Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/E5-4jmAPGkeC0K0G56XoHjz9eY8.roa
File:                     E5-4jmAPGkeC0K0G56XoHjz9eY8.roa (raw, json)
Hash identifier:          00T1A3+CWza3XjJL7nKqu02FcZD1iAXaOe6okhn4Hog=
Subject key identifier:   13:9F:B8:8E:60:0F:1A:47:82:D0:AD:06:E7:A5:E8:1E:3C:FD:79:8F
Certificate issuer:       /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial:       0DFA
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/E5-4jmAPGkeC0K0G56XoHjz9eY8.roa
Signing time:             Mon 15 Jan 2024 21:43:30 +0000
ROA not before:           Mon 15 Jan 2024 21:43:30 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     17709
IP address blocks:        60.244.0.0/17 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3578 (0xdfa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
        Validity
            Not Before: Jan 15 21:43:30 2024 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=139FB88E600F1A4782D0AD06E7A5E81E3CFD798F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:32:7d:ca:04:31:22:9e:97:be:c3:70:16:9f:
                    14:3f:71:5a:be:a6:ba:11:b0:03:83:43:05:12:e9:
                    d1:3f:1c:8d:ab:d9:0e:1a:96:e1:61:ab:9f:65:7c:
                    e2:c0:09:b9:b5:4b:5c:f9:75:68:5e:44:03:c5:0d:
                    41:d8:c5:c8:9b:37:83:20:05:6a:7d:ae:41:e1:63:
                    50:20:c7:a6:dc:12:33:7f:a9:a2:ba:bb:48:6d:29:
                    23:ee:84:e6:9d:70:d5:a2:48:47:02:75:a4:2e:e1:
                    de:71:78:f4:bb:79:c5:f4:78:01:6c:c9:72:40:fd:
                    a8:db:9b:8e:91:22:29:be:34:64:29:e6:69:56:a6:
                    e1:bb:5e:94:72:36:66:60:62:23:d6:06:83:e0:fa:
                    ee:9d:0b:5d:d8:83:48:7d:3c:bb:23:0b:3e:9b:38:
                    52:3f:49:55:7e:5f:22:65:c9:be:eb:2b:d2:77:32:
                    6e:1d:53:ea:23:bb:b9:6b:be:4c:1e:cb:b2:13:ea:
                    83:e1:6e:a2:42:34:c0:6e:c0:91:ad:9a:99:3c:4a:
                    5c:a8:04:52:c9:5c:0f:d7:eb:66:02:08:93:08:6e:
                    69:2a:88:25:0d:68:cc:cb:ce:f6:d6:85:d4:df:40:
                    9b:b1:02:2c:70:e6:fe:16:da:af:f4:e2:fb:ae:3d:
                    98:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:9F:B8:8E:60:0F:1A:47:82:D0:AD:06:E7:A5:E8:1E:3C:FD:79:8F
            X509v3 Authority Key Identifier:
                keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/E5-4jmAPGkeC0K0G56XoHjz9eY8.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  60.244.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         26:79:dc:88:9f:d9:00:18:f0:63:ec:27:8f:8e:45:dd:06:b8:
         34:42:c5:7a:a4:8e:f0:2b:c6:ec:4f:5e:83:40:59:af:de:f8:
         bb:29:5b:c6:8f:03:fd:98:84:40:33:4a:e2:dd:e8:30:dd:c0:
         14:af:25:ef:d3:d1:49:85:8f:91:a5:a9:cb:26:09:89:d9:2f:
         d0:54:2f:00:73:f0:f8:2a:ca:f1:39:a8:f7:91:7c:7a:8d:71:
         c9:66:1b:43:02:39:61:33:e1:a8:9c:45:b9:27:b5:02:1f:de:
         f3:91:87:9d:d1:32:a0:31:95:3a:af:aa:59:72:69:98:31:92:
         f0:da:31:7c:46:a2:37:d0:02:87:0c:9a:7f:24:22:ab:ec:c2:
         2d:cd:d2:0e:73:55:60:16:04:a4:b3:14:71:61:69:6a:08:20:
         aa:00:d3:59:7b:3f:aa:c8:d6:a9:36:70:09:a8:16:49:a7:7c:
         31:13:aa:1b:59:50:08:0e:11:a7:e6:d6:bb:65:09:1e:25:d2:
         5b:0b:0d:5d:80:69:1c:87:2b:7a:1a:21:1b:7f:9c:37:9f:33:
         a3:d1:00:c6:b8:15:c9:57:20:ec:00:8b:03:82:7e:d4:6b:5c:
         4a:81:3a:bb:d0:fc:26:84:bc:79:c5:0f:80:3a:46:df:af:8b:
         d2:1d:b8:80
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDfowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDAxMTUy
MTQzMzBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDEzOUZCODhFNjAwRjFB
NDc4MkQwQUQwNkU3QTVFODFFM0NGRDc5OEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6Mn3KBDEinpe+w3AWnxQ/cVq+proRsAODQwUS6dE/HI2r2Q4a
luFhq59lfOLACbm1S1z5dWheRAPFDUHYxcibN4MgBWp9rkHhY1Agx6bcEjN/qaK6
u0htKSPuhOadcNWiSEcCdaQu4d5xePS7ecX0eAFsyXJA/ajbm46RIim+NGQp5mlW
puG7XpRyNmZgYiPWBoPg+u6dC13Yg0h9PLsjCz6bOFI/SVV+XyJlyb7rK9J3Mm4d
U+oju7lrvkwey7IT6oPhbqJCNMBuwJGtmpk8SlyoBFLJXA/X62YCCJMIbmkqiCUN
aMzLzvbWhdTfQJuxAixw5v4W2q/04vuuPZgzAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUE5+4jmAPGkeC0K0G56XoHjz9eY8wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0U1LTRqbUFQR2tlQzBLMEc1NlhvSGp6
OWVZOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAc89AAwDQYJ
KoZIhvcNAQELBQADggEBACZ53Iif2QAY8GPsJ4+ORd0GuDRCxXqkjvArxuxPXoNA
Wa/e+LspW8aPA/2YhEAzSuLd6DDdwBSvJe/T0UmFj5GlqcsmCYnZL9BULwBz8Pgq
yvE5qPeRfHqNcclmG0MCOWEz4aicRbkntQIf3vORh53RMqAxlTqvqllyaZgxkvDa
MXxGojfQAocMmn8kIqvswi3N0g5zVWAWBKSzFHFhaWoIIKoA01l7P6rI1qk2cAmo
FkmnfDETqhtZUAgOEafm1rtlCR4l0lsLDV2AaRyHK3oaIRt/nDefM6PRAMa4FclX
IOwAiwOCftRrXEqBOrvQ/CaEvHnFD4A6Rt+vi9IduIA=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:19 2024 by rpki-client on console-fra.rpki-client.org