Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/qF1TWgnCloE3aDN4EJsNezaj7xM.roa
File:                     qF1TWgnCloE3aDN4EJsNezaj7xM.roa (raw, json)
Hash identifier:          31TX1JqUiriw0vyVKtGxVXHQGqClALHtAxJWvOnFXas=
Subject key identifier:   A8:5D:53:5A:09:C2:96:81:37:68:33:78:10:9B:0D:7B:36:A3:EF:13
Certificate issuer:       /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial:       0C63
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/qF1TWgnCloE3aDN4EJsNezaj7xM.roa
Signing time:             Fri 01 Sep 2023 08:26:30 +0000
ROA not before:           Fri 01 Sep 2023 08:26:30 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     18429
IP address blocks:        27.147.63.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3171 (0xc63)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
        Validity
            Not Before: Sep  1 08:26:30 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=A85D535A09C2968137683378109B0D7B36A3EF13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:4b:4f:52:82:16:02:d6:36:6f:47:40:62:32:
                    15:10:d3:59:1e:ea:4c:d4:03:c4:9f:06:1c:7f:e5:
                    5f:51:bb:62:a1:04:e0:fa:0e:9a:be:ef:d5:5d:43:
                    40:07:ac:a0:c6:9a:d6:c3:88:56:9e:81:f1:3a:78:
                    2d:12:c5:c2:44:a8:51:21:29:8d:72:45:22:d6:ee:
                    eb:29:a6:e7:be:51:1f:6b:ee:52:bc:52:af:86:36:
                    7a:8f:f7:7b:13:19:32:f4:34:c2:f0:ba:51:1d:b2:
                    1c:8f:19:fb:a3:4f:cd:ff:77:d1:76:5b:9d:5e:a0:
                    b0:74:36:07:61:be:94:95:ac:6f:ee:a6:bc:36:7a:
                    25:0a:97:8f:2d:54:55:12:35:ae:74:dd:11:8c:0f:
                    3d:4e:c7:16:ef:12:f2:87:78:c1:67:40:30:4d:5a:
                    ef:cc:80:3f:47:12:76:25:a0:af:0a:2e:ee:30:08:
                    3a:9b:e6:e2:47:d7:fe:cb:e1:29:92:32:fa:0a:db:
                    8d:b1:ff:7d:1b:0f:40:b9:0d:a2:a1:0a:18:ee:bb:
                    0b:18:38:fd:5d:cf:81:bf:1f:44:89:8f:38:81:f2:
                    0c:14:4a:78:39:46:94:b1:1b:f3:1d:8e:df:b0:b1:
                    04:30:b5:46:36:b6:06:bb:6a:46:f5:43:63:3e:01:
                    e6:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:5D:53:5A:09:C2:96:81:37:68:33:78:10:9B:0D:7B:36:A3:EF:13
            X509v3 Authority Key Identifier:
                keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/qF1TWgnCloE3aDN4EJsNezaj7xM.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  27.147.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:15:36:54:aa:dc:b1:4c:2f:4d:cb:45:71:f3:da:2c:8a:5d:
         7a:64:7f:b7:ff:e1:47:49:e0:19:de:19:82:95:4a:cb:b2:af:
         86:3f:f0:9c:05:cf:a3:ef:b5:6a:80:1c:f9:6d:35:49:6b:3d:
         87:cd:8d:51:ac:e6:a9:f9:1b:7e:d6:40:88:28:15:74:34:34:
         1f:13:b7:38:e2:89:4a:ca:c0:04:b4:6f:55:ff:d5:4f:fe:70:
         ec:19:ad:59:6f:30:4c:f2:1c:7b:b9:b8:89:da:a3:f1:35:66:
         f6:a4:1e:93:38:ee:ef:c1:b4:f3:69:4d:04:fa:18:03:92:ac:
         21:5d:87:c9:84:f1:dc:c8:5d:46:79:7d:9b:43:0d:23:db:a5:
         8a:de:53:4b:43:4c:1b:ce:bf:34:fb:4c:72:89:23:ad:88:72:
         5f:02:f9:b4:6f:ce:87:71:0b:8e:69:91:ca:d1:29:d4:d6:8f:
         8c:04:e5:43:a8:63:0c:16:3c:be:ae:20:99:2a:49:b5:49:61:
         1d:c0:3f:07:a1:f4:a4:12:ea:33:8c:67:e8:5f:d3:2f:8a:1a:
         5b:ed:5f:b7:ea:a5:43:22:f3:98:5c:e2:4f:40:66:3c:a6:19:
         9e:30:11:d4:37:5c:96:3c:ca:f9:c9:58:9a:23:79:52:fc:66:
         3b:dd:6d:75
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDGMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMzA5MDEw
ODI2MzBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEE4NUQ1MzVBMDlDMjk2
ODEzNzY4MzM3ODEwOUIwRDdCMzZBM0VGMTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvS09SghYC1jZvR0BiMhUQ01ke6kzUA8SfBhx/5V9Ru2KhBOD6
Dpq+79VdQ0AHrKDGmtbDiFaegfE6eC0SxcJEqFEhKY1yRSLW7usppue+UR9r7lK8
Uq+GNnqP93sTGTL0NMLwulEdshyPGfujT83/d9F2W51eoLB0NgdhvpSVrG/uprw2
eiUKl48tVFUSNa503RGMDz1OxxbvEvKHeMFnQDBNWu/MgD9HEnYloK8KLu4wCDqb
5uJH1/7L4SmSMvoK242x/30bD0C5DaKhChjuuwsYOP1dz4G/H0SJjziB8gwUSng5
RpSxG/Mdjt+wsQQwtUY2tga7akb1Q2M+AeaPAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUqF1TWgnCloE3aDN4EJsNezaj7xMwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9xRjFUV2duQ2xvRTNhRE40RUpz
TmV6YWo3eE0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAG5M/
MA0GCSqGSIb3DQEBCwUAA4IBAQCQFTZUqtyxTC9Ny0Vx89osil16ZH+3/+FHSeAZ
3hmClUrLsq+GP/CcBc+j77VqgBz5bTVJaz2HzY1RrOap+Rt+1kCIKBV0NDQfE7c4
4olKysAEtG9V/9VP/nDsGa1ZbzBM8hx7ubiJ2qPxNWb2pB6TOO7vwbTzaU0E+hgD
kqwhXYfJhPHcyF1GeX2bQw0j26WK3lNLQ0wbzr80+0xyiSOtiHJfAvm0b86HcQuO
aZHK0SnU1o+MBOVDqGMMFjy+riCZKkm1SWEdwD8HofSkEuozjGfoX9Mvihpb7V+3
6qVDIvOYXOJPQGY8phmeMBHUN1yWPMr5yViaI3lS/GY73W11
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:11 2024 by rpki-client on console-ams.rpki-client.org