Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/zPcSO9HSjVvDVWpXfF-2zMv7jWQ.roa
File:                     zPcSO9HSjVvDVWpXfF-2zMv7jWQ.roa (raw, json)
Hash identifier:          PWTxaqh+2Ov4rNz+6WLv99lbv1mQTG9CB3tcDnAuYX8=
Subject key identifier:   CC:F7:12:3B:D1:D2:8D:5B:C3:55:6A:57:7C:5F:B6:CC:CB:FB:8D:64
Certificate issuer:       /CN=A6ED14DB12101A125D3112DC4CC5602D30D8B477
Certificate serial:       0B4E
Authority key identifier: A6:ED:14:DB:12:10:1A:12:5D:31:12:DC:4C:C5:60:2D:30:D8:B4:77
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/pu0U2xIQGhJdMRLcTMVgLTDYtHc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/zPcSO9HSjVvDVWpXfF-2zMv7jWQ.roa
Signing time:             Fri 01 Sep 2023 08:35:11 +0000
ROA not before:           Fri 01 Sep 2023 08:35:11 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     131662
IP address blocks:        2403:a2c0::/32 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2894 (0xb4e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A6ED14DB12101A125D3112DC4CC5602D30D8B477
        Validity
            Not Before: Sep  1 08:35:11 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=CCF7123BD1D28D5BC3556A577C5FB6CCCBFB8D64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:a7:ec:76:e9:76:ab:0e:73:08:9a:a8:f6:ff:
                    21:1a:e7:84:55:f4:75:fc:40:09:ee:eb:86:f3:58:
                    e6:0f:94:68:60:29:a5:9d:9c:8f:d3:1f:31:3f:ab:
                    d2:12:14:26:5d:2e:a4:f8:67:f1:db:cc:65:6a:b5:
                    14:26:6d:c0:8f:12:6d:e8:3e:0c:73:16:eb:89:58:
                    2f:9c:1b:e9:17:3a:69:49:4c:34:c5:66:ed:e1:f0:
                    8a:7a:16:10:73:59:1d:a2:9d:0f:bc:b2:35:e6:b2:
                    9e:df:d9:86:7d:9a:53:17:62:29:9c:6f:d2:56:c3:
                    a1:0b:4c:e5:cc:d9:8d:ab:f5:cc:14:9a:bf:1d:2d:
                    0f:c2:12:14:ed:62:0f:a3:6e:00:26:1d:0d:f9:46:
                    a2:27:60:d1:ee:7a:c2:70:8f:9b:d4:c3:5c:00:bd:
                    da:2f:91:b8:18:d4:27:f7:96:55:4a:f9:df:f9:d6:
                    51:fc:72:ed:c7:54:2c:e6:e9:da:33:59:66:88:af:
                    95:58:c0:40:bb:14:a7:70:17:a2:c7:74:2b:68:0d:
                    c7:0e:59:da:6f:0a:be:ef:59:63:0a:01:d7:94:26:
                    d5:06:6b:cc:1d:f3:ae:58:10:6f:b2:8a:ca:3d:1a:
                    c9:6b:45:19:85:1c:21:8a:a2:28:66:98:f0:82:4b:
                    35:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:F7:12:3B:D1:D2:8D:5B:C3:55:6A:57:7C:5F:B6:CC:CB:FB:8D:64
            X509v3 Authority Key Identifier:
                keyid:A6:ED:14:DB:12:10:1A:12:5D:31:12:DC:4C:C5:60:2D:30:D8:B4:77

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/pu0U2xIQGhJdMRLcTMVgLTDYtHc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/pu0U2xIQGhJdMRLcTMVgLTDYtHc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/zPcSO9HSjVvDVWpXfF-2zMv7jWQ.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2403:a2c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         aa:74:06:8c:b2:45:37:95:c5:f1:b0:bd:24:43:13:13:ab:d6:
         c6:d9:87:ce:f0:81:68:33:47:12:4c:5f:d5:22:86:86:20:58:
         83:7e:3d:c0:17:9d:e4:98:17:d4:d3:fd:0e:ab:e8:c6:45:20:
         eb:9c:3e:aa:b6:35:6e:ca:0f:31:2a:ad:73:84:e1:e1:c2:85:
         91:32:f9:f0:a9:92:f3:63:68:c3:95:2e:01:ac:2a:12:95:7c:
         4f:d3:25:69:3d:72:0a:e4:44:3d:6b:62:c3:c0:dc:e2:ae:37:
         06:fd:ea:f3:42:c0:5c:e7:eb:b7:cb:81:88:35:da:39:00:31:
         2c:e7:c2:7a:01:a7:7e:c4:8a:23:1d:82:50:14:cc:34:45:4b:
         d5:de:07:da:0a:dc:b1:59:eb:68:9b:3a:8d:95:a5:fa:7c:c7:
         92:ec:0f:f8:11:30:ac:ff:b4:45:c8:c4:8b:f2:86:04:d0:86:
         ec:0b:75:46:ad:57:4d:be:35:36:32:03:20:f1:a2:4c:9f:11:
         b3:e8:fe:d2:b6:74:67:78:0d:72:dd:62:3e:96:83:5c:e0:7c:
         bb:81:98:99:c2:0b:dc:f4:dc:04:57:86:7d:dc:ea:f5:2d:16:
         37:dd:17:ad:28:de:67:cd:36:cd:ff:dc:22:70:22:e9:88:45:
         d7:0f:b1:35
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICC04wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTZF
RDE0REIxMjEwMUExMjVEMzExMkRDNENDNTYwMkQzMEQ4QjQ3NzAeFw0yMzA5MDEw
ODM1MTFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKENDRjcxMjNCRDFEMjhE
NUJDMzU1NkE1NzdDNUZCNkNDQ0JGQjhENjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPp+x26XarDnMImqj2/yEa54RV9HX8QAnu64bzWOYPlGhgKaWd
nI/THzE/q9ISFCZdLqT4Z/HbzGVqtRQmbcCPEm3oPgxzFuuJWC+cG+kXOmlJTDTF
Zu3h8Ip6FhBzWR2inQ+8sjXmsp7f2YZ9mlMXYimcb9JWw6ELTOXM2Y2r9cwUmr8d
LQ/CEhTtYg+jbgAmHQ35RqInYNHuesJwj5vUw1wAvdovkbgY1Cf3llVK+d/51lH8
cu3HVCzm6dozWWaIr5VYwEC7FKdwF6LHdCtoDccOWdpvCr7vWWMKAdeUJtUGa8wd
865YEG+yiso9GslrRRmFHCGKoihmmPCCSzUbAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUzPcSO9HSjVvDVWpXfF+2zMv7jWQwHwYDVR0jBBgwFoAUpu0U2xIQGhJdMRLc
TMVgLTDYtHcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvREVOUEFJ
Ty9wdTBVMnhJUUdoSmRNUkxjVE1WZ0xURFl0SGMuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL3B1MFUyeElRR2hKZE1STGNUTVZnTFREWXRIYy5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0RFTlBBSU8velBjU085SFNqVnZEVldw
WGZGLTJ6TXY3aldRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMF
ACQDosAwDQYJKoZIhvcNAQELBQADggEBAKp0BoyyRTeVxfGwvSRDExOr1sbZh87w
gWgzRxJMX9UihoYgWIN+PcAXneSYF9TT/Q6r6MZFIOucPqq2NW7KDzEqrXOE4eHC
hZEy+fCpkvNjaMOVLgGsKhKVfE/TJWk9cgrkRD1rYsPA3OKuNwb96vNCwFzn67fL
gYg12jkAMSznwnoBp37EiiMdglAUzDRFS9XeB9oK3LFZ62ibOo2Vpfp8x5LsD/gR
MKz/tEXIxIvyhgTQhuwLdUatV02+NTYyAyDxokyfEbPo/tK2dGd4DXLdYj6Wg1zg
fLuBmJnCC9z03ARXhn3c6vUtFjfdF60o3mfNNs3/3CJwIumIRdcPsTU=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:18 2024 by rpki-client on console-fra.rpki-client.org