Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/dBC4To7P36eQMXre0jpc6i5o0dc.roa
File:                     dBC4To7P36eQMXre0jpc6i5o0dc.roa (raw, json)
Hash identifier:          apHA3SoEerktdln/GxIy/kbqAk0hZSLpeWz8yzXAGD0=
Subject key identifier:   74:10:B8:4E:8E:CF:DF:A7:90:31:7A:DE:D2:3A:5C:EA:2E:68:D1:D7
Certificate issuer:       /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial:       0DAE
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/dBC4To7P36eQMXre0jpc6i5o0dc.roa
Signing time:             Mon 15 Jan 2024 21:30:07 +0000
ROA not before:           Mon 15 Jan 2024 21:30:07 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     9922
IP address blocks:        124.218.64.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3502 (0xdae)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
        Validity
            Not Before: Jan 15 21:30:07 2024 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=7410B84E8ECFDFA790317ADED23A5CEA2E68D1D7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fc:13:b3:b8:ac:47:4a:b1:b0:34:9f:68:36:ef:
                    e9:b8:6f:f1:f1:ec:f7:cb:7b:e2:c3:27:12:de:f6:
                    1c:5d:60:71:c0:2c:8f:f8:d8:48:c6:b5:98:1b:6f:
                    86:af:9f:d8:43:23:e3:29:54:1e:8b:8e:aa:78:ed:
                    08:d0:37:cf:54:a4:79:9b:47:14:3f:5e:8a:77:e4:
                    3e:a7:e1:1c:51:13:71:33:8b:fb:25:f6:89:42:60:
                    bd:94:4a:32:49:ea:e6:e2:e2:13:8b:81:fa:61:24:
                    8a:8e:e6:98:c2:c4:7a:47:92:77:99:e4:dc:4f:52:
                    da:2b:e6:11:e2:fd:67:3f:1c:8b:6e:c5:fe:9b:13:
                    d9:e2:84:b1:d8:ee:c4:2b:46:aa:34:2d:6b:fb:5f:
                    da:2f:6a:aa:5d:4f:f5:5c:9a:e6:23:13:6a:25:a6:
                    c3:98:6a:b4:f1:bd:a0:95:b4:20:af:c9:ff:a5:51:
                    a8:6d:65:32:ed:9d:fc:4b:df:56:68:87:c4:23:ef:
                    a1:24:25:d6:4c:e3:d7:a0:4c:01:78:2d:ba:41:e4:
                    f6:97:26:33:cf:b7:99:46:33:07:d0:3c:fd:0c:99:
                    d0:ba:57:f7:dc:9b:6f:ce:eb:d6:0b:22:e3:4d:ee:
                    1b:aa:90:40:0d:f5:33:f9:d4:16:66:85:1a:7d:97:
                    f9:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:10:B8:4E:8E:CF:DF:A7:90:31:7A:DE:D2:3A:5C:EA:2E:68:D1:D7
            X509v3 Authority Key Identifier:
                keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/dBC4To7P36eQMXre0jpc6i5o0dc.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  124.218.64.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6a:7e:f2:e4:37:dd:f3:31:d3:fc:81:3c:46:60:da:f1:b9:41:
         13:c1:eb:f2:ba:1f:4c:ac:fc:99:83:b2:88:38:b8:6b:25:cc:
         2f:04:42:60:52:85:27:93:0b:03:ce:19:f4:90:5e:79:ee:1c:
         70:3c:3f:23:a5:a8:54:38:ee:8c:4d:fe:8e:6c:af:6d:fe:6d:
         86:a8:88:bb:de:9c:c6:16:93:8b:12:1f:33:04:6e:f5:5d:87:
         4e:4c:f6:c8:72:6b:a2:d0:03:d6:25:3e:ca:b5:1f:36:1f:4b:
         01:a0:7a:85:52:1a:f6:3c:3c:b1:f6:3a:7a:3e:a7:07:f9:48:
         c9:50:48:78:b1:69:bc:6c:92:e4:c8:0b:23:eb:30:19:2f:e1:
         8b:0e:8f:d8:18:ab:80:7a:ba:61:3a:57:be:bb:f6:19:92:04:
         64:44:f9:2c:f1:e8:80:9a:a6:99:04:7c:9f:88:49:dc:06:fe:
         aa:7d:02:06:8f:38:70:e2:96:50:07:1a:97:72:2f:34:1b:1a:
         6f:bd:b7:92:9e:9a:73:aa:3a:9a:44:57:12:3c:d6:90:72:80:
         96:c1:da:c9:a0:1f:9d:ef:5a:3c:d7:d5:1e:43:64:7c:93:92:
         81:8d:68:ef:7f:74:49:6c:58:94:16:9d:ba:fd:f1:e6:18:39:
         5f:ce:e9:a5
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDa4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDAxMTUy
MTMwMDdaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDc0MTBCODRFOEVDRkRG
QTc5MDMxN0FERUQyM0E1Q0VBMkU2OEQxRDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD8E7O4rEdKsbA0n2g27+m4b/Hx7PfLe+LDJxLe9hxdYHHALI/4
2EjGtZgbb4avn9hDI+MpVB6Ljqp47QjQN89UpHmbRxQ/Xop35D6n4RxRE3Ezi/sl
9olCYL2USjJJ6ubi4hOLgfphJIqO5pjCxHpHkneZ5NxPUtor5hHi/Wc/HItuxf6b
E9nihLHY7sQrRqo0LWv7X9ovaqpdT/VcmuYjE2olpsOYarTxvaCVtCCvyf+lUaht
ZTLtnfxL31Zoh8Qj76EkJdZM49egTAF4LbpB5PaXJjPPt5lGMwfQPP0MmdC6V/fc
m2/O69YLIuNN7huqkEAN9TP51BZmhRp9l/lhAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUdBC4To7P36eQMXre0jpc6i5o0dcwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2RCQzRUbzdQMzZlUU1YcmUwanBjNmk1
bzBkYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJ82kAwDQYJ
KoZIhvcNAQELBQADggEBAGp+8uQ33fMx0/yBPEZg2vG5QRPB6/K6H0ys/JmDsog4
uGslzC8EQmBShSeTCwPOGfSQXnnuHHA8PyOlqFQ47oxN/o5sr23+bYaoiLvenMYW
k4sSHzMEbvVdh05M9shya6LQA9YlPsq1HzYfSwGgeoVSGvY8PLH2Ono+pwf5SMlQ
SHixabxskuTICyPrMBkv4YsOj9gYq4B6umE6V7679hmSBGRE+Szx6ICappkEfJ+I
SdwG/qp9AgaPOHDillAHGpdyLzQbGm+9t5KemnOqOppEVxI81pBygJbB2smgH53v
WjzX1R5DZHyTkoGNaO9/dElsWJQWnbr98eYYOV/O6aU=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:19 2024 by rpki-client on console-fra.rpki-client.org