba884rheLPphEBZON
sLjqNRN9nxa+cNGMROlkUpo4Ftt1hZrd2L3dcywOaEDxjy1Fbs5Iq//2KE3nsIeH
eWicQmnEN9COcIZPMEAM4SUfIcuvoClLfnlojjBa244JjZ9czfF5bsiiyte55g4a
Pk5gEkRNBgQ3ZzcRJwkyWzakQgSCfLnKHwlvNe0Xz8oxX2MlzKPw78h5lvJnfdbL
dd+7/Wn49uQ8o5BL2wW1rOI4eZkcS6Dz+FwTLXnOZ7rsFXMoMrja39dW/x7/G+K4
qNiltdD+M+uiN3YgxOI7fkMWnxFwS0jWN++JsXSMdoiAsxy+
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:18 2024 by rpki-client on console-fra.rpki-client.org