Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/51gi4dxrx1rH-NseFwMY1z0IOH4.roa
File:                     51gi4dxrx1rH-NseFwMY1z0IOH4.roa (raw, json)
Hash identifier:          Uc/J0zLA/4YC1EFhzYixNY/2grsvnwb8otV2SqDRObQ=
Subject key identifier:   E7:58:22:E1:DC:6B:C7:5A:C7:F8:DB:1E:17:03:18:D7:3D:08:38:7E
Certificate issuer:       /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial:       0D24
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/51gi4dxrx1rH-NseFwMY1z0IOH4.roa
Signing time:             Mon 15 Jan 2024 21:24:56 +0000
ROA not before:           Mon 15 Jan 2024 21:24:56 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     24154
IP address blocks:        60.244.64.0/18 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3364 (0xd24)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
        Validity
            Not Before: Jan 15 21:24:56 2024 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=E75822E1DC6BC75AC7F8DB1E170318D73D08387E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:7a:ce:77:e6:f4:18:65:bc:dd:7c:61:3e:29:
                    a4:11:65:26:b4:3f:5d:57:20:50:9a:2c:e7:0b:f0:
                    08:6a:4d:95:03:62:98:78:4e:cd:95:f2:ae:46:86:
                    d3:f0:48:1c:78:2b:d4:e0:b2:79:7d:51:a2:8c:0c:
                    99:d5:db:fd:46:a1:ef:93:0a:14:8d:24:ef:54:64:
                    20:4d:03:06:42:1c:5d:a3:95:20:ac:9c:c4:9e:a1:
                    46:f7:bb:1f:f9:4d:5e:cd:b4:34:4e:6a:44:01:ce:
                    d2:f1:64:f7:b5:b1:c3:4a:b3:82:07:6e:54:47:70:
                    98:84:ea:89:c8:15:ed:d6:fa:bd:02:c4:be:ad:da:
                    53:d4:7c:8a:40:aa:c9:83:06:af:1e:25:09:29:1b:
                    01:79:dd:89:12:94:e5:83:a9:bb:03:7c:6d:69:e0:
                    81:01:9f:ec:89:2d:d2:df:bc:f2:8c:86:94:9f:9b:
                    53:4a:0e:b7:d2:01:af:89:57:4f:c0:1d:bc:be:50:
                    ed:b5:3b:d9:88:23:e0:ef:6a:dd:fe:68:6d:86:93:
                    a7:28:f0:4d:fc:00:bb:d4:fe:b5:e2:af:c7:30:b0:
                    42:22:cb:04:b0:c5:99:cf:51:79:33:3b:df:6c:49:
                    2b:57:59:80:51:b0:2c:c3:48:4c:58:ed:7d:c7:12:
                    b2:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:58:22:E1:DC:6B:C7:5A:C7:F8:DB:1E:17:03:18:D7:3D:08:38:7E
            X509v3 Authority Key Identifier:
                keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/51gi4dxrx1rH-NseFwMY1z0IOH4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  60.244.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         69:86:f4:f9:26:c7:c8:b8:fb:55:ac:84:53:19:d9:3e:b6:1a:
         a2:e4:34:aa:3f:96:79:02:55:2e:69:31:40:06:62:45:80:6f:
         14:49:86:36:d6:d6:bc:f0:10:26:a0:c7:ef:90:b3:f0:c6:7e:
         c5:e5:cd:19:f6:61:22:2f:0a:f1:d7:c3:4e:55:36:87:c0:f4:
         90:71:8c:a6:e7:83:61:dc:00:ca:0e:35:3e:4f:bb:c9:12:17:
         c6:35:dc:59:6f:a0:62:bb:35:49:ef:56:f2:30:f3:58:f5:e1:
         bf:c4:b6:3c:94:89:3e:37:33:38:b2:5e:1e:c7:78:d2:d1:ab:
         3f:37:7f:de:9a:a8:5e:65:5c:c0:f9:c6:ec:39:72:e7:82:0a:
         6c:09:34:37:96:13:12:9a:cd:c8:50:4b:a0:c1:86:49:85:08:
         99:c5:d8:b0:0f:76:27:34:ab:5e:6d:37:10:ff:8f:c9:9e:bf:
         ab:81:fb:10:0d:ff:d7:fb:9a:2b:42:03:e3:51:af:be:b1:fe:
         94:12:a4:a9:ac:fb:db:dd:c7:85:38:68:a5:3f:37:b4:cf:19:
         c9:19:77:f5:fa:58:b6:8a:ca:a4:25:2c:22:a5:ca:ed:bf:7d:
         85:9c:3b:48:dd:4a:df:f3:9b:ee:e5:84:cb:e0:82:b2:ef:63:
         d3:74:6d:14
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDSQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDAxMTUy
MTI0NTZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEU3NTgyMkUxREM2QkM3
NUFDN0Y4REIxRTE3MDMxOEQ3M0QwODM4N0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjes535vQYZbzdfGE+KaQRZSa0P11XIFCaLOcL8AhqTZUDYph4
Ts2V8q5GhtPwSBx4K9Tgsnl9UaKMDJnV2/1Goe+TChSNJO9UZCBNAwZCHF2jlSCs
nMSeoUb3ux/5TV7NtDROakQBztLxZPe1scNKs4IHblRHcJiE6onIFe3W+r0CxL6t
2lPUfIpAqsmDBq8eJQkpGwF53YkSlOWDqbsDfG1p4IEBn+yJLdLfvPKMhpSfm1NK
DrfSAa+JV0/AHby+UO21O9mII+Dvat3+aG2Gk6co8E38ALvU/rXir8cwsEIiywSw
xZnPUXkzO99sSStXWYBRsCzDSExY7X3HErIBAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU51gi4dxrx1rH+NseFwMY1z0IOH4wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVULzUxZ2k0ZHhyeDFySC1Oc2VGd01ZMXow
SU9INC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAY89EAwDQYJ
KoZIhvcNAQELBQADggEBAGmG9Pkmx8i4+1WshFMZ2T62GqLkNKo/lnkCVS5pMUAG
YkWAbxRJhjbW1rzwECagx++Qs/DGfsXlzRn2YSIvCvHXw05VNofA9JBxjKbng2Hc
AMoONT5Pu8kSF8Y13FlvoGK7NUnvVvIw81j14b/EtjyUiT43MziyXh7HeNLRqz83
f96aqF5lXMD5xuw5cueCCmwJNDeWExKazchQS6DBhkmFCJnF2LAPdic0q15tNxD/
j8mev6uB+xAN/9f7mitCA+NRr76x/pQSpKms+9vdx4U4aKU/N7TPGckZd/X6WLaK
yqQlLCKlyu2/fYWcO0jdSt/zm+7lhMvggrLvY9N0bRQ=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:12 2024 by rpki-client on console-ams.rpki-client.org