Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/o9PXQKdLvEb3mOSMZb1UVGfH5eo.roa
File:                     o9PXQKdLvEb3mOSMZb1UVGfH5eo.roa (raw, json)
Hash identifier:          IEGo3MnV5upQtse5Aem04UINm6HfsDI5TsH2IV2uTs0=
Subject key identifier:   A3:D3:D7:40:A7:4B:BC:46:F7:98:E4:8C:65:BD:54:54:67:C7:E5:EA
Certificate issuer:       /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial:       0E0A
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/o9PXQKdLvEb3mOSMZb1UVGfH5eo.roa
Signing time:             Wed 24 Jan 2024 06:17:46 +0000
ROA not before:           Wed 24 Jan 2024 06:17:46 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     4780
IP address blocks:        210.58.128.0/19 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3594 (0xe0a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
        Validity
            Not Before: Jan 24 06:17:46 2024 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=A3D3D740A74BBC46F798E48C65BD545467C7E5EA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:a7:47:d1:b2:5c:92:de:fc:22:6c:5a:f0:fe:
                    48:d6:8c:de:c7:dd:e3:da:2b:95:a2:0a:79:7e:72:
                    17:f3:ba:61:21:21:a0:12:4d:db:fd:e2:ad:e3:35:
                    63:b3:f4:b0:19:7a:63:84:97:3f:e3:f4:88:e9:a4:
                    84:a0:4c:06:52:72:04:64:ab:64:32:d4:4e:29:69:
                    fd:4a:07:12:cf:a0:e1:b7:39:71:c9:7c:55:c6:48:
                    89:bc:4f:bc:59:53:7b:95:6d:89:5f:cf:d6:b3:01:
                    88:7c:4c:3e:1a:a6:ec:06:3c:cb:ef:8e:92:f1:75:
                    a2:08:c5:70:6f:5c:9c:13:38:8f:fb:fa:79:b7:4d:
                    6b:3c:8c:60:77:4c:b9:c8:40:76:fc:c9:5a:e3:2a:
                    a6:f1:31:05:68:b2:5d:e8:d3:51:ad:c4:94:44:8c:
                    d4:c0:f5:35:7c:07:90:6a:61:d7:04:88:f6:e5:a9:
                    d5:f0:07:f1:07:bc:59:ed:fb:76:5c:c5:de:d6:b9:
                    7a:dd:94:d0:98:9b:83:89:f0:1b:7e:d5:5c:35:c9:
                    56:19:63:df:71:32:df:c5:49:26:d7:8d:50:f2:d9:
                    8f:57:d9:1a:63:bb:a1:ee:46:c3:53:97:e0:d3:b7:
                    1f:ef:b9:f8:31:4b:6f:70:68:8b:b6:3d:f3:4f:cb:
                    f8:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:D3:D7:40:A7:4B:BC:46:F7:98:E4:8C:65:BD:54:54:67:C7:E5:EA
            X509v3 Authority Key Identifier:
                keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/o9PXQKdLvEb3mOSMZb1UVGfH5eo.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.58.128.0/19

    Signature Algorithm: sha256WithRSAEncryption
         ac:18:a6:78:0e:30:0a:a1:76:98:42:76:46:79:c9:e0:35:28:
         04:7c:32:76:d7:d1:2d:a5:a1:24:8e:c2:db:8c:e6:ed:8a:02:
         c4:ad:7a:40:2b:06:b8:76:c4:42:1f:7e:44:f1:6a:4f:fd:7e:
         90:6d:03:a4:77:30:55:a5:45:fa:31:68:d4:c4:f7:a1:61:1f:
         5a:f5:6c:10:5e:34:bf:30:69:b8:f3:2c:e7:97:5e:0c:e3:8a:
         a9:7b:df:71:af:85:50:0d:b2:96:bc:5a:ed:60:74:c9:d8:f9:
         3e:06:3c:65:dd:41:c9:6c:9c:d0:f8:e1:a4:19:1d:50:f5:81:
         7d:e0:97:23:96:aa:92:e1:70:17:bf:9c:76:14:2f:c3:7c:83:
         1b:66:9e:a8:56:7f:37:0f:de:2e:85:9f:69:e2:bb:bc:16:36:
         e5:a5:db:39:23:25:d5:23:02:e7:ea:53:01:bf:4b:58:76:98:
         38:b6:5b:11:89:9d:03:ec:27:73:a3:b3:33:14:79:5c:03:48:
         98:d0:03:90:e4:58:f2:06:df:99:06:7c:db:4c:ef:9b:f6:d6:
         95:00:d6:04:33:90:c4:af:7b:7a:87:f9:f0:50:6d:bc:b3:9a:
         2e:96:10:e5:0d:f6:c4:21:22:3a:6b:c4:d2:d8:de:73:b5:73:
         62:83:85:66
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDgowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDAxMjQw
NjE3NDZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEEzRDNENzQwQTc0QkJD
NDZGNzk4RTQ4QzY1QkQ1NDU0NjdDN0U1RUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0p0fRslyS3vwibFrw/kjWjN7H3ePaK5WiCnl+chfzumEhIaAS
Tdv94q3jNWOz9LAZemOElz/j9IjppISgTAZScgRkq2Qy1E4paf1KBxLPoOG3OXHJ
fFXGSIm8T7xZU3uVbYlfz9azAYh8TD4apuwGPMvvjpLxdaIIxXBvXJwTOI/7+nm3
TWs8jGB3TLnIQHb8yVrjKqbxMQVosl3o01GtxJREjNTA9TV8B5BqYdcEiPblqdXw
B/EHvFnt+3Zcxd7WuXrdlNCYm4OJ8Bt+1Vw1yVYZY99xMt/FSSbXjVDy2Y9X2Rpj
u6HuRsNTl+DTtx/vufgxS29waIu2PfNPy/hpAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUo9PXQKdLvEb3mOSMZb1UVGfH5eowHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL285UFhRS2RMdkViM21PU01aYjFVVkdm
SDVlby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAXSOoAwDQYJ
KoZIhvcNAQELBQADggEBAKwYpngOMAqhdphCdkZ5yeA1KAR8MnbX0S2loSSOwtuM
5u2KAsStekArBrh2xEIffkTxak/9fpBtA6R3MFWlRfoxaNTE96FhH1r1bBBeNL8w
abjzLOeXXgzjiql733GvhVANspa8Wu1gdMnY+T4GPGXdQclsnND44aQZHVD1gX3g
lyOWqpLhcBe/nHYUL8N8gxtmnqhWfzcP3i6Fn2niu7wWNuWl2zkjJdUjAufqUwG/
S1h2mDi2WxGJnQPsJ3OjszMUeVwDSJjQA5DkWPIG35kGfNtM75v21pUA1gQzkMSv
e3qH+fBQbbyzmi6WEOUN9sQhIjprxNLY3nO1c2KDhWY=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:13 2024 by rpki-client on console-ams.rpki-client.org