Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/zowY53G_g7Sj-ZZ5Ezl5xP9xdQk.roa
File:                     zowY53G_g7Sj-ZZ5Ezl5xP9xdQk.roa (raw, json)
Hash identifier:          4fC4I8LVpLk32TGgttKvwSD+R2c3BK28asrp124neQQ=
Subject key identifier:   CE:8C:18:E7:71:BF:83:B4:A3:F9:96:79:13:39:79:C4:FF:71:75:09
Certificate issuer:       /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial:       0F95
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/zowY53G_g7Sj-ZZ5Ezl5xP9xdQk.roa
Signing time:             Fri 01 Sep 2023 08:29:20 +0000
ROA not before:           Fri 01 Sep 2023 08:29:20 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     17408
IP address blocks:        113.21.88.0/21 maxlen: 21

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3989 (0xf95)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
        Validity
            Not Before: Sep  1 08:29:20 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=CE8C18E771BF83B4A3F99679133979C4FF717509
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:eb:9d:8d:16:f2:f5:2d:f0:90:48:c6:3c:55:
                    83:7e:d3:e9:c5:d0:dd:b0:61:79:56:58:52:86:24:
                    02:c6:b6:be:41:6a:89:03:b5:1b:98:d1:67:76:53:
                    3b:ff:40:a9:a4:de:3c:1b:5b:3e:f6:0f:8b:6a:8b:
                    2d:6d:78:09:e2:54:fa:f3:03:52:de:b6:68:b3:28:
                    4f:ba:b6:80:a5:35:58:2d:9e:9f:87:21:a9:31:5d:
                    33:18:60:20:e4:e6:44:51:0c:54:4f:11:07:98:0d:
                    a6:ee:e2:e0:77:34:52:47:40:32:f3:4e:76:d9:1e:
                    79:ce:70:aa:65:27:26:13:14:09:51:11:33:57:57:
                    40:15:8f:28:69:0b:07:d3:e8:ad:15:db:c4:81:87:
                    df:e2:18:b0:65:5e:2c:90:8c:2a:a1:37:0b:63:80:
                    65:d0:de:f4:b2:83:f2:55:fe:79:6e:38:86:94:d7:
                    f0:96:c2:1a:63:79:1e:61:12:51:40:f0:d2:ee:be:
                    bd:65:8d:18:ae:4f:20:92:aa:72:8d:00:99:e5:f3:
                    35:96:1d:7b:75:01:30:b7:f5:86:af:87:4a:d7:be:
                    00:5b:bb:81:24:9b:f6:3d:54:29:8d:7d:77:17:3b:
                    de:47:0e:d4:e3:ed:11:33:63:65:41:4b:f9:ad:f9:
                    45:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:8C:18:E7:71:BF:83:B4:A3:F9:96:79:13:39:79:C4:FF:71:75:09
            X509v3 Authority Key Identifier:
                keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/zowY53G_g7Sj-ZZ5Ezl5xP9xdQk.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  113.21.88.0/21

    Signature Algorithm: sha256WithRSAEncryption
         49:bc:d4:c0:40:4c:c9:90:df:78:4a:7b:aa:bd:15:fb:c2:6d:
         4b:d6:87:0c:ac:7a:9e:5a:56:8f:51:3a:df:ab:04:de:d5:87:
         0c:25:e6:c5:45:78:03:c8:b0:da:35:08:67:42:fc:33:f4:c1:
         b6:0e:ff:bf:4d:57:62:89:dc:b1:70:8c:5e:fd:77:5a:cd:12:
         d7:32:c6:49:a0:11:3d:96:59:75:64:88:a1:68:52:54:f4:ed:
         d0:b8:94:84:7f:35:7d:b2:dc:5d:32:45:19:aa:fc:d9:10:52:
         51:d2:a7:c3:c1:88:67:52:e5:1a:7a:fb:a0:e8:9d:b9:ca:71:
         76:65:6e:30:70:0a:61:3f:f7:2c:95:87:52:99:88:a5:dd:85:
         f9:f9:8b:83:bd:a6:cd:cc:d6:fa:9f:7b:d7:90:4f:24:64:49:
         b0:8b:1b:1e:40:e6:b5:a2:f3:c3:27:e7:10:a5:4a:cd:2c:a8:
         2d:71:fd:51:1c:db:35:b6:41:38:0f:aa:95:12:da:3e:01:0c:
         32:9e:d9:f1:bd:e1:61:60:a5:80:e1:b8:61:9e:61:c2:cb:0f:
         89:d1:70:85:76:5d:0d:46:08:7d:7b:21:d3:42:25:2e:bd:1f:
         a9:39:0d:8e:c0:3e:cf:c8:93:e9:ac:b6:2a:aa:7d:18:ad:8f:
         96:7b:93:94
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICD5UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMzA5MDEw
ODI5MjBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKENFOEMxOEU3NzFCRjgz
QjRBM0Y5OTY3OTEzMzk3OUM0RkY3MTc1MDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8652NFvL1LfCQSMY8VYN+0+nF0N2wYXlWWFKGJALGtr5BaokD
tRuY0Wd2Uzv/QKmk3jwbWz72D4tqiy1teAniVPrzA1LetmizKE+6toClNVgtnp+H
IakxXTMYYCDk5kRRDFRPEQeYDabu4uB3NFJHQDLzTnbZHnnOcKplJyYTFAlRETNX
V0AVjyhpCwfT6K0V28SBh9/iGLBlXiyQjCqhNwtjgGXQ3vSyg/JV/nluOIaU1/CW
whpjeR5hElFA8NLuvr1ljRiuTyCSqnKNAJnl8zWWHXt1ATC39Yavh0rXvgBbu4Ek
m/Y9VCmNfXcXO95HDtTj7REzY2VBS/mt+UX7AgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUzowY53G/g7Sj+ZZ5Ezl5xP9xdQkwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy96b3dZNTNHX2c3U2ot
Wlo1RXpsNXhQOXhkUWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQDcRVYMA0GCSqGSIb3DQEBCwUAA4IBAQBJvNTAQEzJkN94SnuqvRX7wm1L1ocM
rHqeWlaPUTrfqwTe1YcMJebFRXgDyLDaNQhnQvwz9MG2Dv+/TVdiidyxcIxe/Xda
zRLXMsZJoBE9lll1ZIihaFJU9O3QuJSEfzV9stxdMkUZqvzZEFJR0qfDwYhnUuUa
evug6J25ynF2ZW4wcAphP/cslYdSmYil3YX5+YuDvabNzNb6n3vXkE8kZEmwixse
QOa1ovPDJ+cQpUrNLKgtcf1RHNs1tkE4D6qVEto+AQwyntnxveFhYKWA4bhhnmHC
yw+J0XCFdl0NRgh9eyHTQiUuvR+pOQ2OwD7PyJPprLYqqn0YrY+We5OU
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:11 2024 by rpki-client on console-ams.rpki-client.org