Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/HmeK-LJL6zldg8hbsi3VPHjhr5Y.roa
File:                     HmeK-LJL6zldg8hbsi3VPHjhr5Y.roa (raw, json)
Hash identifier:          JO1OdiRWlTjV1bOQ3WrJ4/wFd2zSQBAxA/y9ALoUTWY=
Subject key identifier:   1E:67:8A:F8:B2:4B:EB:39:5D:83:C8:5B:B2:2D:D5:3C:78:E1:AF:96
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       0FB8
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/HmeK-LJL6zldg8hbsi3VPHjhr5Y.roa
Signing time:             Fri 01 Sep 2023 08:57:25 +0000
ROA not before:           Fri 01 Sep 2023 08:57:25 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     3462
IP address blocks:        218.160.0.0/14 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4024 (0xfb8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: Sep  1 08:57:25 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=1E678AF8B24BEB395D83C85BB22DD53C78E1AF96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:d6:32:7d:c0:bb:76:5d:b1:96:2f:17:f4:f5:
                    a3:c7:73:fb:d3:ea:88:ba:39:38:c6:30:3c:52:74:
                    d8:23:e8:f6:7a:c6:40:3d:8f:cc:d6:27:f5:09:a1:
                    34:29:d4:96:51:a4:7b:99:6a:d2:be:4e:a2:c6:db:
                    0f:d3:d4:4f:eb:86:40:ed:fc:9e:0c:e7:ce:e5:19:
                    5d:d0:eb:12:8e:dd:0f:00:77:a6:32:98:3b:58:83:
                    3f:ba:c7:bc:03:85:65:3c:6a:43:17:89:93:43:ec:
                    6f:3a:e7:27:fd:2c:a7:c3:f7:6a:8e:9b:09:a1:b4:
                    4d:9d:94:5d:02:1d:15:f0:88:e0:1f:6d:d4:de:df:
                    cc:bf:a7:18:28:07:3c:b3:db:65:9e:48:c8:62:45:
                    a4:40:42:48:e5:b9:08:88:28:ad:e1:78:13:59:9f:
                    25:5c:21:7b:c1:e1:58:b1:ae:57:cc:a0:1f:22:d7:
                    85:0d:85:65:ac:88:bd:4e:7e:7b:70:c9:d0:cb:2e:
                    d3:90:69:3b:dd:b2:0f:8a:f3:0e:c8:a8:2f:9d:1d:
                    07:98:f3:84:aa:47:74:65:17:85:41:5d:32:4f:a6:
                    ab:f7:e1:55:54:14:da:1a:a8:91:35:08:31:65:2b:
                    3d:87:ac:d0:e3:b9:2c:37:d3:d1:e7:3e:b2:34:82:
                    aa:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:67:8A:F8:B2:4B:EB:39:5D:83:C8:5B:B2:2D:D5:3C:78:E1:AF:96
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/HmeK-LJL6zldg8hbsi3VPHjhr5Y.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  218.160.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         d0:05:99:a6:c6:c5:e0:82:3f:47:a6:4d:48:9e:ef:28:62:20:
         ae:2a:3d:f3:60:e7:24:83:dd:73:d5:e2:c2:64:e4:2d:67:d1:
         67:db:80:29:10:3f:f9:9e:0f:e0:40:d9:fa:2d:af:9d:54:81:
         67:26:96:9f:d1:b3:45:fb:6a:7d:c7:a6:e1:9d:d7:b6:ee:c6:
         38:b8:be:69:60:12:2f:73:54:e4:7c:b2:02:0a:2a:a0:29:f0:
         ba:45:fb:64:c0:7e:90:83:3a:05:5d:6a:ab:cb:5a:b8:43:5e:
         bd:e6:f0:33:bb:43:81:4c:2f:d5:d0:26:91:6a:88:8e:65:21:
         1e:01:c6:e3:94:cc:82:69:df:99:cc:cd:3a:7a:6c:22:d2:b1:
         87:9b:26:f6:38:49:34:48:ce:52:fd:19:e3:92:bc:fb:c8:32:
         b8:7a:dc:23:af:93:fe:6c:9a:9f:7c:b0:a6:71:16:8b:bc:53:
         4f:16:88:e7:03:98:4b:41:f5:db:4b:05:6b:9a:34:ee:d8:ed:
         02:aa:0b:f2:d3:b5:a7:e8:c2:a4:d7:7c:1b:2f:6b:ce:8e:8f:
         fc:60:1d:7f:c7:ae:0e:45:5a:b6:06:44:80:36:d7:b8:1b:ec:
         70:66:69:40:1e:8c:20:a6:c7:c1:0d:63:b1:1c:2a:ff:cb:ff:
         d2:bb:4a:ff
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICD7gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMzA5MDEw
ODU3MjVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDFFNjc4QUY4QjI0QkVC
Mzk1RDgzQzg1QkIyMkRENTNDNzhFMUFGOTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCW1jJ9wLt2XbGWLxf09aPHc/vT6oi6OTjGMDxSdNgj6PZ6xkA9
j8zWJ/UJoTQp1JZRpHuZatK+TqLG2w/T1E/rhkDt/J4M587lGV3Q6xKO3Q8Ad6Yy
mDtYgz+6x7wDhWU8akMXiZND7G865yf9LKfD92qOmwmhtE2dlF0CHRXwiOAfbdTe
38y/pxgoBzyz22WeSMhiRaRAQkjluQiIKK3heBNZnyVcIXvB4VixrlfMoB8i14UN
hWWsiL1OfntwydDLLtOQaTvdsg+K8w7IqC+dHQeY84SqR3RlF4VBXTJPpqv34VVU
FNoaqJE1CDFlKz2HrNDjuSw309HnPrI0gqpnAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUHmeK+LJL6zldg8hbsi3VPHjhr5YwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9IbWVLLUxKTDZ6bGRnOGhic2kz
VlBIamhyNVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMC2qAw
DQYJKoZIhvcNAQELBQADggEBANAFmabGxeCCP0emTUie7yhiIK4qPfNg5ySD3XPV
4sJk5C1n0WfbgCkQP/meD+BA2fotr51UgWcmlp/Rs0X7an3HpuGd17buxji4vmlg
Ei9zVOR8sgIKKqAp8LpF+2TAfpCDOgVdaqvLWrhDXr3m8DO7Q4FML9XQJpFqiI5l
IR4BxuOUzIJp35nMzTp6bCLSsYebJvY4STRIzlL9GeOSvPvIMrh63COvk/5smp98
sKZxFou8U08WiOcDmEtB9dtLBWuaNO7Y7QKqC/LTtafowqTXfBsva86Oj/xgHX/H
rg5FWrYGRIA217gb7HBmaUAejCCmx8ENY7EcKv/L/9K7Sv8=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:13 2024 by rpki-client on console-ams.rpki-client.org