Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/vBduPV0WCpUSdQ71_bsHloxVwJY.roa
File:                     vBduPV0WCpUSdQ71_bsHloxVwJY.roa (raw, json)
Hash identifier:          P0KmjU5zuOlLhMKK/zXpxBAWTtsPi/jEepavlvIhI6k=
Subject key identifier:   BC:17:6E:3D:5D:16:0A:95:12:75:0E:F5:FD:BB:07:96:8C:55:C0:96
Certificate issuer:       /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial:       0C80
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/vBduPV0WCpUSdQ71_bsHloxVwJY.roa
Signing time:             Mon 15 Jan 2024 21:09:49 +0000
ROA not before:           Mon 15 Jan 2024 21:09:49 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     131142
IP address blocks:        210.200.64.0/20 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3200 (0xc80)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
        Validity
            Not Before: Jan 15 21:09:49 2024 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=BC176E3D5D160A9512750EF5FDBB07968C55C096
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:dc:74:3d:1b:56:79:71:93:0c:62:41:a6:2c:
                    77:6b:c0:ef:7a:3c:d0:a2:6b:91:9b:8e:d4:01:45:
                    82:37:50:e4:ed:ee:19:04:ca:6b:ec:64:21:96:d1:
                    4e:ab:c9:51:40:da:13:ad:73:cf:b6:a0:72:cd:bb:
                    28:c1:39:f1:1e:6a:e1:df:7b:97:a5:ac:b0:7a:99:
                    48:ce:7b:ae:f6:02:85:26:78:76:a1:40:d1:82:d1:
                    19:88:4e:68:02:5b:7e:63:51:b4:13:39:aa:f0:ab:
                    9a:1e:13:d4:06:0d:04:b1:d3:2c:65:6b:08:d4:ab:
                    33:76:b0:34:48:25:a4:f4:d4:d5:b4:82:f4:47:fd:
                    03:b8:1d:57:93:c0:b6:43:27:98:e7:35:f1:b9:fa:
                    6a:7e:c0:39:06:c6:43:4b:fa:6f:fd:38:8b:22:bd:
                    29:ec:9d:37:50:a8:2d:a5:4d:bc:ef:aa:24:57:39:
                    fe:fb:9c:83:3f:bf:63:03:84:c8:b0:d1:73:76:58:
                    97:60:8a:8b:8b:14:8b:fd:91:e0:56:81:57:dc:15:
                    8c:f1:c2:7b:cb:38:9f:bd:ac:cc:41:50:83:bd:0d:
                    b9:9a:e8:68:8e:37:04:61:57:72:46:1d:b3:91:6f:
                    a2:03:e1:b3:35:ad:46:06:94:ca:6c:a6:a2:dc:21:
                    93:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:17:6E:3D:5D:16:0A:95:12:75:0E:F5:FD:BB:07:96:8C:55:C0:96
            X509v3 Authority Key Identifier:
                keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/vBduPV0WCpUSdQ71_bsHloxVwJY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.200.64.0/20

    Signature Algorithm: sha256WithRSAEncryption
         6e:4f:76:4e:d9:63:73:d8:7e:11:c5:68:cc:d3:bb:f9:5e:ab:
         92:5c:e9:d1:73:72:f1:f1:12:b4:16:57:a0:74:41:ab:46:c7:
         7a:f8:40:62:f3:4a:a1:76:88:06:30:31:8d:37:a7:43:d8:18:
         a1:46:e3:bc:53:8f:6f:ed:5c:98:fb:48:47:cd:5b:d4:d6:cb:
         08:ad:ba:a9:8e:fc:db:96:d6:64:e3:9e:57:ab:e5:d8:ae:3d:
         a4:9b:c8:29:ba:fb:d0:59:8f:5b:5f:c4:b9:f6:24:16:86:d6:
         77:1c:83:26:95:69:c3:83:70:40:92:a2:b6:2a:c0:87:55:bd:
         7d:be:bc:43:88:0f:e8:08:ec:99:ac:a2:09:8f:74:38:cb:5d:
         af:5c:33:bd:fd:81:ef:d3:96:7d:8d:5b:81:49:b5:9a:43:92:
         cd:3b:af:9d:27:6d:25:1d:34:92:eb:0c:43:51:ad:9e:ba:74:
         14:3e:31:e6:94:2a:69:d2:b2:83:8a:1b:65:63:59:67:69:c0:
         87:a5:61:d5:2f:78:a3:3a:a2:a3:7f:25:4c:4f:35:2c:b5:f0:
         bf:c1:a8:a9:3d:cc:95:54:20:5a:87:ac:ea:e2:b6:8b:ef:29:
         aa:db:13:73:67:27:bb:87:97:1a:da:26:a4:26:5b:5e:bb:b3:
         01:7d:21:88
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDIAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDAxMTUy
MTA5NDlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEJDMTc2RTNENUQxNjBB
OTUxMjc1MEVGNUZEQkIwNzk2OEM1NUMwOTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDs3HQ9G1Z5cZMMYkGmLHdrwO96PNCia5GbjtQBRYI3UOTt7hkE
ymvsZCGW0U6ryVFA2hOtc8+2oHLNuyjBOfEeauHfe5elrLB6mUjOe672AoUmeHah
QNGC0RmITmgCW35jUbQTOarwq5oeE9QGDQSx0yxlawjUqzN2sDRIJaT01NW0gvRH
/QO4HVeTwLZDJ5jnNfG5+mp+wDkGxkNL+m/9OIsivSnsnTdQqC2lTbzvqiRXOf77
nIM/v2MDhMiw0XN2WJdgiouLFIv9keBWgVfcFYzxwnvLOJ+9rMxBUIO9Dbma6GiO
NwRhV3JGHbORb6ID4bM1rUYGlMpspqLcIZMJAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUvBduPV0WCpUSdQ71/bsHloxVwJYwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL3ZCZHVQVjBXQ3BVU2RRNzFfYnNIbG94
VndKWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATSyEAwDQYJ
KoZIhvcNAQELBQADggEBAG5Pdk7ZY3PYfhHFaMzTu/leq5Jc6dFzcvHxErQWV6B0
QatGx3r4QGLzSqF2iAYwMY03p0PYGKFG47xTj2/tXJj7SEfNW9TWywituqmO/NuW
1mTjnler5diuPaSbyCm6+9BZj1tfxLn2JBaG1nccgyaVacODcECSorYqwIdVvX2+
vEOID+gI7JmsogmPdDjLXa9cM739ge/Tln2NW4FJtZpDks07r50nbSUdNJLrDENR
rZ66dBQ+MeaUKmnSsoOKG2VjWWdpwIelYdUveKM6oqN/JUxPNSy18L/BqKk9zJVU
IFqHrOritovvKarbE3NnJ7uHlxraJqQmW167swF9IYg=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:13 2024 by rpki-client on console-ams.rpki-client.org