Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/yodrP6CR_f6GLh3WHrRlDh91j9w.roa
File:                     yodrP6CR_f6GLh3WHrRlDh91j9w.roa (raw, json)
Hash identifier:          /16gcKn69MGfdypxYKkHw5J8ehoTjAAkB6TBuT4nZZ4=
Subject key identifier:   CA:87:6B:3F:A0:91:FD:FE:86:2E:1D:D6:1E:B4:65:0E:1F:75:8F:DC
Certificate issuer:       /CN=0C78961642A04BE132708DB193D7BA916B2B67CB
Certificate serial:       0B8D
Authority key identifier: 0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/yodrP6CR_f6GLh3WHrRlDh91j9w.roa
Signing time:             Fri 01 Sep 2023 08:35:39 +0000
ROA not before:           Fri 01 Sep 2023 08:35:39 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     131597
IP address blocks:        61.65.232.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2957 (0xb8d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0C78961642A04BE132708DB193D7BA916B2B67CB
        Validity
            Not Before: Sep  1 08:35:39 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=CA876B3FA091FDFE862E1DD61EB4650E1F758FDC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:c0:4b:cf:b5:ed:c2:2d:72:9f:ca:a4:33:91:
                    cb:68:00:42:27:17:2f:04:34:c3:a4:75:f9:3f:99:
                    91:7b:f9:4b:ce:2e:52:2f:41:62:e4:a6:b4:6d:e1:
                    9f:fa:78:24:a7:67:4e:fa:5f:8a:bd:b8:ff:1c:31:
                    cf:2b:88:03:c4:ef:7f:62:8c:8b:d0:2a:73:5a:2f:
                    86:72:9a:60:b0:31:34:24:21:21:33:00:d8:06:80:
                    75:e1:bb:86:55:61:b2:ed:9b:86:a9:38:cc:c0:05:
                    1c:61:ac:d9:6a:32:76:df:9c:07:04:94:12:3e:e1:
                    4c:b1:5c:cb:e8:3a:08:34:43:a0:d5:b5:dc:f2:1a:
                    6d:76:b7:5c:21:33:f7:6d:ac:b3:40:eb:9a:fb:56:
                    a0:9d:a4:48:44:6d:1d:8a:51:8b:7c:fa:71:af:35:
                    27:b7:f7:17:5a:d0:f8:25:21:60:c3:bc:3f:22:fd:
                    8d:5e:49:e3:b7:b3:6f:cf:e3:ca:d0:3c:6b:fb:2a:
                    72:0c:0e:6e:f8:6a:30:b8:13:6d:0b:57:83:40:67:
                    70:5e:2d:ad:55:56:81:2a:10:50:f1:3d:e7:61:7f:
                    43:c7:06:36:29:30:d7:7d:19:d1:8b:77:e7:a5:95:
                    57:38:3f:68:ac:11:1f:27:43:0f:62:e6:a7:a1:7a:
                    60:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:87:6B:3F:A0:91:FD:FE:86:2E:1D:D6:1E:B4:65:0E:1F:75:8F:DC
            X509v3 Authority Key Identifier:
                keyid:0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/DHiWFkKgS-EycI2xk9e6kWsrZ8s.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/yodrP6CR_f6GLh3WHrRlDh91j9w.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.65.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         02:12:6a:5e:87:71:70:09:cc:42:2c:ba:2e:42:50:b8:79:da:
         06:0f:61:3f:89:91:d5:33:f2:14:02:6c:df:ad:13:7c:88:30:
         f6:b2:ce:43:b6:1d:05:d8:b9:ee:44:8d:8d:8e:69:2d:3b:fe:
         07:31:bb:7b:19:57:38:ab:ef:2a:50:e8:59:c2:50:80:ab:9e:
         f8:f2:f4:b4:dc:c8:39:e5:9c:d0:62:c0:8c:53:7a:55:8b:22:
         6b:94:30:34:3f:7c:ba:4d:2b:4d:1c:16:3a:0b:6c:36:fb:3c:
         b0:8b:52:22:fe:96:3b:32:6c:a6:c3:b3:b7:a7:c8:2f:f9:46:
         13:db:3a:cf:9d:fd:d2:aa:28:8b:11:78:56:b8:e9:4f:e6:46:
         0a:26:72:12:f0:bb:95:a8:ab:d5:4f:04:92:e4:f5:59:8e:34:
         91:e3:1f:4a:bb:c1:ef:a5:1c:c1:c1:72:bc:f5:c7:e6:ca:85:
         16:33:0b:ab:70:3d:27:5b:cc:54:72:b2:18:35:b7:b0:b0:62:
         76:37:5c:77:a9:d7:07:52:4f:84:99:23:6c:a2:f2:32:11:a1:
         8e:ba:be:aa:58:fc:37:23:00:55:7a:e3:72:3c:6b:ba:a2:0c:
         8a:c1:e4:31:eb:ee:db:9a:b8:06:10:64:5f:49:3b:84:da:41:
         b6:bc:51:5f
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICC40wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEM3
ODk2MTY0MkEwNEJFMTMyNzA4REIxOTNEN0JBOTE2QjJCNjdDQjAeFw0yMzA5MDEw
ODM1MzlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKENBODc2QjNGQTA5MUZE
RkU4NjJFMURENjFFQjQ2NTBFMUY3NThGREMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwwEvPte3CLXKfyqQzkctoAEInFy8ENMOkdfk/mZF7+UvOLlIv
QWLkprRt4Z/6eCSnZ076X4q9uP8cMc8riAPE739ijIvQKnNaL4ZymmCwMTQkISEz
ANgGgHXhu4ZVYbLtm4apOMzABRxhrNlqMnbfnAcElBI+4UyxXMvoOgg0Q6DVtdzy
Gm12t1whM/dtrLNA65r7VqCdpEhEbR2KUYt8+nGvNSe39xda0PglIWDDvD8i/Y1e
SeO3s2/P48rQPGv7KnIMDm74ajC4E20LV4NAZ3BeLa1VVoEqEFDxPedhf0PHBjYp
MNd9GdGLd+ellVc4P2isER8nQw9i5qehemAVAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUyodrP6CR/f6GLh3WHrRlDh91j9wwHwYDVR0jBBgwFoAUDHiWFkKgS+EycI2x
k9e6kWsrZ8swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE9OR0ZP
TkcvREhpV0ZrS2dTLUV5Y0kyeGs5ZTZrV3NyWjhzLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9ESGlXRmtLZ1MtRXljSTJ4azllNmtXc3JaOHMuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ET05HRk9ORy95b2RyUDZDUl9mNkdM
aDNXSHJSbERoOTFqOXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCPUHoMA0GCSqGSIb3DQEBCwUAA4IBAQACEmpeh3FwCcxCLLouQlC4edoGD2E/
iZHVM/IUAmzfrRN8iDD2ss5Dth0F2LnuRI2NjmktO/4HMbt7GVc4q+8qUOhZwlCA
q5748vS03Mg55ZzQYsCMU3pViyJrlDA0P3y6TStNHBY6C2w2+zywi1Ii/pY7Mmym
w7O3p8gv+UYT2zrPnf3SqiiLEXhWuOlP5kYKJnIS8LuVqKvVTwSS5PVZjjSR4x9K
u8HvpRzBwXK89cfmyoUWMwurcD0nW8xUcrIYNbewsGJ2N1x3qdcHUk+EmSNsovIy
EaGOur6qWPw3IwBVeuNyPGu6ogyKweQx6+7bmrgGEGRfSTuE2kG2vFFf
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:12 2024 by rpki-client on console-ams.rpki-client.org