Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/RA55EFjjMKLB-Cc5vK-b9_u8sRs.roa
File:                     RA55EFjjMKLB-Cc5vK-b9_u8sRs.roa (raw, json)
Hash identifier:          p3y5+zWn3pIXDNIH+TAM4SbHebrfKjl4F4bDxxQcUW4=
Subject key identifier:   44:0E:79:10:58:E3:30:A2:C1:F8:27:39:BC:AF:9B:F7:FB:BC:B1:1B
Certificate issuer:       /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial:       0C5A
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/RA55EFjjMKLB-Cc5vK-b9_u8sRs.roa
Signing time:             Mon 15 Jan 2024 21:09:09 +0000
ROA not before:           Mon 15 Jan 2024 21:09:09 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     24154
IP address blocks:        203.79.200.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3162 (0xc5a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
        Validity
            Not Before: Jan 15 21:09:09 2024 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=440E791058E330A2C1F82739BCAF9BF7FBBCB11B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:a3:8b:fa:41:68:b8:f2:e7:48:c8:d3:e3:c8:
                    8c:42:a2:6b:e6:23:58:6f:fb:15:3e:4b:f1:ef:40:
                    1b:95:ce:5b:c7:ca:38:7f:07:2a:d2:63:49:a7:22:
                    e9:10:cd:61:98:c4:a5:7b:a3:bd:20:fb:2a:e9:4b:
                    3d:ee:02:f5:2c:ba:62:63:9f:d6:e8:e9:e2:b8:64:
                    94:7a:2f:33:ba:2c:9f:43:a7:96:e9:6f:a0:97:c1:
                    56:53:d0:9d:97:0f:a0:5d:c5:47:82:99:79:87:5e:
                    44:32:81:8a:a4:6c:d3:34:77:a1:b9:44:7c:ed:ee:
                    aa:d7:48:cd:1d:8c:6b:70:2c:92:83:23:5b:50:73:
                    e2:5c:be:d9:50:b6:76:a8:2e:50:df:58:a3:fe:ec:
                    c8:26:4a:0e:90:94:b0:db:3e:3f:cb:28:8c:5d:a5:
                    1d:6e:9e:12:e9:de:4b:b0:19:08:bb:c9:e1:0e:fd:
                    1d:93:ff:fa:e8:de:6e:39:88:69:08:c9:8c:36:38:
                    5d:f9:73:f6:b7:ff:03:b2:e1:ec:6c:1f:1e:3d:9a:
                    b0:a3:17:ae:8d:31:d6:a9:d5:b9:1c:fb:53:d4:67:
                    a0:5b:bc:17:ca:76:f2:71:32:98:7e:06:9e:e2:71:
                    b4:77:72:00:39:7e:57:dc:bb:a6:ec:bb:c3:9e:0c:
                    82:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:0E:79:10:58:E3:30:A2:C1:F8:27:39:BC:AF:9B:F7:FB:BC:B1:1B
            X509v3 Authority Key Identifier:
                keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/RA55EFjjMKLB-Cc5vK-b9_u8sRs.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.79.200.0/22

    Signature Algorithm: sha256WithRSAEncryption
         72:84:bc:43:38:9f:db:1e:23:ad:49:47:ad:7b:da:f4:31:49:
         65:d9:4d:93:c0:09:bd:28:7a:28:64:4e:e1:02:f5:ec:32:64:
         59:03:a0:95:00:58:e9:1b:37:34:ce:1e:fe:d1:2e:96:88:ce:
         82:dc:10:75:d0:68:17:8d:fc:3f:4e:e2:89:45:67:58:53:40:
         cd:aa:6c:18:26:d3:db:07:bc:f8:15:d0:97:15:f2:e3:bf:72:
         ad:27:e7:76:a3:8c:c0:87:fd:83:07:93:4c:23:2c:63:5b:ee:
         72:16:71:65:65:6b:2e:fd:e3:56:54:ec:61:db:30:8b:97:d2:
         ed:cd:cf:83:1b:1c:70:9b:39:df:69:eb:81:61:5a:c4:e3:06:
         63:8f:c0:35:7a:dc:c6:72:b7:b1:8a:63:cd:30:72:6b:77:9d:
         7a:fc:3b:59:c6:77:72:a3:92:c6:be:0f:de:67:0a:57:c1:26:
         54:c2:51:77:8b:cf:41:4c:1e:ff:b7:fd:f4:bc:47:14:9b:07:
         9a:94:82:f2:34:7c:5d:b7:62:c8:df:80:78:2f:09:ff:9f:6f:
         c8:28:40:55:77:1f:28:f0:85:e9:07:f3:a7:bc:23:56:83:a9:
         a4:a5:1a:a2:06:fa:e7:c2:5e:bd:ad:13:6a:8d:63:44:72:41:
         4c:fc:35:ca
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDFowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDAxMTUy
MTA5MDlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDQ0MEU3OTEwNThFMzMw
QTJDMUY4MjczOUJDQUY5QkY3RkJCQ0IxMUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSo4v6QWi48udIyNPjyIxComvmI1hv+xU+S/HvQBuVzlvHyjh/
ByrSY0mnIukQzWGYxKV7o70g+yrpSz3uAvUsumJjn9bo6eK4ZJR6LzO6LJ9Dp5bp
b6CXwVZT0J2XD6BdxUeCmXmHXkQygYqkbNM0d6G5RHzt7qrXSM0djGtwLJKDI1tQ
c+JcvtlQtnaoLlDfWKP+7MgmSg6QlLDbPj/LKIxdpR1unhLp3kuwGQi7yeEO/R2T
//ro3m45iGkIyYw2OF35c/a3/wOy4exsHx49mrCjF66NMdap1bkc+1PUZ6BbvBfK
dvJxMph+Bp7icbR3cgA5flfcu6bsu8OeDIKDAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQURA55EFjjMKLB+Cc5vK+b9/u8sRswHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1JBNTVFRmpqTUtMQi1DYzV2Sy1iOV91
OHNScy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALLT8gwDQYJ
KoZIhvcNAQELBQADggEBAHKEvEM4n9seI61JR6172vQxSWXZTZPACb0oeihkTuEC
9ewyZFkDoJUAWOkbNzTOHv7RLpaIzoLcEHXQaBeN/D9O4olFZ1hTQM2qbBgm09sH
vPgV0JcV8uO/cq0n53ajjMCH/YMHk0wjLGNb7nIWcWVlay7941ZU7GHbMIuX0u3N
z4MbHHCbOd9p64FhWsTjBmOPwDV63MZyt7GKY80wcmt3nXr8O1nGd3Kjksa+D95n
ClfBJlTCUXeLz0FMHv+3/fS8RxSbB5qUgvI0fF23YsjfgHgvCf+fb8goQFV3Hyjw
hekH86e8I1aDqaSlGqIG+ufCXr2tE2qNY0RyQUz8Nco=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:12 2024 by rpki-client on console-ams.rpki-client.org