Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/W3x6nAyHfVR5p7Mi97dSWr0UBeM.roa
File:                     W3x6nAyHfVR5p7Mi97dSWr0UBeM.roa (raw, json)
Hash identifier:          vST0UCN6rSP8kVH976lCjHf2Al+aB86xtKeUw1Tt1JU=
Subject key identifier:   5B:7C:7A:9C:0C:87:7D:54:79:A7:B3:22:F7:B7:52:5A:BD:14:05:E3
Certificate issuer:       /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial:       0E15
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/W3x6nAyHfVR5p7Mi97dSWr0UBeM.roa
Signing time:             Fri 01 Sep 2023 08:49:17 +0000
ROA not before:           Fri 01 Sep 2023 08:49:17 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     17809
IP address blocks:        113.61.160.0/20 maxlen: 20

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3605 (0xe15)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
        Validity
            Not Before: Sep  1 08:49:17 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=5B7C7A9C0C877D5479A7B322F7B7525ABD1405E3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:94:2f:af:c5:66:62:7c:d4:28:2f:0f:40:8e:
                    60:f2:04:b2:7b:b0:3f:9c:db:52:6c:cb:c0:16:cc:
                    78:4e:01:f7:db:fb:d4:19:21:21:e2:c9:93:1d:d6:
                    c4:96:c7:1a:ea:2f:66:36:56:36:f0:9a:8e:35:ba:
                    96:5a:41:1a:70:0f:a4:42:e4:0c:75:4e:2c:29:91:
                    ea:79:5b:c5:07:a1:51:a5:72:1d:59:6b:e5:1f:9d:
                    6e:31:21:01:7c:17:fb:90:94:77:2e:81:34:c7:be:
                    3d:41:09:54:52:d6:31:24:3c:3b:28:b3:49:0a:a7:
                    2b:eb:3e:55:0d:13:ad:69:ba:34:dd:1b:7f:10:2a:
                    3a:8f:10:73:2d:4b:dd:cc:31:f8:17:57:37:c5:55:
                    f3:d8:f8:ce:46:09:f4:af:dd:78:2c:98:7c:13:77:
                    39:13:2d:33:78:e8:a3:d8:76:36:69:23:93:b3:9f:
                    00:47:c0:63:57:4b:6d:8c:16:b5:d2:9c:5d:5c:b5:
                    d8:db:a9:3b:17:0a:88:56:7d:0d:8b:d2:74:86:80:
                    53:c4:87:40:12:7a:68:59:98:81:0f:08:9a:4b:24:
                    fa:c1:46:88:8c:5c:c8:c6:cc:95:69:66:67:ae:18:
                    ff:0c:03:11:d5:f9:8b:61:ea:60:d7:84:71:55:1f:
                    d7:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:7C:7A:9C:0C:87:7D:54:79:A7:B3:22:F7:B7:52:5A:BD:14:05:E3
            X509v3 Authority Key Identifier:
                keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/W3x6nAyHfVR5p7Mi97dSWr0UBeM.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  113.61.160.0/20

    Signature Algorithm: sha256WithRSAEncryption
         88:10:b2:5c:5f:3e:d2:c6:17:bb:ea:e8:e1:6a:73:95:2f:b7:
         18:fb:10:eb:6e:56:0d:5e:8d:38:30:d6:73:da:0a:d8:6a:07:
         3c:9c:48:bf:7a:3c:15:81:69:42:0d:b4:28:88:f0:06:d0:be:
         9b:77:63:e9:05:12:e3:c1:ab:e6:83:8b:e4:ed:48:d5:9e:a0:
         17:2c:be:3b:1c:0c:71:02:f2:a6:9f:e1:63:e6:a7:1f:9f:d1:
         da:58:3f:69:b0:16:e9:74:6f:7c:49:5e:0e:74:cf:c4:1e:3c:
         a5:4d:49:d7:e2:fd:7c:33:67:eb:ff:af:ce:12:2c:75:0f:c9:
         f0:4c:ae:c0:9a:84:f5:1a:8a:7b:3c:ab:53:cf:aa:1f:b8:df:
         1e:02:50:f3:00:03:c5:86:3d:ec:10:6c:aa:b4:62:9c:92:fe:
         f6:64:da:a9:ba:23:76:0c:30:b0:b2:50:6a:6c:a2:c2:c0:08:
         93:0f:f5:6b:04:13:58:41:a0:da:2e:95:23:4d:41:50:66:a2:
         bf:06:5f:33:ab:9f:ae:bb:ac:c2:a6:5f:bd:6d:ba:59:9c:24:
         4c:46:f9:3b:b3:95:e7:63:21:35:30:bc:c5:54:4f:12:64:de:
         de:40:f5:bf:fb:8e:88:48:df:06:f4:8e:e8:05:ee:df:da:72:
         e0:ed:f5:d2
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDhUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA5MDEw
ODQ5MTdaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDVCN0M3QTlDMEM4NzdE
NTQ3OUE3QjMyMkY3Qjc1MjVBQkQxNDA1RTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4lC+vxWZifNQoLw9AjmDyBLJ7sD+c21Jsy8AWzHhOAffb+9QZ
ISHiyZMd1sSWxxrqL2Y2Vjbwmo41upZaQRpwD6RC5Ax1Tiwpkep5W8UHoVGlch1Z
a+UfnW4xIQF8F/uQlHcugTTHvj1BCVRS1jEkPDsos0kKpyvrPlUNE61pujTdG38Q
KjqPEHMtS93MMfgXVzfFVfPY+M5GCfSv3XgsmHwTdzkTLTN46KPYdjZpI5OznwBH
wGNXS22MFrXSnF1ctdjbqTsXCohWfQ2L0nSGgFPEh0ASemhZmIEPCJpLJPrBRoiM
XMjGzJVpZmeuGP8MAxHV+Yth6mDXhHFVH9cLAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUW3x6nAyHfVR5p7Mi97dSWr0UBeMwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvVzN4Nm5BeUhmVlI1cDdNaTk3ZFNX
cjBVQmVNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBHE9oDAN
BgkqhkiG9w0BAQsFAAOCAQEAiBCyXF8+0sYXu+ro4WpzlS+3GPsQ625WDV6NODDW
c9oK2GoHPJxIv3o8FYFpQg20KIjwBtC+m3dj6QUS48Gr5oOL5O1I1Z6gFyy+OxwM
cQLypp/hY+anH5/R2lg/abAW6XRvfEleDnTPxB48pU1J1+L9fDNn6/+vzhIsdQ/J
8EyuwJqE9RqKezyrU8+qH7jfHgJQ8wADxYY97BBsqrRinJL+9mTaqbojdgwwsLJQ
amyiwsAIkw/1awQTWEGg2i6VI01BUGaivwZfM6ufrruswqZfvW26WZwkTEb5O7OV
52MhNTC8xVRPEmTe3kD1v/uOiEjfBvSO6AXu39py4O310g==
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:19 2024 by rpki-client on console-fra.rpki-client.org