Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/AM5MbR-NTULQSSxFWqVXdsEBL7s.roa
File:                     AM5MbR-NTULQSSxFWqVXdsEBL7s.roa (raw, json)
Hash identifier:          /jGJRjqrgNkJGkUntInBvVKzZ676xDL3CWB5vjeZ3aU=
Subject key identifier:   00:CE:4C:6D:1F:8D:4D:42:D0:49:2C:45:5A:A5:57:76:C1:01:2F:BB
Certificate issuer:       /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial:       0BB1
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/AM5MbR-NTULQSSxFWqVXdsEBL7s.roa
Signing time:             Fri 01 Sep 2023 08:50:53 +0000
ROA not before:           Fri 01 Sep 2023 08:50:53 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     18412
IP address blocks:        2401:e180:8e00::/44 maxlen: 44

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2993 (0xbb1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
        Validity
            Not Before: Sep  1 08:50:53 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=00CE4C6D1F8D4D42D0492C455AA55776C1012FBB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:6e:bb:d2:92:df:c4:a3:01:a5:9f:5f:b8:7b:
                    69:f3:dd:6f:f0:7f:cb:a3:c0:22:b2:e9:1c:7b:e2:
                    fd:34:b5:ec:e3:dc:10:20:2c:cb:7b:8b:30:ba:67:
                    71:df:c3:ea:4f:a2:47:02:6d:b2:ad:00:e5:72:29:
                    69:f3:8a:84:a7:8a:31:e8:24:06:83:6e:b4:fb:c0:
                    e1:18:46:13:ee:72:02:86:52:37:62:de:03:0f:5d:
                    40:25:ce:1b:a3:1e:64:cb:cd:82:d9:ad:cf:37:01:
                    cc:a0:c4:de:f7:23:73:14:e8:41:07:ba:7f:cc:a6:
                    85:5e:a9:6e:5c:cd:85:2b:e2:d6:28:d0:b0:c2:a0:
                    c1:53:01:06:5e:57:a7:86:12:b8:6d:2a:23:67:4a:
                    76:f2:c9:df:ce:8b:55:15:9b:50:34:5d:7e:8b:8b:
                    55:d6:d8:2a:91:04:e2:7a:d0:9c:63:b7:d5:ba:63:
                    44:15:57:50:4d:ea:13:8d:9b:e6:0c:a7:74:b4:e9:
                    48:3a:ab:db:73:de:3a:0a:63:f0:d0:a4:6f:7d:d2:
                    91:da:b1:c9:a0:60:cf:b0:7a:22:30:f3:43:ce:4c:
                    a9:30:6d:29:bb:3a:eb:42:a0:e1:38:22:d3:75:62:
                    b8:f4:ee:76:ad:20:74:b6:10:ef:57:92:6c:32:fd:
                    5f:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:CE:4C:6D:1F:8D:4D:42:D0:49:2C:45:5A:A5:57:76:C1:01:2F:BB
            X509v3 Authority Key Identifier:
                keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/AM5MbR-NTULQSSxFWqVXdsEBL7s.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:e180:8e00::/44

    Signature Algorithm: sha256WithRSAEncryption
         9c:25:47:a0:af:d7:cb:71:12:c0:67:d7:c7:4f:18:1e:2b:ee:
         84:3d:68:13:79:a3:df:ed:22:7f:a4:21:d4:61:e4:a5:3a:ab:
         72:ec:32:a6:2b:8e:65:ad:3b:33:8d:36:bb:3b:ef:b7:59:d9:
         d2:48:0b:b7:4a:d2:ff:06:3d:b4:a3:a3:50:da:ef:3c:37:08:
         fa:10:33:96:aa:9e:c2:de:a7:e4:18:e1:18:c3:d3:d0:c4:2b:
         ef:71:3d:48:7c:d4:8a:74:94:3d:b9:e9:dd:8d:fd:6e:25:a8:
         e1:85:c2:b0:69:d6:ea:1f:88:ea:b9:97:2e:d9:6b:6e:87:64:
         8f:da:a3:61:5d:c0:0a:2e:ed:c3:ad:24:e2:8c:44:e0:38:e3:
         7f:14:dd:ab:65:9b:ba:d2:90:67:93:4d:da:2e:5f:04:85:b7:
         66:0f:d0:9a:3a:6d:80:37:0a:63:f8:f7:a2:aa:0c:94:e4:2f:
         42:bc:a0:fb:aa:26:c2:55:0d:09:4d:7d:77:94:f9:84:11:38:
         cd:60:48:dc:55:93:89:87:6c:97:5d:cd:50:ca:d9:be:27:3f:
         da:61:18:83:91:d4:82:f3:2d:d3:b5:1f:74:af:95:1c:9d:5b:
         97:d8:b0:7e:62:48:79:7e:2e:7b:12:e6:49:c3:78:95:a9:ac:
         91:4c:a7:aa
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICC7EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yMzA5MDEw
ODUwNTNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDAwQ0U0QzZEMUY4RDRE
NDJEMDQ5MkM0NTVBQTU1Nzc2QzEwMTJGQkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCbrvSkt/EowGln1+4e2nz3W/wf8ujwCKy6Rx74v00tezj3BAg
LMt7izC6Z3Hfw+pPokcCbbKtAOVyKWnzioSnijHoJAaDbrT7wOEYRhPucgKGUjdi
3gMPXUAlzhujHmTLzYLZrc83AcygxN73I3MU6EEHun/MpoVeqW5czYUr4tYo0LDC
oMFTAQZeV6eGErhtKiNnSnbyyd/Oi1UVm1A0XX6Li1XW2CqRBOJ60Jxjt9W6Y0QV
V1BN6hONm+YMp3S06Ug6q9tz3joKY/DQpG990pHascmgYM+weiIw80POTKkwbSm7
OutCoOE4ItN1Yrj07natIHS2EO9Xkmwy/V9pAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUAM5MbR+NTULQSSxFWqVXdsEBL7swHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0FNNU1iUi1OVFVMUVNTeEZXcVZYZHNF
Qkw3cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQkAeGAjgAw
DQYJKoZIhvcNAQELBQADggEBAJwlR6Cv18txEsBn18dPGB4r7oQ9aBN5o9/tIn+k
IdRh5KU6q3LsMqYrjmWtOzONNrs777dZ2dJIC7dK0v8GPbSjo1Da7zw3CPoQM5aq
nsLep+QY4RjD09DEK+9xPUh81Ip0lD256d2N/W4lqOGFwrBp1uofiOq5ly7Za26H
ZI/ao2FdwAou7cOtJOKMROA4438U3atlm7rSkGeTTdouXwSFt2YP0Jo6bYA3CmP4
96KqDJTkL0K8oPuqJsJVDQlNfXeU+YQROM1gSNxVk4mHbJddzVDK2b4nP9phGIOR
1ILzLdO1H3SvlRydW5fYsH5iSHl+LnsS5knDeJWprJFMp6o=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:12 2024 by rpki-client on console-ams.rpki-client.org