Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/S4ny8DlTQDw58nRvu_6qXB-7l88.roa
File:                     S4ny8DlTQDw58nRvu_6qXB-7l88.roa (raw, json)
Hash identifier:          p0qn7EHgAIE+eMlzCIacd+Wjvxgak8PyQyI4aIktXeM=
Subject key identifier:   4B:89:F2:F0:39:53:40:3C:39:F2:74:6F:BB:FE:AA:5C:1F:BB:97:CF
Certificate issuer:       /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial:       0F45
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/S4ny8DlTQDw58nRvu_6qXB-7l88.roa
Signing time:             Fri 01 Sep 2023 08:56:50 +0000
ROA not before:           Fri 01 Sep 2023 08:56:50 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     3462
IP address blocks:        59.112.0.0/13 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3909 (0xf45)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
        Validity
            Not Before: Sep  1 08:56:50 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=4B89F2F03953403C39F2746FBBFEAA5C1FBB97CF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:6d:39:47:a4:94:ca:56:91:07:43:32:e2:3e:
                    f1:14:e4:1e:12:75:a4:6b:c7:0a:aa:8d:f4:1a:33:
                    dd:d9:3f:fb:0c:02:80:4c:9b:88:e6:fc:f9:c3:87:
                    97:07:6a:5e:a0:47:ae:fc:4c:a0:a9:2b:f1:1a:e3:
                    86:86:74:a4:11:d0:69:76:63:2d:93:df:83:39:9f:
                    69:b4:53:0a:54:dc:02:26:0a:01:d5:73:71:29:f4:
                    c5:b5:04:81:2e:3c:f2:79:7f:9d:eb:b8:9c:a9:fc:
                    61:dd:7f:8b:66:fc:ce:4f:7f:bc:57:d3:1e:27:f5:
                    00:fa:e5:74:38:86:f9:ae:0c:61:11:0d:52:cd:34:
                    9d:2d:be:2b:2b:59:3f:9b:da:bd:be:16:4d:16:f1:
                    3f:59:ae:1a:ea:fe:50:63:c1:19:f9:50:fc:0e:85:
                    8b:54:91:7a:e7:66:e2:45:29:2b:50:0b:cf:26:5d:
                    07:2b:3f:74:04:56:39:0d:71:1a:29:ae:59:56:f1:
                    8d:92:6d:0e:da:38:63:94:f9:49:fd:38:7d:a1:24:
                    41:53:77:ba:73:58:f2:b3:2a:e0:1c:23:9d:cb:5f:
                    bb:60:80:7f:cd:80:90:a7:fd:0c:be:d7:6e:1d:a1:
                    27:34:06:1c:f9:1c:0b:f1:23:1f:83:df:2f:73:09:
                    69:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:89:F2:F0:39:53:40:3C:39:F2:74:6F:BB:FE:AA:5C:1F:BB:97:CF
            X509v3 Authority Key Identifier:
                keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/S4ny8DlTQDw58nRvu_6qXB-7l88.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  59.112.0.0/13

    Signature Algorithm: sha256WithRSAEncryption
         16:71:fb:db:a6:9f:c2:e1:db:96:48:68:2d:0b:e1:db:f7:26:
         01:7d:f1:2f:41:90:d0:24:3a:ed:88:49:22:a0:e7:02:2e:10:
         5e:b2:76:c5:2b:0b:2a:e9:7e:a0:98:aa:8c:0d:c9:05:63:66:
         4c:dd:eb:1e:f1:07:48:47:d1:33:e4:d4:4c:0a:27:b6:04:7c:
         3f:ca:74:9b:f4:b4:e1:8d:ba:a7:c5:de:e4:41:db:3e:04:19:
         67:e2:29:09:9e:aa:29:15:b6:21:19:29:0f:ac:fe:82:85:d6:
         cc:8d:e4:ec:63:ee:cf:07:fd:ce:1f:d1:3c:db:44:3b:2c:fe:
         48:ee:c6:25:1d:43:89:f2:64:bb:eb:42:de:30:47:4f:bc:32:
         d0:c4:01:a8:91:a6:4f:fc:86:d4:86:c8:59:8d:46:b1:8e:17:
         9b:5f:84:1f:59:7a:94:03:97:e9:38:b1:de:3f:44:b0:8b:d3:
         2e:34:1b:36:53:30:b5:da:b3:35:30:36:0d:d4:69:d4:61:69:
         9e:bd:24:2d:86:01:33:c9:97:4c:7b:aa:85:5c:8b:a2:fd:c9:
         e9:66:57:e0:79:17:f5:1a:12:b1:a4:0f:b4:86:b9:8f:10:da:
         2e:89:8e:95:2c:1e:c8:d7:a7:16:fb:2e:4d:b7:b7:33:c3:ab:
         83:35:97:5e
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICD0UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMzA5MDEw
ODU2NTBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDRCODlGMkYwMzk1MzQw
M0MzOUYyNzQ2RkJCRkVBQTVDMUZCQjk3Q0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCobTlHpJTKVpEHQzLiPvEU5B4SdaRrxwqqjfQaM93ZP/sMAoBM
m4jm/PnDh5cHal6gR678TKCpK/Ea44aGdKQR0Gl2Yy2T34M5n2m0UwpU3AImCgHV
c3Ep9MW1BIEuPPJ5f53ruJyp/GHdf4tm/M5Pf7xX0x4n9QD65XQ4hvmuDGERDVLN
NJ0tvisrWT+b2r2+Fk0W8T9Zrhrq/lBjwRn5UPwOhYtUkXrnZuJFKStQC88mXQcr
P3QEVjkNcRoprllW8Y2SbQ7aOGOU+Un9OH2hJEFTd7pzWPKzKuAcI53LX7tggH/N
gJCn/Qy+124doSc0Bhz5HAvxIx+D3y9zCWkfAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUS4ny8DlTQDw58nRvu/6qXB+7l88wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9TNG55OERsVFFEdzU4blJ2dV82
cVhCLTdsODgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMDO3Aw
DQYJKoZIhvcNAQELBQADggEBABZx+9umn8Lh25ZIaC0L4dv3JgF98S9BkNAkOu2I
SSKg5wIuEF6ydsUrCyrpfqCYqowNyQVjZkzd6x7xB0hH0TPk1EwKJ7YEfD/KdJv0
tOGNuqfF3uRB2z4EGWfiKQmeqikVtiEZKQ+s/oKF1syN5Oxj7s8H/c4f0TzbRDss
/kjuxiUdQ4nyZLvrQt4wR0+8MtDEAaiRpk/8htSGyFmNRrGOF5tfhB9ZepQDl+k4
sd4/RLCL0y40GzZTMLXaszUwNg3UadRhaZ69JC2GATPJl0x7qoVci6L9yelmV+B5
F/UaErGkD7SGuY8Q2i6JjpUsHsjXpxb7Lk23tzPDq4M1l14=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:20 2024 by rpki-client on console-fra.rpki-client.org