Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/11zt-wkL9KHbtGAlBAlWot2x2YI.roa
File:                     11zt-wkL9KHbtGAlBAlWot2x2YI.roa (raw, json)
Hash identifier:          IF0ktt63sloQwSVXr25848S5v6Kw4zhlRoc9EG31c/8=
Subject key identifier:   D7:5C:ED:FB:09:0B:F4:A1:DB:B4:60:25:04:09:56:A2:DD:B1:D9:82
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       0F50
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/11zt-wkL9KHbtGAlBAlWot2x2YI.roa
Signing time:             Fri 01 Sep 2023 08:56:55 +0000
ROA not before:           Fri 01 Sep 2023 08:56:55 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     3462
IP address blocks:        61.228.0.0/14 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3920 (0xf50)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: Sep  1 08:56:55 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=D75CEDFB090BF4A1DBB46025040956A2DDB1D982
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:e7:b5:73:94:57:08:28:d6:ab:0c:dd:25:21:
                    55:11:c1:79:18:9b:74:07:37:73:34:ec:a7:f2:3d:
                    99:cd:1b:a4:52:61:84:80:c6:da:af:e3:24:6e:98:
                    8d:6a:51:da:4e:27:8f:c1:5a:9c:eb:3f:dc:69:3f:
                    78:db:43:f0:62:a5:6a:15:26:09:9c:93:39:31:f5:
                    ea:7f:49:a6:b2:cd:52:9e:35:8d:cc:8c:6c:f2:e5:
                    a7:a9:ec:7c:c3:b3:18:04:c8:f2:88:66:82:4e:b0:
                    63:95:6b:86:b6:7a:fd:02:40:c7:5e:16:20:c3:b2:
                    2e:b3:ba:ac:84:a0:65:a5:76:c4:3e:c2:a4:d4:4d:
                    c6:05:12:b7:1d:9b:00:07:7a:a3:b1:d1:de:2f:0c:
                    28:88:a1:88:e9:bd:f7:5f:40:60:f5:7e:52:b8:c0:
                    8b:bb:e5:21:11:ca:70:ff:bd:fe:84:cb:1a:fb:1e:
                    61:e5:48:d6:3e:1a:bf:8e:0c:4e:74:99:e8:b3:2f:
                    ec:4b:93:94:cb:64:e9:94:06:d1:93:89:7b:6c:b2:
                    32:29:ab:34:99:a9:21:24:4b:32:ae:84:26:cc:ca:
                    9d:e3:46:88:60:4b:bd:1d:fb:65:8d:d8:23:f2:c1:
                    db:69:a4:9b:14:e0:f1:69:ab:51:bf:aa:c1:4e:04:
                    de:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:5C:ED:FB:09:0B:F4:A1:DB:B4:60:25:04:09:56:A2:DD:B1:D9:82
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/11zt-wkL9KHbtGAlBAlWot2x2YI.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.228.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         88:79:98:fb:9b:29:a1:02:0a:64:7d:93:f8:a5:41:a7:58:a7:
         6d:c3:7a:c5:43:6a:a5:76:b9:a3:94:d2:22:57:c6:af:53:b0:
         cf:b1:a2:b3:f8:05:3a:62:a4:fd:bd:75:aa:56:42:ac:71:36:
         32:6b:c3:d7:db:1e:ca:e4:d5:0c:d9:53:4c:7f:4f:5f:f5:73:
         5d:b1:69:87:0b:30:fe:c7:ef:31:a2:c8:83:51:43:2c:25:60:
         43:e1:44:bd:7d:b5:ed:e1:db:0f:c1:db:d8:78:32:4b:9f:11:
         8e:a7:19:b3:17:9f:f1:27:42:ae:5a:02:29:a7:3e:0c:5d:86:
         f5:29:b8:f7:c3:e8:5c:25:5b:e7:b5:57:13:2e:8a:49:69:22:
         73:01:a3:f1:1f:94:73:c3:b0:36:cd:33:01:4b:26:64:8a:68:
         e1:92:41:e2:cf:dd:fd:5e:f3:e5:1d:b2:39:1d:7a:e7:08:23:
         72:a1:9d:ea:6b:e7:59:90:e5:fa:fd:c4:3e:48:f9:ae:9d:e3:
         5f:c9:ab:71:34:00:e0:db:ec:98:61:03:13:a2:07:ed:08:df:
         62:ff:f7:9c:de:ae:fb:13:6b:ef:cd:a9:ad:92:be:0f:b8:50:
         8e:3a:20:2e:54:e0:31:a0:a8:47:56:c2:4d:a2:39:c9:35:ae:
         03:f7:af:a4
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICD1AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMzA5MDEw
ODU2NTVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEQ3NUNFREZCMDkwQkY0
QTFEQkI0NjAyNTA0MDk1NkEyRERCMUQ5ODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDe57VzlFcIKNarDN0lIVURwXkYm3QHN3M07KfyPZnNG6RSYYSA
xtqv4yRumI1qUdpOJ4/BWpzrP9xpP3jbQ/BipWoVJgmckzkx9ep/SaayzVKeNY3M
jGzy5aep7HzDsxgEyPKIZoJOsGOVa4a2ev0CQMdeFiDDsi6zuqyEoGWldsQ+wqTU
TcYFErcdmwAHeqOx0d4vDCiIoYjpvfdfQGD1flK4wIu75SERynD/vf6Eyxr7HmHl
SNY+Gr+ODE50meizL+xLk5TLZOmUBtGTiXtssjIpqzSZqSEkSzKuhCbMyp3jRohg
S70d+2WN2CPywdtppJsU4PFpq1G/qsFOBN4dAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQU11zt+wkL9KHbtGAlBAlWot2x2YIwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC8xMXp0LXdrTDlLSGJ0R0FsQkFs
V290MngyWUkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMCPeQw
DQYJKoZIhvcNAQELBQADggEBAIh5mPubKaECCmR9k/ilQadYp23DesVDaqV2uaOU
0iJXxq9TsM+xorP4BTpipP29dapWQqxxNjJrw9fbHsrk1QzZU0x/T1/1c12xaYcL
MP7H7zGiyINRQywlYEPhRL19te3h2w/B29h4MkufEY6nGbMXn/EnQq5aAimnPgxd
hvUpuPfD6FwlW+e1VxMuiklpInMBo/EflHPDsDbNMwFLJmSKaOGSQeLP3f1e8+Ud
sjkdeucII3Khnepr51mQ5fr9xD5I+a6d41/Jq3E0AODb7JhhAxOiB+0I32L/95ze
rvsTa+/Nqa2Svg+4UI46IC5U4DGgqEdWwk2iOck1rgP3r6Q=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:20 2024 by rpki-client on console-fra.rpki-client.org