Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DWT/ITK9rzIBjFuSiNwSR569S0RNZD4.roa
File:                     ITK9rzIBjFuSiNwSR569S0RNZD4.roa (raw, json)
Hash identifier:          XywCrNQtb9upmtTDTPQGiRtg6AosnyRbaRqjxOpY3Ug=
Subject key identifier:   21:32:BD:AF:32:01:8C:5B:92:88:DC:12:47:9E:BD:4B:44:4D:64:3E
Certificate issuer:       /CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Certificate serial:       0E08
Authority key identifier: D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/ITK9rzIBjFuSiNwSR569S0RNZD4.roa
Signing time:             Fri 01 Sep 2023 08:36:23 +0000
ROA not before:           Fri 01 Sep 2023 08:36:23 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     24168
IP address blocks:        103.136.60.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3592 (0xe08)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
        Validity
            Not Before: Sep  1 08:36:23 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=2132BDAF32018C5B9288DC12479EBD4B444D643E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:c1:b4:fc:74:7c:9f:f0:78:89:a8:ad:38:91:
                    85:9b:90:f0:b4:c2:1a:28:d7:2d:82:d9:5f:a1:07:
                    6b:4e:78:d6:7d:5f:ab:03:4a:c9:76:a3:a6:d4:43:
                    09:8b:db:9a:d0:36:31:fb:6a:1f:9c:d4:e3:d1:aa:
                    b7:51:0c:e1:01:4e:f9:cb:af:6a:e0:9a:e3:7c:12:
                    93:64:05:cf:52:40:49:e3:fa:2d:eb:25:96:11:bc:
                    01:78:46:12:3e:ab:46:f0:7d:b0:9d:d6:9b:03:52:
                    59:7c:d7:c8:50:b9:f2:f8:b9:d6:38:b9:59:83:5b:
                    11:ec:ad:f9:ac:31:0e:7b:93:7a:3e:a6:3b:df:74:
                    da:29:60:18:73:29:6f:f2:ef:9a:15:05:06:b7:34:
                    4c:54:e7:59:b6:08:c7:7e:9e:d6:7d:88:cf:30:e5:
                    de:96:df:ec:8e:37:bd:6c:e1:5a:c3:0c:2a:8d:ee:
                    c9:05:5c:dd:ed:2a:be:bf:eb:a8:a5:ac:cc:65:88:
                    42:cf:3f:06:a8:e9:4a:8d:af:a1:29:fb:b6:36:dd:
                    36:8a:cd:b0:b2:04:ed:63:12:94:3a:05:b3:2a:c4:
                    82:da:91:c2:c8:0d:a6:da:74:d0:ed:e8:61:9f:45:
                    f9:fd:65:1a:55:9b:74:67:9f:0a:27:73:72:87:90:
                    73:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:32:BD:AF:32:01:8C:5B:92:88:DC:12:47:9E:BD:4B:44:4D:64:3E
            X509v3 Authority Key Identifier:
                keyid:D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/ITK9rzIBjFuSiNwSR569S0RNZD4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.136.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:47:d2:cf:f6:fe:55:6a:40:86:b6:3b:66:75:81:d7:17:e4:
         26:a7:db:9c:72:2b:f2:65:64:c7:ce:f2:93:92:87:99:ff:7e:
         5b:24:f0:70:f3:80:48:cc:91:69:c9:a9:3e:d4:86:1f:f7:62:
         fa:b6:3b:c8:6c:2b:30:bd:fc:36:13:7d:eb:10:e5:43:27:60:
         bb:02:7c:c9:a2:b0:75:2c:eb:74:11:f8:e1:3e:97:ae:48:11:
         77:20:a6:ac:e6:5a:01:7d:1b:70:1c:c7:ab:be:2a:fa:30:5b:
         09:e6:9c:6e:f2:e0:a6:dd:1d:11:11:b9:3f:bc:70:9b:79:7e:
         27:c2:01:f2:a3:8c:ae:1a:97:2e:2e:06:b8:15:44:a2:cd:34:
         27:e4:7f:ab:ba:e1:2c:a5:50:d7:4e:4d:fe:94:17:a1:f3:32:
         74:7a:10:e1:e3:92:ed:f5:92:f7:50:61:1c:71:cf:36:95:ef:
         49:3f:be:f0:64:52:53:7f:56:26:1c:8d:60:a3:3f:bb:8c:63:
         81:98:00:95:fc:45:60:96:bd:bd:35:8e:31:66:0c:64:42:0d:
         e6:62:5a:94:64:d6:4c:bb:bc:84:da:61:90:8a:c4:32:2e:e8:
         6f:c2:c8:99:44:eb:58:8c:c3:f4:df:aa:80:12:aa:42:eb:1f:
         8a:25:45:c7
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDggwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDRG
MEREMEY0RkI4MDEwMjVENTg2RUY5OTlDNUVFRTAyRDdDMjA1OTAeFw0yMzA5MDEw
ODM2MjNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDIxMzJCREFGMzIwMThD
NUI5Mjg4REMxMjQ3OUVCRDRCNDQ0RDY0M0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKwbT8dHyf8HiJqK04kYWbkPC0whoo1y2C2V+hB2tOeNZ9X6sD
Ssl2o6bUQwmL25rQNjH7ah+c1OPRqrdRDOEBTvnLr2rgmuN8EpNkBc9SQEnj+i3r
JZYRvAF4RhI+q0bwfbCd1psDUll818hQufL4udY4uVmDWxHsrfmsMQ57k3o+pjvf
dNopYBhzKW/y75oVBQa3NExU51m2CMd+ntZ9iM8w5d6W3+yON71s4VrDDCqN7skF
XN3tKr6/66ilrMxliELPPwao6UqNr6Ep+7Y23TaKzbCyBO1jEpQ6BbMqxILakcLI
DabadNDt6GGfRfn9ZRpVm3Rnnwonc3KHkHP3AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUITK9rzIBjFuSiNwSR569S0RNZD4wHwYDVR0jBBgwFoAU1PDdD0+4AQJdWG75
mcXu4C18IFkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFdULzFQ
RGREMC00QVFKZFdHNzVtY1h1NEMxOElGay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
MVBEZEQwLTRBUUpkV0c3NW1jWHU0QzE4SUZrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRFdUL0lUSzlyeklCakZ1U2lOd1NSNTY5UzBS
TlpENC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABniDwwDQYJ
KoZIhvcNAQELBQADggEBABpH0s/2/lVqQIa2O2Z1gdcX5Can25xyK/JlZMfO8pOS
h5n/flsk8HDzgEjMkWnJqT7Uhh/3Yvq2O8hsKzC9/DYTfesQ5UMnYLsCfMmisHUs
63QR+OE+l65IEXcgpqzmWgF9G3Acx6u+KvowWwnmnG7y4KbdHRERuT+8cJt5fifC
AfKjjK4aly4uBrgVRKLNNCfkf6u64SylUNdOTf6UF6HzMnR6EOHjku31kvdQYRxx
zzaV70k/vvBkUlN/ViYcjWCjP7uMY4GYAJX8RWCWvb01jjFmDGRCDeZiWpRk1ky7
vITaYZCKxDIu6G/CyJlE61iMw/TfqoASqkLrH4olRcc=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:18 2024 by rpki-client on console-fra.rpki-client.org