Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CYCCATV/2QyLE2_J7bvJ8cS7iDNJRDmNpTM.roa
File:                     2QyLE2_J7bvJ8cS7iDNJRDmNpTM.roa (raw, json)
Hash identifier:          85aL8sUIKSM9oiVWr8S3iiDrRF6qXgCypyd6WHiNafk=
Subject key identifier:   D9:0C:8B:13:6F:C9:ED:BB:C9:F1:C4:BB:88:33:49:44:39:8D:A5:33
Certificate issuer:       /CN=6FDEA34707152290C1D2606FFBFC69B927D40A5B
Certificate serial:       0B7A
Authority key identifier: 6F:DE:A3:47:07:15:22:90:C1:D2:60:6F:FB:FC:69:B9:27:D4:0A:5B
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/b96jRwcVIpDB0mBv-_xpuSfUCls.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CYCCATV/2QyLE2_J7bvJ8cS7iDNJRDmNpTM.roa
Signing time:             Tue 31 Oct 2023 07:33:13 +0000
ROA not before:           Tue 31 Oct 2023 07:33:13 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     18046
IP address blocks:        103.130.36.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2938 (0xb7a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6FDEA34707152290C1D2606FFBFC69B927D40A5B
        Validity
            Not Before: Oct 31 07:33:13 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=D90C8B136FC9EDBBC9F1C4BB88334944398DA533
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:6e:a6:77:5b:c5:0b:5f:40:e7:7a:83:8c:d7:
                    5a:7d:7b:f5:9b:fd:a8:47:e9:50:f2:e4:c0:92:b6:
                    3c:3d:b4:c2:70:be:41:ea:39:ae:32:ed:06:24:2f:
                    7b:97:f7:8c:9d:79:2d:b6:3e:9c:00:31:2f:e7:cd:
                    68:b4:82:f3:ce:8d:47:6a:b5:42:6c:f1:4a:2b:12:
                    dd:2f:6c:57:f1:0e:57:78:1f:a6:f2:73:97:ca:55:
                    f2:45:96:46:10:23:9b:85:62:e3:1b:07:a1:c3:05:
                    2b:23:79:ce:6b:85:ac:4a:d6:ca:99:81:7c:80:12:
                    d5:50:1f:fc:cd:ea:bf:2b:c8:d4:de:1e:c4:e0:70:
                    1d:7b:99:a5:68:2c:d6:c0:3c:f8:c1:ac:60:7b:9f:
                    9d:31:dc:70:13:d0:25:fa:f5:bf:c5:0a:5a:4a:54:
                    96:88:23:d1:ce:f2:62:51:99:3c:10:70:c3:7e:73:
                    e0:fc:bb:d1:29:96:23:10:01:77:36:16:6d:92:8b:
                    5a:e8:50:ff:2f:5c:33:a1:17:02:4a:86:e2:9d:c3:
                    17:e2:48:34:bc:c3:ef:b4:6c:5d:da:12:f8:77:f0:
                    f3:9d:48:c6:c5:6b:68:a7:88:58:9e:02:bb:85:8d:
                    f2:e8:7f:c7:08:41:4b:7a:b6:21:4f:18:ec:ad:c6:
                    1e:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:0C:8B:13:6F:C9:ED:BB:C9:F1:C4:BB:88:33:49:44:39:8D:A5:33
            X509v3 Authority Key Identifier:
                keyid:6F:DE:A3:47:07:15:22:90:C1:D2:60:6F:FB:FC:69:B9:27:D4:0A:5B

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CYCCATV/b96jRwcVIpDB0mBv-_xpuSfUCls.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/b96jRwcVIpDB0mBv-_xpuSfUCls.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CYCCATV/2QyLE2_J7bvJ8cS7iDNJRDmNpTM.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.130.36.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ae:e2:2d:37:c4:5b:6d:94:89:5d:30:03:59:26:da:f4:6d:8e:
         71:5a:6f:e1:74:5f:0d:81:d5:ff:e4:f0:46:3a:5a:d2:5a:23:
         6d:bd:d3:79:7e:66:60:64:63:ed:60:d9:51:52:86:8a:51:63:
         c9:d8:3a:a5:8d:f5:df:f6:51:20:93:d9:d6:04:9d:a7:be:20:
         e5:a1:d7:4f:b8:39:cc:67:36:ef:c1:43:5b:2a:55:02:3d:6f:
         81:55:9b:fd:c6:cf:c2:31:88:d9:e5:aa:40:6c:14:b0:91:26:
         8b:ca:c7:fb:4c:ab:5b:1d:83:52:a9:65:d7:8a:4f:84:b9:25:
         2f:de:18:8c:81:e3:6a:37:ef:b1:51:5a:04:32:fa:e5:5c:64:
         07:9b:c8:90:ce:97:ab:79:70:4d:15:65:ed:c5:a4:3f:e5:9d:
         77:5b:21:54:ce:4a:4f:63:de:f2:2f:6c:9a:c4:96:45:6b:57:
         98:36:00:24:e3:06:58:30:7e:ae:18:15:9d:df:a5:a9:99:93:
         49:84:fb:e4:75:2e:fe:5f:e6:3c:3d:e3:6f:9a:80:75:f0:09:
         82:0c:93:f0:0b:4b:94:db:f1:af:5a:a8:76:17:2a:ae:21:b4:
         a2:2a:03:79:b5:f3:8d:4e:18:5c:23:66:d0:25:b0:6d:7e:ae:
         9f:ad:e4:e3
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICC3owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkZE
RUEzNDcwNzE1MjI5MEMxRDI2MDZGRkJGQzY5QjkyN0Q0MEE1QjAeFw0yMzEwMzEw
NzMzMTNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEQ5MEM4QjEzNkZDOUVE
QkJDOUYxQzRCQjg4MzM0OTQ0Mzk4REE1MzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqbqZ3W8ULX0DneoOM11p9e/Wb/ahH6VDy5MCStjw9tMJwvkHq
Oa4y7QYkL3uX94ydeS22PpwAMS/nzWi0gvPOjUdqtUJs8UorEt0vbFfxDld4H6by
c5fKVfJFlkYQI5uFYuMbB6HDBSsjec5rhaxK1sqZgXyAEtVQH/zN6r8ryNTeHsTg
cB17maVoLNbAPPjBrGB7n50x3HAT0CX69b/FClpKVJaII9HO8mJRmTwQcMN+c+D8
u9EpliMQAXc2Fm2Si1roUP8vXDOhFwJKhuKdwxfiSDS8w++0bF3aEvh38POdSMbF
a2iniFieAruFjfLof8cIQUt6tiFPGOytxh4rAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU2QyLE2/J7bvJ8cS7iDNJRDmNpTMwHwYDVR0jBBgwFoAUb96jRwcVIpDB0mBv
+/xpuSfUClswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ1lDQ0FU
Vi9iOTZqUndjVklwREIwbUJ2LV94cHVTZlVDbHMuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL2I5NmpSd2NWSXBEQjBtQnYtX3hwdVNmVUNscy5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NZQ0NBVFYvMlF5TEUyX0o3YnZKOGNT
N2lETkpSRG1OcFRNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AmeCJDANBgkqhkiG9w0BAQsFAAOCAQEAruItN8RbbZSJXTADWSba9G2OcVpv4XRf
DYHV/+TwRjpa0lojbb3TeX5mYGRj7WDZUVKGilFjydg6pY313/ZRIJPZ1gSdp74g
5aHXT7g5zGc278FDWypVAj1vgVWb/cbPwjGI2eWqQGwUsJEmi8rH+0yrWx2DUqll
14pPhLklL94YjIHjajfvsVFaBDL65VxkB5vIkM6Xq3lwTRVl7cWkP+Wdd1shVM5K
T2Pe8i9smsSWRWtXmDYAJOMGWDB+rhgVnd+lqZmTSYT75HUu/l/mPD3jb5qAdfAJ
ggyT8AtLlNvxr1qodhcqriG0oioDebXzjU4YXCNm0CWwbX6un63k4w==
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:11 2024 by rpki-client on console-ams.rpki-client.org