Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/llhuaGUF6Kg0--gK_y-blj4ift0.roa
File:                     llhuaGUF6Kg0--gK_y-blj4ift0.roa (raw, json)
Hash identifier:          tYRFZdd1N0Fbar3fVxNl3e7zhrgw8Qois8EscSJQPWE=
Subject key identifier:   96:58:6E:68:65:05:E8:A8:34:FB:E8:0A:FF:2F:9B:96:3E:22:7E:DD
Certificate issuer:       /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial:       0CEC
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/llhuaGUF6Kg0--gK_y-blj4ift0.roa
Signing time:             Mon 15 Jan 2024 21:23:48 +0000
ROA not before:           Mon 15 Jan 2024 21:23:48 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     7482
IP address blocks:        218.35.0.0/16 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3308 (0xcec)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
        Validity
            Not Before: Jan 15 21:23:48 2024 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=96586E686505E8A834FBE80AFF2F9B963E227EDD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:58:dc:64:f1:de:59:74:78:87:d9:d6:7c:8c:
                    12:9d:45:e0:cb:1f:9d:db:9a:2f:38:92:89:00:4e:
                    e0:76:61:29:cb:06:c6:8b:e8:e3:75:82:f9:a2:bd:
                    44:77:80:ab:14:3a:01:57:72:eb:0e:d0:7f:99:10:
                    3b:c4:9e:7d:61:19:33:ac:4c:02:c2:dd:f8:0f:13:
                    cf:dc:86:a0:6d:1e:dc:fd:a0:e4:d3:db:08:59:a8:
                    c2:8d:f6:76:50:ca:7b:b9:b7:d6:bc:46:6e:24:2c:
                    c6:9a:cc:d2:84:d5:8d:96:35:9a:ed:83:aa:34:ea:
                    8a:f1:4e:03:c5:7c:3d:dd:98:d2:06:24:1e:f0:d1:
                    bd:16:5e:54:a7:79:f3:fc:21:47:86:52:fd:8a:e1:
                    f7:05:f8:cf:f3:b7:d3:2c:0a:84:86:71:46:18:45:
                    f1:8b:0f:4c:ef:d6:59:19:26:cf:1a:30:78:2a:9e:
                    af:27:75:97:6a:4e:05:62:4d:95:7d:f8:8d:67:cc:
                    ac:12:10:6d:81:85:3e:74:2c:44:f5:8b:c5:b2:23:
                    39:b2:64:fd:88:c4:e4:26:11:4e:82:c5:e5:64:46:
                    57:c9:37:3a:18:33:fd:35:07:66:e7:77:4e:05:f1:
                    e4:5c:b6:8e:d2:f7:68:04:b6:78:1d:d1:7c:c4:22:
                    4f:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:58:6E:68:65:05:E8:A8:34:FB:E8:0A:FF:2F:9B:96:3E:22:7E:DD
            X509v3 Authority Key Identifier:
                keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/llhuaGUF6Kg0--gK_y-blj4ift0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  218.35.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         3c:8e:1e:eb:eb:2d:34:04:e6:11:c2:bd:99:e1:40:1e:76:46:
         71:ac:7b:ae:e1:ea:c8:de:63:78:ab:06:a6:68:a2:59:dd:4b:
         f5:39:8a:db:5f:5d:83:86:b4:66:81:36:b6:c8:2a:31:a0:b3:
         44:ce:00:77:7c:50:70:22:9a:77:bc:a1:8f:09:7e:b0:01:2c:
         6d:94:7c:0c:33:6d:8c:2d:d1:98:a3:d1:fc:30:40:de:78:34:
         0a:5d:45:83:c6:4e:c1:de:61:8f:9e:d8:e0:4d:2b:f6:ac:77:
         99:69:33:7f:99:09:b9:7d:d2:35:43:ad:b1:8b:d9:32:9d:86:
         4e:44:36:aa:16:f7:cc:6f:0b:a5:d6:2c:b8:de:6a:7a:7c:20:
         42:00:53:21:2e:b9:a0:24:69:50:f6:d3:2a:ef:74:a9:4a:fd:
         16:7b:9a:3b:ec:e0:11:1e:90:dd:e5:98:6c:5f:a8:de:ec:b1:
         2e:a9:a9:bb:e2:a8:d4:ef:22:82:12:73:40:f0:09:c0:d1:20:
         55:c3:29:03:9b:77:2c:1c:5e:da:dc:e3:55:21:da:c1:46:1f:
         c7:8d:61:ef:a8:d8:0f:8b:e9:e4:18:b6:d5:80:ff:6b:d1:a9:
         20:53:ae:1d:fb:e7:70:0e:e2:d9:04:5a:63:8f:6d:f0:fa:f2:
         da:a8:b4:3e
-----BEGIN CERTIFICATE-----
MIIEyzCCA7OgAwIBAgICDOwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDAxMTUy
MTIzNDhaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDk2NTg2RTY4NjUwNUU4
QTgzNEZCRTgwQUZGMkY5Qjk2M0UyMjdFREQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQWNxk8d5ZdHiH2dZ8jBKdReDLH53bmi84kokATuB2YSnLBsaL
6ON1gvmivUR3gKsUOgFXcusO0H+ZEDvEnn1hGTOsTALC3fgPE8/chqBtHtz9oOTT
2whZqMKN9nZQynu5t9a8Rm4kLMaazNKE1Y2WNZrtg6o06orxTgPFfD3dmNIGJB7w
0b0WXlSnefP8IUeGUv2K4fcF+M/zt9MsCoSGcUYYRfGLD0zv1lkZJs8aMHgqnq8n
dZdqTgViTZV9+I1nzKwSEG2BhT50LET1i8WyIzmyZP2IxOQmEU6CxeVkRlfJNzoY
M/01B2bnd04F8eRcto7S92gEtngd0XzEIk8lAgMBAAGjggHnMIIB4zAdBgNVHQ4E
FgQUllhuaGUF6Kg0++gK/y+blj4ift0wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2xsaHVhR1VGNktnMC0tZ0tfeS1ibGo0
aWZ0MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwDaIzANBgkq
hkiG9w0BAQsFAAOCAQEAPI4e6+stNATmEcK9meFAHnZGcax7ruHqyN5jeKsGpmii
Wd1L9TmK219dg4a0ZoE2tsgqMaCzRM4Ad3xQcCKad7yhjwl+sAEsbZR8DDNtjC3R
mKPR/DBA3ng0Cl1Fg8ZOwd5hj57Y4E0r9qx3mWkzf5kJuX3SNUOtsYvZMp2GTkQ2
qhb3zG8LpdYsuN5qenwgQgBTIS65oCRpUPbTKu90qUr9FnuaO+zgER6Q3eWYbF+o
3uyxLqmpu+Ko1O8ighJzQPAJwNEgVcMpA5t3LBxe2tzjVSHawUYfx41h76jYD4vp
5Bi21YD/a9GpIFOuHfvncA7i2QRaY49t8Pry2qi0Pg==
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:19 2024 by rpki-client on console-fra.rpki-client.org