Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/h-VgGQlE71RMuqN-rwSx8JOsb4A.roa
File:                     h-VgGQlE71RMuqN-rwSx8JOsb4A.roa (raw, json)
Hash identifier:          Jyk36xOd9yxbJrEcCNFG1cHLCej39bfBIVjdqVLfOVY=
Subject key identifier:   87:E5:60:19:09:44:EF:54:4C:BA:A3:7E:AF:04:B1:F0:93:AC:6F:80
Certificate issuer:       /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial:       0D8E
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/h-VgGQlE71RMuqN-rwSx8JOsb4A.roa
Signing time:             Mon 15 Jan 2024 21:29:21 +0000
ROA not before:           Mon 15 Jan 2024 21:29:21 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     9922
IP address blocks:        124.218.128.0/18 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3470 (0xd8e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
        Validity
            Not Before: Jan 15 21:29:21 2024 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=87E560190944EF544CBAA37EAF04B1F093AC6F80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:2f:9a:f6:8e:37:d2:b2:1c:c8:13:a0:bf:65:
                    14:7f:0c:af:7c:4b:8f:14:ad:0a:61:24:0b:29:e2:
                    35:75:4e:f2:95:af:95:59:6c:7d:88:5e:09:b6:dc:
                    7f:91:78:67:b6:3e:61:c7:63:83:51:cf:00:c2:65:
                    d9:c5:f1:c0:10:33:ee:4c:aa:53:02:01:43:84:df:
                    39:63:ab:1f:41:4d:6c:79:97:78:48:84:68:92:21:
                    56:ca:a9:19:87:bc:43:f3:4c:d1:43:2b:54:fd:ca:
                    4b:a3:fe:a0:e9:99:76:c0:86:bc:f8:1d:37:29:fe:
                    e4:5f:a2:d7:45:77:05:50:94:da:1d:f6:ba:52:ea:
                    b2:92:55:b8:b4:45:a2:b6:35:4c:19:be:d0:e8:0e:
                    81:c1:ee:61:5a:a9:fe:46:fa:23:d5:f3:fb:35:8e:
                    8e:b0:3f:a3:13:48:a5:f0:63:7e:58:4e:56:a4:7a:
                    88:30:c6:e4:24:58:03:18:61:d3:bf:b9:e5:ce:3c:
                    e4:eb:e6:cb:84:f4:ac:af:cb:f5:22:6e:e4:5a:54:
                    a5:98:dd:05:01:ab:b8:14:d6:f7:05:ae:fc:78:4c:
                    23:77:3a:97:fe:a4:e5:2b:68:4f:e9:ac:82:a3:c2:
                    f3:a0:0d:8d:8b:5c:b3:54:cd:e5:b3:b7:aa:d7:17:
                    b9:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:E5:60:19:09:44:EF:54:4C:BA:A3:7E:AF:04:B1:F0:93:AC:6F:80
            X509v3 Authority Key Identifier:
                keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/h-VgGQlE71RMuqN-rwSx8JOsb4A.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  124.218.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         88:03:f1:cc:32:2d:d1:93:6b:ab:e0:16:c6:80:ca:2a:62:1a:
         74:ae:f2:db:a1:df:d9:c8:a4:6c:87:57:95:72:26:3c:92:5f:
         58:e2:04:7c:76:af:65:e8:6c:83:f6:ed:9a:b4:5a:27:03:26:
         76:ff:06:86:e8:ee:38:ad:92:8a:30:a7:c5:9e:73:11:40:ca:
         fc:9c:fc:0c:ec:4f:eb:06:fe:3c:21:f8:03:b5:a1:45:7d:f1:
         b4:a8:c7:91:e5:8d:65:5e:41:58:d1:f4:31:ac:7d:7c:41:05:
         1c:50:95:9e:8e:f2:15:a2:ab:1b:4d:c3:51:c2:d8:05:5f:0b:
         c4:a5:e4:1e:46:42:6c:93:52:bb:f6:42:54:24:6b:28:7a:7e:
         ec:73:4a:db:51:20:02:f6:24:05:26:0c:f0:45:cb:cb:18:ef:
         a5:26:a7:0b:63:77:c6:f8:dc:fa:3e:11:35:9b:03:27:c6:f9:
         14:00:b3:b8:2d:b7:0a:f5:5a:72:78:c3:c2:63:8c:ca:ab:5b:
         c0:80:5b:94:ef:3a:1f:6a:af:39:07:6d:5f:4e:f4:ac:1b:43:
         a2:6c:5b:39:e5:e4:07:b0:f2:76:d6:b0:3a:41:4f:15:4f:a6:
         99:7b:09:ae:ce:f6:04:0c:12:ba:75:cf:4f:b5:49:cf:c0:af:
         06:1f:40:f0
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDY4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDAxMTUy
MTI5MjFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDg3RTU2MDE5MDk0NEVG
NTQ0Q0JBQTM3RUFGMDRCMUYwOTNBQzZGODAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBL5r2jjfSshzIE6C/ZRR/DK98S48UrQphJAsp4jV1TvKVr5VZ
bH2IXgm23H+ReGe2PmHHY4NRzwDCZdnF8cAQM+5MqlMCAUOE3zljqx9BTWx5l3hI
hGiSIVbKqRmHvEPzTNFDK1T9ykuj/qDpmXbAhrz4HTcp/uRfotdFdwVQlNod9rpS
6rKSVbi0RaK2NUwZvtDoDoHB7mFaqf5G+iPV8/s1jo6wP6MTSKXwY35YTlakeogw
xuQkWAMYYdO/ueXOPOTr5suE9Kyvy/UibuRaVKWY3QUBq7gU1vcFrvx4TCN3Opf+
pOUraE/prIKjwvOgDY2LXLNUzeWzt6rXF7lbAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUh+VgGQlE71RMuqN+rwSx8JOsb4AwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2gtVmdHUWxFNzFSTXVxTi1yd1N4OEpP
c2I0QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAZ82oAwDQYJ
KoZIhvcNAQELBQADggEBAIgD8cwyLdGTa6vgFsaAyipiGnSu8tuh39nIpGyHV5Vy
JjySX1jiBHx2r2XobIP27Zq0WicDJnb/Bobo7jitkoowp8WecxFAyvyc/AzsT+sG
/jwh+AO1oUV98bSox5HljWVeQVjR9DGsfXxBBRxQlZ6O8hWiqxtNw1HC2AVfC8Sl
5B5GQmyTUrv2QlQkayh6fuxzSttRIAL2JAUmDPBFy8sY76Umpwtjd8b43Po+ETWb
AyfG+RQAs7gttwr1WnJ4w8JjjMqrW8CAW5TvOh9qrzkHbV9O9KwbQ6JsWznl5Aew
8nbWsDpBTxVPppl7Ca7O9gQMErp1z0+1Sc/ArwYfQPA=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:19 2024 by rpki-client on console-fra.rpki-client.org