Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/xY5tGpx_ToGIpbGTamqYKnI2ClY.roa
File:                     xY5tGpx_ToGIpbGTamqYKnI2ClY.roa (raw, json)
Hash identifier:          uBK7MvLerH93KDF9xeOqyoXRB5tHCwTOwfdOVpCHmdU=
Subject key identifier:   C5:8E:6D:1A:9C:7F:4E:81:88:A5:B1:93:6A:6A:98:2A:72:36:0A:56
Certificate issuer:       /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial:       0E43
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/xY5tGpx_ToGIpbGTamqYKnI2ClY.roa
Signing time:             Fri 01 Sep 2023 08:49:29 +0000
ROA not before:           Fri 01 Sep 2023 08:49:29 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     17809
IP address blocks:        203.217.96.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3651 (0xe43)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
        Validity
            Not Before: Sep  1 08:49:29 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=C58E6D1A9C7F4E8188A5B1936A6A982A72360A56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:d8:1e:ec:32:47:95:93:97:c5:0f:15:e0:d2:
                    40:35:0b:d3:93:37:85:8a:43:78:c8:11:04:72:fd:
                    d5:46:ea:0a:6e:c0:e6:d1:4d:c4:d1:67:7a:b0:dd:
                    25:32:e7:d3:ef:02:06:ef:bd:a7:e9:8b:9d:98:3e:
                    23:05:7a:e5:cc:30:91:89:0d:42:29:e5:31:49:69:
                    c0:15:df:0b:0d:c2:1a:f5:63:f5:b9:38:f6:a4:ef:
                    74:be:e0:2b:ad:e2:c9:42:1b:99:a3:05:86:29:66:
                    4d:9c:28:f3:48:b7:d0:8a:25:2a:1b:ff:19:5f:98:
                    4b:1e:cc:0c:ba:c4:70:7c:b1:c9:39:91:90:4a:70:
                    8b:23:2c:51:c2:58:6e:6a:05:be:90:1e:94:ad:da:
                    ec:a3:e0:9d:da:57:c8:6b:ce:39:76:38:3d:4e:e3:
                    60:22:5f:4c:f9:86:81:c3:e8:06:86:7c:a3:de:66:
                    1e:83:d1:4f:ae:77:49:1a:7e:95:6a:95:3e:ff:29:
                    5f:6f:1c:89:49:83:05:69:eb:41:c4:2d:e6:bf:12:
                    43:c3:07:7e:76:7e:5d:55:9c:71:98:f5:7c:2a:5f:
                    19:43:5b:79:33:3a:45:b3:ae:c6:fd:1a:3e:7e:ac:
                    f4:47:4d:f8:a1:d0:68:6a:b3:9a:7f:3f:5f:91:5e:
                    be:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:8E:6D:1A:9C:7F:4E:81:88:A5:B1:93:6A:6A:98:2A:72:36:0A:56
            X509v3 Authority Key Identifier:
                keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/xY5tGpx_ToGIpbGTamqYKnI2ClY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.217.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6b:15:59:e3:b5:b6:e7:74:fe:e5:23:34:ca:a6:ed:36:f8:ea:
         31:74:99:f8:d3:be:8c:a9:15:67:f7:a9:d6:fb:ab:2c:8b:5f:
         d9:a8:fc:98:c3:f7:9f:9c:e4:69:db:68:f8:27:ef:31:33:2a:
         fe:59:e6:6a:b1:df:bc:ae:98:96:57:23:c5:ea:02:b6:0c:2a:
         de:86:51:e0:81:b8:28:6a:ca:a8:fb:bd:9a:3e:e0:c3:70:ed:
         d3:ec:73:36:0c:5b:c5:2e:41:53:6d:ad:d9:65:ca:84:bf:72:
         db:a5:1c:69:df:67:0e:17:5f:6e:b4:8e:ae:fe:ba:4a:7f:99:
         69:be:d3:07:ef:5e:cc:96:4b:09:52:d9:5e:6a:79:7e:fc:13:
         46:cd:8c:ab:66:75:fd:f8:9c:46:e5:a4:6e:6f:34:e1:08:c0:
         83:17:e5:01:f7:95:26:57:ec:91:0b:6a:df:6c:64:73:00:b2:
         2d:07:ec:2d:4a:91:10:4a:3e:fe:db:e6:23:5f:a1:9a:7f:e3:
         09:de:5d:46:7b:c5:fa:2a:94:af:51:b5:e6:a6:8e:10:c6:1b:
         0b:28:a4:aa:58:ab:80:7f:88:d6:12:a3:47:18:45:9a:da:0f:
         56:61:27:aa:20:05:10:dc:f8:9a:68:d5:93:45:4c:9f:57:66:
         12:71:7c:da
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDkMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA5MDEw
ODQ5MjlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEM1OEU2RDFBOUM3RjRF
ODE4OEE1QjE5MzZBNkE5ODJBNzIzNjBBNTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCU2B7sMkeVk5fFDxXg0kA1C9OTN4WKQ3jIEQRy/dVG6gpuwObR
TcTRZ3qw3SUy59PvAgbvvafpi52YPiMFeuXMMJGJDUIp5TFJacAV3wsNwhr1Y/W5
OPak73S+4Cut4slCG5mjBYYpZk2cKPNIt9CKJSob/xlfmEsezAy6xHB8sck5kZBK
cIsjLFHCWG5qBb6QHpSt2uyj4J3aV8hrzjl2OD1O42AiX0z5hoHD6AaGfKPeZh6D
0U+ud0kafpVqlT7/KV9vHIlJgwVp60HELea/EkPDB352fl1VnHGY9XwqXxlDW3kz
OkWzrsb9Gj5+rPRHTfih0Ghqs5p/P1+RXr6pAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUxY5tGpx/ToGIpbGTamqYKnI2ClYwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgveFk1dEdweF9Ub0dJcGJHVGFtcVlL
bkkyQ2xZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsvZYDAN
BgkqhkiG9w0BAQsFAAOCAQEAaxVZ47W253T+5SM0yqbtNvjqMXSZ+NO+jKkVZ/ep
1vurLItf2aj8mMP3n5zkadto+CfvMTMq/lnmarHfvK6YllcjxeoCtgwq3oZR4IG4
KGrKqPu9mj7gw3Dt0+xzNgxbxS5BU22t2WXKhL9y26Ucad9nDhdfbrSOrv66Sn+Z
ab7TB+9ezJZLCVLZXmp5fvwTRs2Mq2Z1/ficRuWkbm804QjAgxflAfeVJlfskQtq
32xkcwCyLQfsLUqREEo+/tvmI1+hmn/jCd5dRnvF+iqUr1G15qaOEMYbCyikqlir
gH+I1hKjRxhFmtoPVmEnqiAFENz4mmjVk0VMn1dmEnF82g==
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:12 2024 by rpki-client on console-ams.rpki-client.org