Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/G5tjhGYbQoT54WabOSn39eslPHk.roa
File:                     G5tjhGYbQoT54WabOSn39eslPHk.roa (raw, json)
Hash identifier:          kBnGjVGY5js+6nA6uZ0GJ8WlUCSa3jHxyQsHVfgtn+U=
Subject key identifier:   1B:9B:63:84:66:1B:42:84:F9:E1:66:9B:39:29:F7:F5:EB:25:3C:79
Certificate issuer:       /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial:       0CF0
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/G5tjhGYbQoT54WabOSn39eslPHk.roa
Signing time:             Mon 15 Jan 2024 21:23:53 +0000
ROA not before:           Mon 15 Jan 2024 21:23:53 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     17709
IP address blocks:        222.156.0.0/16 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3312 (0xcf0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
        Validity
            Not Before: Jan 15 21:23:53 2024 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=1B9B6384661B4284F9E1669B3929F7F5EB253C79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:5c:fe:05:f0:a1:a3:30:2a:35:7e:f3:e5:54:
                    bd:af:7e:51:ef:46:89:5e:9e:54:44:e2:62:9f:a2:
                    42:49:39:7a:c3:a7:cb:bc:25:4b:7d:cf:5e:7c:46:
                    37:bd:ef:92:0a:ff:e6:47:0d:bb:61:e1:98:83:93:
                    32:6a:11:13:a4:70:ce:89:7a:df:fa:0b:47:f3:c2:
                    1c:06:fb:61:3a:50:09:df:d3:f5:aa:13:ed:dd:fa:
                    ac:7d:03:e8:4d:2d:03:14:6c:d9:a7:2e:5d:c2:ef:
                    6d:51:7e:ea:f3:4a:c1:20:8d:1a:1f:0d:9e:5c:d6:
                    52:63:90:93:50:b6:90:85:c9:12:3a:89:71:65:ea:
                    d6:9a:ce:90:64:73:32:d5:b3:4a:2c:f5:9b:85:d2:
                    63:16:a0:43:f2:a4:d5:19:1f:25:29:37:48:89:93:
                    ad:a9:12:5f:77:cc:98:73:62:e2:86:89:d3:ad:9a:
                    65:0d:0a:4b:9c:c6:96:88:78:52:0e:22:db:21:c2:
                    de:ab:0e:3c:db:28:d8:4a:83:95:53:16:32:b4:e1:
                    62:82:25:62:6f:9f:7f:32:e3:b7:51:4c:74:66:46:
                    c8:f4:64:06:c9:09:63:08:49:98:25:e5:4c:b4:7a:
                    6f:20:8f:4c:e1:15:2c:bc:ce:9d:ee:c5:05:76:1c:
                    67:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:9B:63:84:66:1B:42:84:F9:E1:66:9B:39:29:F7:F5:EB:25:3C:79
            X509v3 Authority Key Identifier:
                keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/G5tjhGYbQoT54WabOSn39eslPHk.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  222.156.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         76:ac:ea:28:79:18:b7:92:e4:4d:3a:8f:90:85:85:fc:ea:5b:
         e1:1e:ac:44:f6:fe:56:4c:b3:1e:66:0b:a1:d8:7a:66:f9:9b:
         6e:41:bb:1b:6f:e2:8b:bb:e5:1a:31:49:83:63:0f:67:27:68:
         72:23:bd:2a:89:ca:6c:f4:61:bf:f0:5d:db:d7:07:60:e0:82:
         ef:78:38:96:96:33:17:5b:61:da:66:6a:14:24:9d:db:c3:ad:
         dd:45:20:40:fc:76:9a:89:03:88:00:5d:34:06:34:8c:0a:d1:
         5a:b2:e4:85:24:5b:a0:e9:e3:8f:c3:9a:15:7c:0a:89:e2:b4:
         99:ee:1d:1b:c7:fa:47:60:2e:d7:b8:01:9e:fe:39:de:5e:03:
         db:eb:06:25:8f:da:cd:9d:0d:74:78:52:b8:ea:3c:9e:f2:74:
         f1:d9:34:38:a4:f1:58:ac:c6:f4:04:5a:9c:f9:2e:b5:7e:42:
         00:34:7c:7d:be:eb:5b:91:b6:08:43:76:a0:3f:d9:3e:ae:63:
         e1:42:d3:b3:0e:e3:ff:3c:2e:b9:63:58:73:3d:e2:e1:1e:fd:
         16:a9:bf:73:1c:5e:cb:42:95:b1:4f:4b:65:9b:25:41:1d:87:
         a8:80:53:cc:42:66:1f:7b:72:47:16:24:df:b4:38:cf:b4:35:
         7a:83:c6:91
-----BEGIN CERTIFICATE-----
MIIEyzCCA7OgAwIBAgICDPAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDAxMTUy
MTIzNTNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDFCOUI2Mzg0NjYxQjQy
ODRGOUUxNjY5QjM5MjlGN0Y1RUIyNTNDNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvXP4F8KGjMCo1fvPlVL2vflHvRolenlRE4mKfokJJOXrDp8u8
JUt9z158Rje975IK/+ZHDbth4ZiDkzJqEROkcM6Jet/6C0fzwhwG+2E6UAnf0/Wq
E+3d+qx9A+hNLQMUbNmnLl3C721RfurzSsEgjRofDZ5c1lJjkJNQtpCFyRI6iXFl
6taazpBkczLVs0os9ZuF0mMWoEPypNUZHyUpN0iJk62pEl93zJhzYuKGidOtmmUN
CkucxpaIeFIOItshwt6rDjzbKNhKg5VTFjK04WKCJWJvn38y47dRTHRmRsj0ZAbJ
CWMISZgl5Uy0em8gj0zhFSy8zp3uxQV2HGcjAgMBAAGjggHnMIIB4zAdBgNVHQ4E
FgQUG5tjhGYbQoT54WabOSn39eslPHkwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0c1dGpoR1liUW9UNTRXYWJPU24zOWVz
bFBIay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwDenDANBgkq
hkiG9w0BAQsFAAOCAQEAdqzqKHkYt5LkTTqPkIWF/Opb4R6sRPb+VkyzHmYLodh6
ZvmbbkG7G2/ii7vlGjFJg2MPZydociO9KonKbPRhv/Bd29cHYOCC73g4lpYzF1th
2mZqFCSd28Ot3UUgQPx2mokDiABdNAY0jArRWrLkhSRboOnjj8OaFXwKieK0me4d
G8f6R2Au17gBnv453l4D2+sGJY/azZ0NdHhSuOo8nvJ08dk0OKTxWKzG9ARanPku
tX5CADR8fb7rW5G2CEN2oD/ZPq5j4ULTsw7j/zwuuWNYcz3i4R79Fqm/cxxey0KV
sU9LZZslQR2HqIBTzEJmH3tyRxYk37Q4z7Q1eoPGkQ==
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:19 2024 by rpki-client on console-fra.rpki-client.org