Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/NpYdzitzuqnJb8NM4fduKPm2Gh8.roa
File:                     NpYdzitzuqnJb8NM4fduKPm2Gh8.roa (raw, json)
Hash identifier:          lCSElaYAoDOUg0IZ30WVcGFmSuLBeqRRLiqQ+7CenWc=
Subject key identifier:   36:96:1D:CE:2B:73:BA:A9:C9:6F:C3:4C:E1:F7:6E:28:F9:B6:1A:1F
Certificate issuer:       /CN=0C78961642A04BE132708DB193D7BA916B2B67CB
Certificate serial:       0B93
Authority key identifier: 0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/NpYdzitzuqnJb8NM4fduKPm2Gh8.roa
Signing time:             Fri 01 Sep 2023 08:35:40 +0000
ROA not before:           Fri 01 Sep 2023 08:35:40 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     198949
IP address blocks:        61.65.237.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2963 (0xb93)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0C78961642A04BE132708DB193D7BA916B2B67CB
        Validity
            Not Before: Sep  1 08:35:40 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=36961DCE2B73BAA9C96FC34CE1F76E28F9B61A1F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:da:08:49:e5:e1:4a:25:e8:ce:27:cb:24:23:
                    51:06:ea:22:b6:04:9d:47:14:c7:e4:bc:c9:a5:2a:
                    1b:51:ad:ce:ea:4b:58:82:72:06:fe:8a:d1:c0:04:
                    5f:b0:cd:d7:95:63:62:73:a9:c7:5e:51:12:ef:70:
                    00:ec:0f:4d:e2:5f:ef:7e:06:f4:5e:47:9a:38:e1:
                    af:94:17:5c:dc:e4:b1:1a:97:d0:1a:62:20:fb:4a:
                    05:16:97:da:52:14:10:1c:f7:1d:1d:09:6b:b7:d4:
                    0f:e5:d1:e5:66:60:42:31:bf:03:82:ce:c8:11:d3:
                    bc:43:cc:f4:8e:ae:8c:94:6b:e4:3f:99:30:d3:be:
                    d4:ec:85:14:a4:88:24:3b:7c:f9:a6:36:ff:5b:3e:
                    f3:9b:a6:4e:15:b2:31:64:fd:ba:06:ff:03:da:ba:
                    ee:08:e2:0c:aa:ef:94:80:32:3f:d2:93:a9:36:ef:
                    cb:08:fc:61:76:bd:c1:61:65:a8:37:71:f4:f0:45:
                    55:de:6c:da:6a:4a:5c:af:b5:77:69:b8:07:90:f1:
                    3b:39:7f:3b:54:1c:cc:4e:1c:77:c9:24:b0:7f:fd:
                    b7:f5:2d:17:7b:a1:50:cf:87:4b:33:9c:ef:3e:fc:
                    4a:86:1c:fa:91:57:90:a0:14:2a:a7:bd:51:f0:b1:
                    e0:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:96:1D:CE:2B:73:BA:A9:C9:6F:C3:4C:E1:F7:6E:28:F9:B6:1A:1F
            X509v3 Authority Key Identifier:
                keyid:0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/DHiWFkKgS-EycI2xk9e6kWsrZ8s.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/NpYdzitzuqnJb8NM4fduKPm2Gh8.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.65.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a9:3e:bc:0e:5b:78:a9:5f:6e:6f:fb:d5:94:85:c0:ab:0b:79:
         32:ac:84:b7:88:28:93:ac:15:19:64:d4:7e:48:f4:d6:8b:60:
         d6:d3:1d:ca:d9:c9:c9:5f:df:77:64:4c:1b:70:66:c2:29:e7:
         65:81:59:e8:b0:fc:8c:51:a2:cb:b6:ac:f9:64:01:2d:78:9b:
         48:a7:88:95:c7:83:b9:d1:c4:1e:de:99:ba:43:50:6f:78:a1:
         b5:c4:68:cb:9d:a5:9f:6f:e9:27:e7:28:d1:a9:ec:fe:3c:ee:
         84:38:9b:d2:64:18:76:a7:54:22:be:eb:5d:75:e4:f6:4a:72:
         25:2d:06:d5:55:da:81:05:9e:33:f6:ef:a9:e5:a5:92:c8:c0:
         28:6a:68:76:70:5f:35:99:66:a6:d0:5d:29:82:13:56:31:02:
         be:ef:16:37:2e:01:86:8a:e8:e4:14:e0:ef:99:6b:48:ab:49:
         d2:19:e9:ee:bf:44:f5:e3:82:6c:fb:64:93:f9:6e:ae:23:40:
         5c:a2:ba:84:63:0e:fd:49:07:f4:13:3b:96:8c:a2:44:6b:67:
         26:2e:58:3e:f1:77:9f:d3:c9:14:e9:52:1f:51:47:a7:ab:a4:
         cc:70:10:a0:63:93:13:8c:95:2a:dd:cc:5e:00:34:ea:f0:46:
         46:7a:9b:2d
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICC5MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEM3
ODk2MTY0MkEwNEJFMTMyNzA4REIxOTNEN0JBOTE2QjJCNjdDQjAeFw0yMzA5MDEw
ODM1NDBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDM2OTYxRENFMkI3M0JB
QTlDOTZGQzM0Q0UxRjc2RTI4RjlCNjFBMUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDD2ghJ5eFKJejOJ8skI1EG6iK2BJ1HFMfkvMmlKhtRrc7qS1iC
cgb+itHABF+wzdeVY2JzqcdeURLvcADsD03iX+9+BvReR5o44a+UF1zc5LEal9Aa
YiD7SgUWl9pSFBAc9x0dCWu31A/l0eVmYEIxvwOCzsgR07xDzPSOroyUa+Q/mTDT
vtTshRSkiCQ7fPmmNv9bPvObpk4VsjFk/boG/wPauu4I4gyq75SAMj/Sk6k278sI
/GF2vcFhZag3cfTwRVXebNpqSlyvtXdpuAeQ8Ts5fztUHMxOHHfJJLB//bf1LRd7
oVDPh0sznO8+/EqGHPqRV5CgFCqnvVHwseBrAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUNpYdzitzuqnJb8NM4fduKPm2Gh8wHwYDVR0jBBgwFoAUDHiWFkKgS+EycI2x
k9e6kWsrZ8swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE9OR0ZP
TkcvREhpV0ZrS2dTLUV5Y0kyeGs5ZTZrV3NyWjhzLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9ESGlXRmtLZ1MtRXljSTJ4azllNmtXc3JaOHMuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ET05HRk9ORy9OcFlkeml0enVxbkpi
OE5NNGZkdUtQbTJHaDgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAPUHtMA0GCSqGSIb3DQEBCwUAA4IBAQCpPrwOW3ipX25v+9WUhcCrC3kyrIS3
iCiTrBUZZNR+SPTWi2DW0x3K2cnJX993ZEwbcGbCKedlgVnosPyMUaLLtqz5ZAEt
eJtIp4iVx4O50cQe3pm6Q1BveKG1xGjLnaWfb+kn5yjRqez+PO6EOJvSZBh2p1Qi
vutddeT2SnIlLQbVVdqBBZ4z9u+p5aWSyMAoamh2cF81mWam0F0pghNWMQK+7xY3
LgGGiujkFODvmWtIq0nSGenuv0T144Js+2ST+W6uI0BcorqEYw79SQf0EzuWjKJE
a2cmLlg+8Xef08kU6VIfUUenq6TMcBCgY5MTjJUq3cxeADTq8EZGepst
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:18 2024 by rpki-client on console-fra.rpki-client.org