Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/vxa-D5HsFMekt8YI_mJ4oo93u9Q.roa
File:                     vxa-D5HsFMekt8YI_mJ4oo93u9Q.roa (raw, json)
Hash identifier:          GH+YxjNKc57oop09LMkd2tvqwB4+/jE1sWxJQILFmbE=
Subject key identifier:   BF:16:BE:0F:91:EC:14:C7:A4:B7:C6:08:FE:62:78:A2:8F:77:BB:D4
Certificate issuer:       /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial:       0D72
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/vxa-D5HsFMekt8YI_mJ4oo93u9Q.roa
Signing time:             Mon 15 Jan 2024 21:28:37 +0000
ROA not before:           Mon 15 Jan 2024 21:28:37 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     17709
IP address blocks:        210.58.104.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3442 (0xd72)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
        Validity
            Not Before: Jan 15 21:28:37 2024 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=BF16BE0F91EC14C7A4B7C608FE6278A28F77BBD4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:97:e2:cf:49:86:15:37:78:c5:72:9c:83:94:
                    84:0e:10:e7:c3:bf:a9:19:5b:79:6c:19:99:9e:e3:
                    c9:bf:f6:e5:5b:5c:d7:6a:fb:e0:94:8a:84:a8:05:
                    e0:3b:d1:ad:35:8b:49:bc:c0:77:30:96:f3:a5:2e:
                    10:a1:1b:ea:c1:f0:5c:e4:12:25:00:1e:61:7e:c2:
                    f0:26:e4:a2:6d:20:48:a8:36:4e:ef:a7:7a:7a:05:
                    0b:d6:9f:11:59:37:d9:3a:87:a4:0e:7c:c8:91:2e:
                    c6:b5:18:23:ea:c4:7b:ba:c5:3d:40:11:51:7e:ce:
                    71:86:c2:43:92:92:00:df:ca:25:c0:3a:35:3b:2e:
                    ab:91:0a:0c:98:7c:2e:8c:a4:83:42:e4:02:4e:ed:
                    00:26:77:5c:96:05:ff:a0:24:e6:83:bf:1f:d9:b1:
                    64:5e:a1:db:ca:08:55:b9:32:14:c9:a2:2e:78:7c:
                    39:7c:06:eb:79:45:a3:f0:ed:b0:a1:13:2d:7d:0f:
                    55:7d:20:b5:e5:0b:b6:a3:e9:50:e0:7e:92:38:6d:
                    77:2a:a2:7b:d8:f2:fb:92:3f:20:26:e7:df:07:45:
                    c1:ae:e7:d0:e9:0e:77:65:8e:32:09:fb:3c:9d:8d:
                    1a:b5:49:ea:62:11:39:d4:dc:89:90:9a:86:44:98:
                    2c:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:16:BE:0F:91:EC:14:C7:A4:B7:C6:08:FE:62:78:A2:8F:77:BB:D4
            X509v3 Authority Key Identifier:
                keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/vxa-D5HsFMekt8YI_mJ4oo93u9Q.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.58.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         77:a8:48:4a:45:c5:24:3b:ab:5b:09:f3:f2:1c:b5:a5:86:6f:
         f2:ef:12:01:65:51:02:15:f0:05:6c:02:44:d7:e6:81:16:d6:
         01:7c:ef:dd:07:2e:22:a9:c5:e4:c8:30:ff:f8:2d:cc:58:be:
         b5:6d:80:36:af:11:cb:b6:85:b2:06:cd:16:d8:85:65:3a:f0:
         24:d0:ab:21:e4:15:2c:14:55:73:47:ce:ff:e0:b1:b6:c1:f2:
         cf:40:65:02:fe:87:07:ca:37:71:61:9b:72:be:6c:d0:28:e8:
         a0:8f:74:12:ea:4a:cc:35:dc:71:ec:78:cb:8f:fd:b5:c8:ed:
         e9:50:d1:f3:c3:21:ac:cc:f6:f2:25:78:31:46:d4:b3:2b:31:
         f9:dd:44:20:47:3b:f4:af:a4:c5:d6:fd:86:21:74:62:92:d6:
         95:d4:59:0e:19:df:21:1c:11:dd:f2:8e:91:fa:9d:60:9b:6e:
         b6:8d:f8:4f:9f:6d:b6:75:c5:be:71:06:16:22:0d:fc:ac:57:
         ca:4d:6c:a4:8b:ad:d4:d4:ac:75:8d:06:da:0c:93:59:06:71:
         ea:4a:5e:a6:f4:25:52:9d:24:d5:6b:b9:b1:f5:3b:3b:f5:48:
         8b:c6:ce:b2:92:0e:62:0a:0c:40:d5:cd:dd:bb:19:d4:13:5c:
         61:5d:73:05
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDXIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDAxMTUy
MTI4MzdaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEJGMTZCRTBGOTFFQzE0
QzdBNEI3QzYwOEZFNjI3OEEyOEY3N0JCRDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCal+LPSYYVN3jFcpyDlIQOEOfDv6kZW3lsGZme48m/9uVbXNdq
++CUioSoBeA70a01i0m8wHcwlvOlLhChG+rB8FzkEiUAHmF+wvAm5KJtIEioNk7v
p3p6BQvWnxFZN9k6h6QOfMiRLsa1GCPqxHu6xT1AEVF+znGGwkOSkgDfyiXAOjU7
LquRCgyYfC6MpINC5AJO7QAmd1yWBf+gJOaDvx/ZsWReodvKCFW5MhTJoi54fDl8
But5RaPw7bChEy19D1V9ILXlC7aj6VDgfpI4bXcqonvY8vuSPyAm598HRcGu59Dp
DndljjIJ+zydjRq1SepiETnU3ImQmoZEmCwhAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUvxa+D5HsFMekt8YI/mJ4oo93u9QwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL3Z4YS1ENUhzRk1la3Q4WUlfbUo0b285
M3U5US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALSOmgwDQYJ
KoZIhvcNAQELBQADggEBAHeoSEpFxSQ7q1sJ8/IctaWGb/LvEgFlUQIV8AVsAkTX
5oEW1gF8790HLiKpxeTIMP/4LcxYvrVtgDavEcu2hbIGzRbYhWU68CTQqyHkFSwU
VXNHzv/gsbbB8s9AZQL+hwfKN3Fhm3K+bNAo6KCPdBLqSsw13HHseMuP/bXI7elQ
0fPDIazM9vIleDFG1LMrMfndRCBHO/SvpMXW/YYhdGKS1pXUWQ4Z3yEcEd3yjpH6
nWCbbraN+E+fbbZ1xb5xBhYiDfysV8pNbKSLrdTUrHWNBtoMk1kGcepKXqb0JVKd
JNVrubH1Ozv1SIvGzrKSDmIKDEDVzd27GdQTXGFdcwU=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:13 2024 by rpki-client on console-ams.rpki-client.org