Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/7zN9HsaaNbRIglaZBYrCYh8dpD4.roa
File:                     7zN9HsaaNbRIglaZBYrCYh8dpD4.roa (raw, json)
Hash identifier:          jmXWCd3rszUkE2lVZOR3ld0zUj/1pot1QHQ5RG4TzRI=
Subject key identifier:   EF:33:7D:1E:C6:9A:35:B4:48:82:56:99:05:8A:C2:62:1F:1D:A4:3E
Certificate issuer:       /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial:       0F67
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/7zN9HsaaNbRIglaZBYrCYh8dpD4.roa
Signing time:             Fri 01 Sep 2023 08:29:05 +0000
ROA not before:           Fri 01 Sep 2023 08:29:05 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     17408
IP address blocks:        150.117.160.0/21 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3943 (0xf67)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
        Validity
            Not Before: Sep  1 08:29:05 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=EF337D1EC69A35B448825699058AC2621F1DA43E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:0a:39:37:c6:00:2d:9a:bc:15:6c:1b:b9:f4:
                    cd:51:f8:a9:06:7f:ec:c5:77:e0:c9:3f:4a:77:e3:
                    c7:ae:85:da:c0:0f:c3:86:14:c9:99:d4:03:1c:08:
                    50:27:05:9a:82:1b:e0:da:15:53:19:ad:f8:97:b1:
                    1b:42:6e:3d:36:c3:16:80:21:44:29:f5:be:c0:55:
                    f2:c1:40:3c:61:2e:20:09:84:ad:26:5b:39:cf:61:
                    4a:b1:bd:1b:5d:0c:dc:61:de:1d:07:de:d5:bb:19:
                    95:4d:8e:d8:c1:df:cf:b0:69:2a:7c:e4:04:e9:cc:
                    21:d1:21:28:83:56:80:0f:a9:69:61:74:cf:69:62:
                    33:e3:bc:fd:59:a2:5a:f7:45:51:c4:bb:72:0a:91:
                    9a:a8:5c:1b:5c:40:26:32:14:68:2f:fd:8c:09:54:
                    bb:0e:c6:98:c4:d6:43:18:0c:af:a7:0a:f3:a7:d9:
                    a6:4c:df:58:02:55:b0:fe:c1:5e:9b:0a:85:60:10:
                    d2:e8:97:b6:d8:64:de:5f:4b:08:22:36:e9:5f:4e:
                    a8:c2:c9:29:d9:77:38:e4:4e:bf:7f:f2:e7:34:42:
                    ba:01:16:31:73:3e:e0:2b:25:fb:62:4e:98:cf:e7:
                    94:44:05:a4:35:b7:01:c3:2e:62:65:35:27:fa:f9:
                    bc:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:33:7D:1E:C6:9A:35:B4:48:82:56:99:05:8A:C2:62:1F:1D:A4:3E
            X509v3 Authority Key Identifier:
                keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/7zN9HsaaNbRIglaZBYrCYh8dpD4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.117.160.0/21

    Signature Algorithm: sha256WithRSAEncryption
         27:8f:ff:27:9e:82:fb:1a:f1:3e:20:62:d0:9e:7f:91:6a:50:
         6e:a2:c1:1f:aa:7a:e3:5d:2c:eb:e5:d7:6f:56:cd:77:be:a6:
         d5:0a:22:ed:71:e8:82:a9:4b:ee:17:5b:5c:6d:22:e6:9d:cb:
         99:f8:1a:50:02:f5:15:bb:b6:ed:fd:d5:03:d6:80:bc:98:6f:
         f4:4e:7c:26:41:47:d6:43:78:52:ba:d1:4f:f8:90:08:1b:f1:
         30:36:bd:f9:89:35:15:91:07:03:8c:11:fb:ea:f4:92:06:76:
         06:55:91:a0:37:a2:f5:da:7b:72:44:17:82:2f:c0:0b:f4:e8:
         31:6c:ce:e5:f4:c6:50:a9:7f:88:63:9a:72:b1:e9:41:6a:73:
         8f:03:6d:22:27:21:4e:a0:d8:0c:ef:01:9b:19:93:3d:0d:a2:
         b9:d3:9d:62:43:ef:c9:da:3b:27:52:7a:99:1e:56:b0:b4:89:
         49:06:a0:04:3d:cf:1f:d5:e8:b8:9e:b3:64:36:54:ce:44:c7:
         58:f7:ef:92:9e:33:dd:0c:31:13:dd:48:c4:2c:a4:96:df:e9:
         79:e7:22:9e:2c:a0:a3:f9:df:c3:e4:c7:82:86:73:55:9c:51:
         8c:a2:78:70:3d:58:26:58:51:70:1e:f2:ce:db:8e:a1:25:97:
         66:7e:20:d3
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICD2cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMzA5MDEw
ODI5MDVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEVGMzM3RDFFQzY5QTM1
QjQ0ODgyNTY5OTA1OEFDMjYyMUYxREE0M0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYCjk3xgAtmrwVbBu59M1R+KkGf+zFd+DJP0p348euhdrAD8OG
FMmZ1AMcCFAnBZqCG+DaFVMZrfiXsRtCbj02wxaAIUQp9b7AVfLBQDxhLiAJhK0m
WznPYUqxvRtdDNxh3h0H3tW7GZVNjtjB38+waSp85ATpzCHRISiDVoAPqWlhdM9p
YjPjvP1Zolr3RVHEu3IKkZqoXBtcQCYyFGgv/YwJVLsOxpjE1kMYDK+nCvOn2aZM
31gCVbD+wV6bCoVgENLol7bYZN5fSwgiNulfTqjCySnZdzjkTr9/8uc0QroBFjFz
PuArJftiTpjP55REBaQ1twHDLmJlNSf6+bwTAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQU7zN9HsaaNbRIglaZBYrCYh8dpD4wHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy83ek45SHNhYU5iUkln
bGFaQllyQ1loOGRwRDQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQDlnWgMA0GCSqGSIb3DQEBCwUAA4IBAQAnj/8nnoL7GvE+IGLQnn+RalBuosEf
qnrjXSzr5ddvVs13vqbVCiLtceiCqUvuF1tcbSLmncuZ+BpQAvUVu7bt/dUD1oC8
mG/0TnwmQUfWQ3hSutFP+JAIG/EwNr35iTUVkQcDjBH76vSSBnYGVZGgN6L12nty
RBeCL8AL9OgxbM7l9MZQqX+IY5pyselBanOPA20iJyFOoNgM7wGbGZM9DaK5051i
Q+/J2jsnUnqZHlawtIlJBqAEPc8f1ei4nrNkNlTORMdY9++SnjPdDDET3UjELKSW
3+l55yKeLKCj+d/D5MeChnNVnFGMonhwPVgmWFFwHvLO246hJZdmfiDT
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:11 2024 by rpki-client on console-ams.rpki-client.org