Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DOPPLER/dm-AQcgZAlPVwDIkGIsKgHV3AQ4.roa
File:                     dm-AQcgZAlPVwDIkGIsKgHV3AQ4.roa (raw, json)
Hash identifier:          a7KWPI90+0QD3BvqFm3wc4JOR5EwY1LkjDzu7qgc7UE=
Subject key identifier:   76:6F:80:41:C8:19:02:53:D5:C0:32:24:18:8B:0A:80:75:77:01:0E
Certificate issuer:       /CN=364776C68F9B6CDCA080E26B01F3187E072F5C99
Certificate serial:       0AE4
Authority key identifier: 36:47:76:C6:8F:9B:6C:DC:A0:80:E2:6B:01:F3:18:7E:07:2F:5C:99
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/Nkd2xo-bbNyggOJrAfMYfgcvXJk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/DOPPLER/dm-AQcgZAlPVwDIkGIsKgHV3AQ4.roa
Signing time:             Sun 07 Feb 2021 11:54:28 +0000
ROA not before:           Sun 07 Feb 2021 11:54:28 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     131669
IP address blocks:        103.140.110.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2788 (0xae4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=364776C68F9B6CDCA080E26B01F3187E072F5C99
        Validity
            Not Before: Feb  7 11:54:28 2021 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=766F8041C8190253D5C03224188B0A807577010E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:a2:77:97:72:fe:c4:ae:94:4b:4c:14:86:95:
                    2e:5e:77:c8:ad:45:22:aa:a0:b7:01:15:a9:9d:9b:
                    11:e2:8b:d9:e1:1a:46:01:85:f6:c7:24:6e:d1:58:
                    95:a6:a1:48:2d:31:42:e3:ce:64:99:f5:5c:cf:5d:
                    40:d2:4f:4e:a6:28:35:b7:14:6c:cd:78:b6:22:ec:
                    24:94:6c:de:51:a5:b2:34:75:71:e7:61:fd:e1:75:
                    cd:e4:7d:bd:9d:07:da:41:15:9a:b8:c5:3f:e6:12:
                    6f:d8:eb:1f:34:8c:ae:cf:59:70:d5:0c:21:25:54:
                    99:7f:11:9b:ff:ce:27:73:2e:8e:4a:41:af:50:8a:
                    3b:ab:ff:a3:eb:ad:46:c0:7b:76:2e:f5:3a:85:bc:
                    2b:7b:53:4c:3c:61:82:27:6e:75:b9:c0:2d:71:0d:
                    36:77:c6:e6:86:d6:82:b2:18:f8:fe:0e:95:44:2e:
                    db:a0:58:a8:5c:cc:15:dd:ac:60:b3:2e:39:fa:cc:
                    d4:e8:92:51:a7:81:d4:e0:6a:06:7c:aa:0f:22:f1:
                    4c:c8:7a:65:61:97:6b:d2:dd:dd:97:24:11:c0:a7:
                    6a:63:a8:78:d5:ad:7a:e1:1f:bf:12:36:6c:da:f0:
                    07:c3:a5:98:77:2d:e0:89:a3:c1:cf:12:8c:f5:32:
                    93:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:6F:80:41:C8:19:02:53:D5:C0:32:24:18:8B:0A:80:75:77:01:0E
            X509v3 Authority Key Identifier:
                keyid:36:47:76:C6:8F:9B:6C:DC:A0:80:E2:6B:01:F3:18:7E:07:2F:5C:99

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DOPPLER/Nkd2xo-bbNyggOJrAfMYfgcvXJk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Nkd2xo-bbNyggOJrAfMYfgcvXJk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DOPPLER/dm-AQcgZAlPVwDIkGIsKgHV3AQ4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.140.110.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:f7:31:45:d0:6c:88:18:b9:44:5a:e6:39:55:df:ae:28:8b:
         b4:61:cb:57:6a:c1:1f:cc:d3:30:99:5e:d8:61:3b:6d:d9:59:
         f6:87:4b:d7:87:69:36:66:f2:6a:01:05:1e:78:13:6f:9f:11:
         4e:55:d9:7a:49:28:79:9a:3c:05:5f:d3:c0:f3:9b:12:75:af:
         7d:85:65:41:4e:b8:9e:ca:c5:8b:f2:9d:90:73:60:c5:ad:2e:
         a4:8b:ed:2a:b1:8e:6e:2d:73:37:e6:2c:31:71:e8:bc:90:7d:
         dd:e5:0b:09:ea:d4:16:62:c0:58:e8:8f:a8:71:08:fc:1c:f6:
         eb:a5:46:dd:bc:67:79:0e:12:49:2b:4b:f0:34:d1:e8:4c:2c:
         d5:00:a6:a8:ec:2f:39:f3:09:d2:1e:8b:52:9e:1f:f9:5f:91:
         8e:4d:f4:55:f7:b7:eb:aa:85:b9:d4:e0:45:87:81:3a:8e:2d:
         2b:06:9b:3b:a5:1e:7b:e1:5c:a1:61:c7:3a:df:ce:84:a3:73:
         54:01:ee:02:78:20:3e:ed:27:5e:46:f5:3e:c8:4a:a7:c1:f7:
         be:a3:15:2a:4a:b8:6c:12:66:18:89:0f:a0:0b:90:2d:99:02:
         5d:d8:5c:6e:d6:04:87:d6:8d:a0:25:40:f3:48:04:36:4a:d9:
         7d:09:da:32
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCuQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzY0
Nzc2QzY4RjlCNkNEQ0EwODBFMjZCMDFGMzE4N0UwNzJGNUM5OTAeFw0yMTAyMDcx
MTU0MjhaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDc2NkY4MDQxQzgxOTAy
NTNENUMwMzIyNDE4OEIwQTgwNzU3NzAxMEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRoneXcv7ErpRLTBSGlS5ed8itRSKqoLcBFamdmxHii9nhGkYB
hfbHJG7RWJWmoUgtMULjzmSZ9VzPXUDST06mKDW3FGzNeLYi7CSUbN5RpbI0dXHn
Yf3hdc3kfb2dB9pBFZq4xT/mEm/Y6x80jK7PWXDVDCElVJl/EZv/zidzLo5KQa9Q
ijur/6PrrUbAe3Yu9TqFvCt7U0w8YYInbnW5wC1xDTZ3xuaG1oKyGPj+DpVELtug
WKhczBXdrGCzLjn6zNToklGngdTgagZ8qg8i8UzIemVhl2vS3d2XJBHAp2pjqHjV
rXrhH78SNmza8AfDpZh3LeCJo8HPEoz1MpOLAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUdm+AQcgZAlPVwDIkGIsKgHV3AQ4wHwYDVR0jBBgwFoAUNkd2xo+bbNyggOJr
AfMYfgcvXJkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE9QUExF
Ui9Oa2QyeG8tYmJOeWdnT0pyQWZNWWZnY3ZYSmsuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL05rZDJ4by1iYk55Z2dPSnJBZk1ZZmdjdlhKay5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0RPUFBMRVIvZG0tQVFjZ1pBbFBWd0RJ
a0dJc0tnSFYzQVE0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AGeMbjANBgkqhkiG9w0BAQsFAAOCAQEAXvcxRdBsiBi5RFrmOVXfriiLtGHLV2rB
H8zTMJle2GE7bdlZ9odL14dpNmbyagEFHngTb58RTlXZekkoeZo8BV/TwPObEnWv
fYVlQU64nsrFi/KdkHNgxa0upIvtKrGObi1zN+YsMXHovJB93eULCerUFmLAWOiP
qHEI/Bz266VG3bxneQ4SSStL8DTR6Ews1QCmqOwvOfMJ0h6LUp4f+V+Rjk30Vfe3
66qFudTgRYeBOo4tKwabO6Uee+FcoWHHOt/OhKNzVAHuAnggPu0nXkb1PshKp8H3
vqMVKkq4bBJmGIkPoAuQLZkCXdhcbtYEh9aNoCVA80gENkrZfQnaMg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org