Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/Abfpea1umb924MKBvgZkgaHTJDA.roa
File:                     Abfpea1umb924MKBvgZkgaHTJDA.roa (raw, json)
Hash identifier:          21iV5JGvknyxLLYy1W2mIvel0eivmLps/N/IDC98i3M=
Subject key identifier:   01:B7:E9:79:AD:6E:99:BF:76:E0:C2:81:BE:06:64:81:A1:D3:24:30
Certificate issuer:       /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial:       0C74
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/Abfpea1umb924MKBvgZkgaHTJDA.roa
Signing time:             Mon 15 Jan 2024 21:09:36 +0000
ROA not before:           Mon 15 Jan 2024 21:09:36 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     131142
IP address blocks:        210.200.0.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3188 (0xc74)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
        Validity
            Not Before: Jan 15 21:09:36 2024 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=01B7E979AD6E99BF76E0C281BE066481A1D32430
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:8b:56:14:fc:68:89:f9:b0:29:4d:03:6c:5f:
                    cf:c6:34:9f:54:0a:e1:81:de:2d:23:a0:a2:e9:a8:
                    15:9d:9d:95:43:72:ba:50:82:30:cd:87:be:a5:55:
                    ca:8c:0f:f9:ee:82:80:13:25:4c:7a:26:58:51:ca:
                    29:84:f8:89:3f:19:ea:9f:a3:b9:07:ea:37:c6:e8:
                    76:36:5a:cb:41:80:5e:21:6b:00:01:c9:3d:50:0d:
                    00:0b:60:21:32:2a:5a:b2:02:af:85:51:31:44:b2:
                    5a:79:ba:88:1b:4f:8e:45:e3:e4:d7:f6:98:2e:87:
                    cb:17:f2:2c:85:b3:59:4e:70:1d:32:12:30:3e:82:
                    da:b6:26:a9:80:e1:a2:2e:59:5a:fe:93:11:3a:7a:
                    68:96:2a:fd:f9:ff:7c:7c:63:ca:23:45:cd:23:1e:
                    75:c4:2d:5f:59:63:9a:e2:27:06:99:2a:90:c7:97:
                    77:02:48:45:cd:b9:29:3c:89:14:70:4b:57:00:f1:
                    ae:8b:62:2b:0d:3a:34:df:ac:d6:75:f5:22:ae:5c:
                    fd:5f:6b:28:01:d7:26:9a:07:e8:ca:75:cd:e6:3a:
                    b1:bd:d4:a1:94:37:d6:a5:44:4f:d4:3c:aa:27:7f:
                    d2:60:0f:80:20:7a:f5:c9:a3:f9:b9:78:58:cb:f2:
                    ad:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:B7:E9:79:AD:6E:99:BF:76:E0:C2:81:BE:06:64:81:A1:D3:24:30
            X509v3 Authority Key Identifier:
                keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/Abfpea1umb924MKBvgZkgaHTJDA.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.200.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8c:31:b1:8a:f8:6b:42:1f:45:ba:5a:bc:4e:14:3b:c5:14:d0:
         13:22:ca:ef:22:99:1e:85:d9:6c:33:7c:79:cb:d8:b2:43:aa:
         51:12:76:cb:b3:4f:d1:54:40:76:88:30:ad:b0:eb:71:6e:70:
         68:76:7a:2b:f5:b5:dd:ed:8f:4a:c8:de:93:fd:c4:39:bd:4c:
         48:2f:6d:77:85:ff:e4:ab:ad:0f:0d:29:de:53:db:cc:e5:d0:
         62:21:42:e8:8d:b4:a0:0f:e0:a3:b6:e5:60:54:dc:7e:fc:ad:
         9e:8c:b4:98:5d:8b:30:b6:2b:ff:3e:bb:9b:e2:11:e5:9e:d1:
         62:1f:6c:04:46:de:69:3a:e6:61:e1:e9:47:03:b6:89:92:1f:
         7d:ba:45:44:96:ac:f6:49:79:6a:f9:6c:0c:92:ff:92:71:2f:
         d5:14:a4:8f:74:d4:71:f4:13:18:01:93:8d:18:89:f6:15:25:
         fd:6d:2d:7b:db:48:aa:81:9f:9b:e2:1a:93:5e:e6:8e:66:d7:
         61:59:13:44:7e:82:25:ba:9d:72:72:3b:8a:de:e5:66:f8:1b:
         78:77:be:1e:78:fa:b9:fa:91:11:df:06:4f:f6:81:15:61:db:
         3d:8b:4d:f6:5a:23:95:1f:f5:a7:57:5e:4d:24:96:c0:ba:3a:
         2b:56:f0:c2
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDHQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDAxMTUy
MTA5MzZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDAxQjdFOTc5QUQ2RTk5
QkY3NkUwQzI4MUJFMDY2NDgxQTFEMzI0MzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1i1YU/GiJ+bApTQNsX8/GNJ9UCuGB3i0joKLpqBWdnZVDcrpQ
gjDNh76lVcqMD/nugoATJUx6JlhRyimE+Ik/Geqfo7kH6jfG6HY2WstBgF4hawAB
yT1QDQALYCEyKlqyAq+FUTFEslp5uogbT45F4+TX9pguh8sX8iyFs1lOcB0yEjA+
gtq2JqmA4aIuWVr+kxE6emiWKv35/3x8Y8ojRc0jHnXELV9ZY5riJwaZKpDHl3cC
SEXNuSk8iRRwS1cA8a6LYisNOjTfrNZ19SKuXP1faygB1yaaB+jKdc3mOrG91KGU
N9alRE/UPKonf9JgD4AgevXJo/m5eFjL8q15AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUAbfpea1umb924MKBvgZkgaHTJDAwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0FiZnBlYTF1bWI5MjRNS0J2Z1prZ2FI
VEpEQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALSyAAwDQYJ
KoZIhvcNAQELBQADggEBAIwxsYr4a0IfRbpavE4UO8UU0BMiyu8imR6F2WwzfHnL
2LJDqlESdsuzT9FUQHaIMK2w63FucGh2eiv1td3tj0rI3pP9xDm9TEgvbXeF/+Sr
rQ8NKd5T28zl0GIhQuiNtKAP4KO25WBU3H78rZ6MtJhdizC2K/8+u5viEeWe0WIf
bARG3mk65mHh6UcDtomSH326RUSWrPZJeWr5bAyS/5JxL9UUpI901HH0ExgBk40Y
ifYVJf1tLXvbSKqBn5viGpNe5o5m12FZE0R+giW6nXJyO4re5Wb4G3h3vh54+rn6
kRHfBk/2gRVh2z2LTfZaI5Uf9adXXk0klsC6OitW8MI=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:19 2024 by rpki-client on console-fra.rpki-client.org