Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HONGDA/JtJXq7KfSfAzVivBaogtfzHhFOw.roa
File:                     JtJXq7KfSfAzVivBaogtfzHhFOw.roa (raw, json)
Hash identifier:          4poF+K4SMH0pwdr5X2bARL/8kH5ZH6GJxnieotExgZQ=
Subject key identifier:   26:D2:57:AB:B2:9F:49:F0:33:56:2B:C1:6A:88:2D:7F:31:E1:14:EC
Certificate issuer:       /CN=257DB7B9919975697366B7014F8CFE28EF364E73
Certificate serial:       057A
Authority key identifier: 25:7D:B7:B9:91:99:75:69:73:66:B7:01:4F:8C:FE:28:EF:36:4E:73
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/JX23uZGZdWlzZrcBT4z-KO82TnM.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/JtJXq7KfSfAzVivBaogtfzHhFOw.roa
Signing time:             Fri 01 Sep 2023 08:59:51 +0000
ROA not before:           Fri 01 Sep 2023 08:59:51 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     131657
IP address blocks:        103.153.176.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1402 (0x57a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=257DB7B9919975697366B7014F8CFE28EF364E73
        Validity
            Not Before: Sep  1 08:59:51 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=26D257ABB29F49F033562BC16A882D7F31E114EC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:9e:0a:29:d9:a4:14:33:00:5a:91:fb:e2:76:
                    b7:ce:3b:90:d6:5f:6c:36:26:83:19:fb:6c:c3:33:
                    96:09:4a:8b:1b:0e:51:f9:c3:e8:6e:32:b0:06:e8:
                    ea:fa:22:92:4e:2a:9e:79:e1:58:a2:72:fe:c7:d3:
                    89:14:9a:64:9b:6b:50:be:42:30:19:27:12:b5:e8:
                    b4:14:e6:0b:32:24:e2:60:3d:c9:6a:41:f6:ce:f9:
                    c9:67:24:9e:97:4c:9f:8d:92:5d:a9:26:65:6f:bc:
                    51:ed:78:76:0e:64:41:55:57:8a:87:ba:b1:80:df:
                    f6:79:d3:b6:e3:c1:7d:4d:ba:54:e0:02:da:47:cd:
                    2e:1e:1f:22:bd:83:0e:71:66:35:0a:22:18:2c:6a:
                    c3:d7:7f:ce:71:aa:3a:7d:a7:c4:64:cc:e5:6e:9c:
                    de:92:6e:2e:4d:88:44:ac:20:f3:55:2b:f3:8d:ee:
                    49:6c:dc:d4:15:e7:de:09:51:9b:e2:40:8a:08:15:
                    59:87:87:4f:0a:3a:8e:01:6f:33:50:f1:86:da:22:
                    b5:cb:07:d5:82:34:ab:ce:26:c1:d0:44:59:4d:8f:
                    1f:fc:27:54:0c:a5:66:77:0e:a4:14:cb:41:1b:a5:
                    ca:f3:e2:06:66:6f:16:99:8e:e0:91:f5:38:b9:24:
                    c8:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:D2:57:AB:B2:9F:49:F0:33:56:2B:C1:6A:88:2D:7F:31:E1:14:EC
            X509v3 Authority Key Identifier:
                keyid:25:7D:B7:B9:91:99:75:69:73:66:B7:01:4F:8C:FE:28:EF:36:4E:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/JX23uZGZdWlzZrcBT4z-KO82TnM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/JX23uZGZdWlzZrcBT4z-KO82TnM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/JtJXq7KfSfAzVivBaogtfzHhFOw.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.153.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:51:c0:e6:52:c7:71:5a:64:aa:9b:1b:87:5b:46:69:2d:dd:
         f4:4c:a8:37:07:ae:78:66:4f:bd:94:d5:81:7f:b8:7d:c6:1d:
         3d:11:6b:39:3a:60:28:23:f4:4b:c4:7a:90:70:6f:d5:30:7f:
         5a:48:a8:c6:c4:11:a8:86:60:47:b3:c7:a0:7d:df:59:6d:0d:
         5b:06:ee:ee:80:b7:f1:17:7b:21:e5:c2:04:40:f9:3d:c7:bc:
         95:d0:d5:60:8b:3f:e6:35:44:b2:78:ea:30:23:38:48:3c:99:
         89:95:41:93:80:0b:8d:25:44:f6:5e:fe:3e:d2:e8:68:2d:fe:
         f7:ca:dd:d0:56:75:b6:bd:b6:e5:24:a2:31:6c:3f:ed:c4:ac:
         54:c9:35:50:3f:82:08:1a:0c:34:c4:7a:f4:b1:39:21:64:58:
         24:66:7a:03:8a:a0:f0:df:75:5e:95:5b:c1:8d:e3:75:c2:3d:
         09:60:a4:07:08:2a:df:b5:01:66:68:73:4d:b9:fd:2d:29:89:
         30:8e:00:05:72:35:72:7f:b4:73:10:36:52:d4:83:a6:a6:7e:
         73:37:78:58:bf:3b:16:5e:d8:c3:78:7f:2f:b3:a4:71:34:d2:
         bb:30:6a:41:0f:3c:53:de:69:bd:96:b6:84:5e:de:72:3f:a5:
         44:7d:fa:be
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBXowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjU3
REI3Qjk5MTk5NzU2OTczNjZCNzAxNEY4Q0ZFMjhFRjM2NEU3MzAeFw0yMzA5MDEw
ODU5NTFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDI2RDI1N0FCQjI5RjQ5
RjAzMzU2MkJDMTZBODgyRDdGMzFFMTE0RUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKngop2aQUMwBakfvidrfOO5DWX2w2JoMZ+2zDM5YJSosbDlH5
w+huMrAG6Or6IpJOKp554Viicv7H04kUmmSba1C+QjAZJxK16LQU5gsyJOJgPclq
QfbO+clnJJ6XTJ+Nkl2pJmVvvFHteHYOZEFVV4qHurGA3/Z507bjwX1NulTgAtpH
zS4eHyK9gw5xZjUKIhgsasPXf85xqjp9p8RkzOVunN6Sbi5NiESsIPNVK/ON7kls
3NQV594JUZviQIoIFVmHh08KOo4BbzNQ8YbaIrXLB9WCNKvOJsHQRFlNjx/8J1QM
pWZ3DqQUy0Ebpcrz4gZmbxaZjuCR9Ti5JMjRAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUJtJXq7KfSfAzVivBaogtfzHhFOwwHwYDVR0jBBgwFoAUJX23uZGZdWlzZrcB
T4z+KO82TnMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9OR0RB
L0pYMjN1WkdaZFdselpyY0JUNHotS084MlRuTS5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvSlgyM3VaR1pkV2x6WnJjQlQ0ei1LTzgyVG5NLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9OR0RBL0p0SlhxN0tmU2ZBelZpdkJh
b2d0ZnpIaEZPdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABn
mbAwDQYJKoZIhvcNAQELBQADggEBAE9RwOZSx3FaZKqbG4dbRmkt3fRMqDcHrnhm
T72U1YF/uH3GHT0Razk6YCgj9EvEepBwb9Uwf1pIqMbEEaiGYEezx6B931ltDVsG
7u6At/EXeyHlwgRA+T3HvJXQ1WCLP+Y1RLJ46jAjOEg8mYmVQZOAC40lRPZe/j7S
6Ggt/vfK3dBWdba9tuUkojFsP+3ErFTJNVA/gggaDDTEevSxOSFkWCRmegOKoPDf
dV6VW8GN43XCPQlgpAcIKt+1AWZoc025/S0piTCOAAVyNXJ/tHMQNlLUg6amfnM3
eFi/OxZe2MN4fy+zpHE00rswakEPPFPeab2WtoRe3nI/pUR9+r4=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:13 2024 by rpki-client on console-ams.rpki-client.org