Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/WjmPDTAwgtnKtBXqfmQFRPBcybY.roa
File:                     WjmPDTAwgtnKtBXqfmQFRPBcybY.roa (raw, json)
Hash identifier:          N0U2pDFGJP8e40CWcW1lAWhGNvB9lFQKvNeJ+6ZHJs8=
Subject key identifier:   5A:39:8F:0D:30:30:82:D9:CA:B4:15:EA:7E:64:05:44:F0:5C:C9:B6
Certificate issuer:       /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial:       0F76
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/WjmPDTAwgtnKtBXqfmQFRPBcybY.roa
Signing time:             Fri 01 Sep 2023 08:29:10 +0000
ROA not before:           Fri 01 Sep 2023 08:29:10 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     131627
IP address blocks:        150.116.160.0/19 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3958 (0xf76)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
        Validity
            Not Before: Sep  1 08:29:10 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=5A398F0D303082D9CAB415EA7E640544F05CC9B6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:64:a7:a4:28:b4:48:4d:ab:7d:06:ec:4e:24:
                    bd:24:d2:25:6c:dc:2d:12:22:a2:f1:10:33:91:74:
                    e4:ae:0e:6d:89:ce:72:f3:44:c5:71:4b:75:94:5f:
                    96:d0:48:e7:a9:37:3d:cb:19:93:e7:f7:30:12:47:
                    ea:2c:b9:c9:fd:5a:f5:bd:4f:eb:30:dd:7c:38:14:
                    6b:ab:a3:fb:bc:96:ce:a4:b4:41:85:b0:e4:64:93:
                    71:b9:95:fc:31:95:d3:ab:a2:7c:e3:4c:c2:d4:ef:
                    a3:7c:ef:ec:6b:66:39:08:84:19:2b:8a:c4:0f:94:
                    48:ab:05:26:5d:a2:df:09:f7:4c:57:eb:c6:34:ae:
                    26:4f:ff:83:29:88:f7:a7:af:0f:27:df:51:68:01:
                    66:98:e3:ef:8a:af:16:3a:31:8e:c4:0f:77:4d:62:
                    84:eb:c6:ab:2d:c3:92:ec:3f:ee:22:51:96:00:6f:
                    0a:f0:85:60:d2:c0:28:8b:e7:cf:1c:6d:bf:06:c9:
                    c1:ea:db:69:0b:50:a1:c9:c4:91:d3:14:35:dc:2b:
                    eb:d3:c8:02:61:b6:9c:1b:a7:52:d5:89:32:fe:cd:
                    6e:59:f2:30:8d:5e:76:4d:dd:cb:69:3c:44:41:fd:
                    18:56:f5:54:d0:c8:f5:2c:2d:49:4e:cc:41:ac:86:
                    84:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:39:8F:0D:30:30:82:D9:CA:B4:15:EA:7E:64:05:44:F0:5C:C9:B6
            X509v3 Authority Key Identifier:
                keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/WjmPDTAwgtnKtBXqfmQFRPBcybY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.116.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         a1:98:90:45:7a:26:40:aa:ae:98:33:ca:4c:06:75:45:d8:4d:
         7a:cb:5e:99:1e:8d:82:ee:d0:0c:b6:72:0c:08:38:6f:2c:18:
         53:d9:58:64:f9:32:bb:3d:31:fd:eb:86:ac:75:b9:26:8a:8d:
         54:33:2e:14:ef:96:e0:05:e1:d9:3c:6d:76:3d:38:a5:4b:36:
         c8:ec:e9:70:a4:1d:29:bf:41:45:9d:87:3f:ee:82:ae:76:23:
         ea:62:2b:36:3e:f7:f2:90:f9:cc:d5:50:01:85:56:ae:1f:d3:
         d1:38:20:9c:8e:be:e3:76:b8:6a:8f:ef:f6:4c:1b:7a:41:b2:
         e5:ed:67:bf:e9:f2:33:df:58:15:5c:78:10:db:c3:ca:c8:d3:
         49:fd:7e:9e:d0:cd:af:9e:8c:49:e2:f8:89:c9:4a:1b:60:7b:
         1b:fb:d7:8a:fa:73:bf:ae:46:d3:55:89:8c:2c:95:ba:ac:6c:
         4a:fa:c3:02:18:4b:c4:3a:67:3e:86:26:fe:a0:b1:ef:a6:e7:
         8e:2c:87:e4:74:9a:bf:4f:d7:96:7d:63:42:5e:5d:6a:39:2c:
         a2:19:26:6c:40:ff:35:02:c3:0e:f4:e4:fa:c8:89:c5:b3:95:
         d2:a7:e5:a9:c9:52:ba:f9:db:71:38:d2:96:dc:fa:d8:49:c0:
         8a:3d:91:10
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICD3YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMzA5MDEw
ODI5MTBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDVBMzk4RjBEMzAzMDgy
RDlDQUI0MTVFQTdFNjQwNTQ0RjA1Q0M5QjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4ZKekKLRITat9BuxOJL0k0iVs3C0SIqLxEDORdOSuDm2JznLz
RMVxS3WUX5bQSOepNz3LGZPn9zASR+osucn9WvW9T+sw3Xw4FGuro/u8ls6ktEGF
sORkk3G5lfwxldOronzjTMLU76N87+xrZjkIhBkrisQPlEirBSZdot8J90xX68Y0
riZP/4MpiPenrw8n31FoAWaY4++KrxY6MY7ED3dNYoTrxqstw5LsP+4iUZYAbwrw
hWDSwCiL588cbb8GycHq22kLUKHJxJHTFDXcK+vTyAJhtpwbp1LViTL+zW5Z8jCN
XnZN3ctpPERB/RhW9VTQyPUsLUlOzEGshoQ9AgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUWjmPDTAwgtnKtBXqfmQFRPBcybYwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9Xam1QRFRBd2d0bkt0
QlhxZm1RRlJQQmN5Ylkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQFlnSgMA0GCSqGSIb3DQEBCwUAA4IBAQChmJBFeiZAqq6YM8pMBnVF2E16y16Z
Ho2C7tAMtnIMCDhvLBhT2Vhk+TK7PTH964asdbkmio1UMy4U75bgBeHZPG12PTil
SzbI7OlwpB0pv0FFnYc/7oKudiPqYis2PvfykPnM1VABhVauH9PROCCcjr7jdrhq
j+/2TBt6QbLl7We/6fIz31gVXHgQ28PKyNNJ/X6e0M2vnoxJ4viJyUobYHsb+9eK
+nO/rkbTVYmMLJW6rGxK+sMCGEvEOmc+hib+oLHvpueOLIfkdJq/T9eWfWNCXl1q
OSyiGSZsQP81AsMO9OT6yInFs5XSp+WpyVK6+dtxONKW3PrYScCKPZEQ
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:11 2024 by rpki-client on console-ams.rpki-client.org