Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HONGDA/rkEe_KWlcwB5uUZqlz9ukZj8GPA.roa
File:                     rkEe_KWlcwB5uUZqlz9ukZj8GPA.roa (raw, json)
Hash identifier:          F7O6KGfnSgDTXWIMHMshefEwLAEZr95oDl1A6zMHSnI=
Subject key identifier:   AE:41:1E:FC:A5:A5:73:00:79:B9:46:6A:97:3F:6E:91:98:FC:18:F0
Certificate issuer:       /CN=257DB7B9919975697366B7014F8CFE28EF364E73
Certificate serial:       05A9
Authority key identifier: 25:7D:B7:B9:91:99:75:69:73:66:B7:01:4F:8C:FE:28:EF:36:4E:73
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/JX23uZGZdWlzZrcBT4z-KO82TnM.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/rkEe_KWlcwB5uUZqlz9ukZj8GPA.roa
Signing time:             Thu 12 Oct 2023 08:25:48 +0000
ROA not before:           Thu 12 Oct 2023 08:25:48 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     131657
IP address blocks:        103.122.189.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1449 (0x5a9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=257DB7B9919975697366B7014F8CFE28EF364E73
        Validity
            Not Before: Oct 12 08:25:48 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=AE411EFCA5A5730079B9466A973F6E9198FC18F0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:54:22:d1:d2:2c:ac:2c:78:cf:36:50:07:98:
                    c4:af:ed:04:1c:fc:7c:b4:2a:2f:7d:f1:18:a3:55:
                    63:8f:f2:fb:47:37:38:0c:1a:2c:7d:ba:1f:a0:dd:
                    a2:d7:7e:e4:9e:f0:d1:97:e1:ad:b5:92:e2:b3:d1:
                    ff:0f:68:7e:33:94:46:d1:02:eb:f0:30:2e:3e:07:
                    ae:85:23:c4:38:8b:83:f7:4c:75:f6:57:60:b2:34:
                    23:6d:69:ea:47:cf:b4:14:64:db:62:17:d5:34:7e:
                    bf:6d:e4:23:94:5d:74:05:70:f2:f8:21:62:48:f9:
                    de:c0:70:d1:1d:e9:09:03:4f:ce:e2:d5:01:cc:c9:
                    29:ce:26:d1:39:7d:eb:26:4c:fb:ac:9d:9c:fa:de:
                    73:86:72:2d:00:be:24:91:24:88:a6:76:b4:ca:e0:
                    2f:cf:ef:a7:8f:02:3d:ea:e4:14:1b:b2:75:0d:3c:
                    69:d8:d6:5f:51:cf:20:08:a6:2e:be:c1:6d:3c:d8:
                    3a:d4:94:fd:26:6a:38:e1:ce:48:98:14:0f:2f:67:
                    c2:2b:68:bb:c7:0f:20:f4:da:e9:bb:c1:8d:69:e3:
                    85:7a:51:27:4a:cf:e7:1b:13:a7:d8:4d:29:4c:d1:
                    a1:4e:24:d8:38:b3:0f:df:55:e0:a3:bc:50:c2:2c:
                    06:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:41:1E:FC:A5:A5:73:00:79:B9:46:6A:97:3F:6E:91:98:FC:18:F0
            X509v3 Authority Key Identifier:
                keyid:25:7D:B7:B9:91:99:75:69:73:66:B7:01:4F:8C:FE:28:EF:36:4E:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/JX23uZGZdWlzZrcBT4z-KO82TnM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/JX23uZGZdWlzZrcBT4z-KO82TnM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/rkEe_KWlcwB5uUZqlz9ukZj8GPA.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.122.189.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:6c:b2:91:52:8a:95:00:82:2e:2c:58:82:01:4a:0e:89:dd:
         f7:58:a6:44:48:c5:c0:23:83:d7:1d:94:56:0b:5d:a2:0e:ff:
         50:88:ce:a9:3d:97:2f:16:1c:30:fa:52:a1:fc:e2:d1:0e:81:
         62:f2:5a:95:1a:7a:2c:27:35:4c:07:a3:e4:ea:c3:10:58:a4:
         6b:ed:47:3e:1d:17:08:af:ef:d5:b7:ed:af:4c:31:f3:8e:d3:
         7a:fe:bf:4a:4d:12:ff:39:5f:27:7f:b2:50:7b:df:8b:d5:c5:
         5f:aa:cd:8b:34:47:e1:92:92:b7:a5:be:ad:d0:36:71:91:75:
         0a:91:21:3a:b3:b0:df:f3:44:85:2c:42:2a:b2:53:b7:d0:1c:
         f1:0e:1a:e1:ab:bf:36:78:b9:ed:da:2f:3a:db:e1:a7:54:6a:
         e6:13:8d:0e:a8:c4:a3:7c:4f:f8:d8:b0:5e:17:88:34:9f:2c:
         47:27:93:5d:2c:d4:96:ec:95:87:9e:7a:a5:35:a2:57:12:e1:
         50:49:ef:96:48:1e:f1:a4:40:f9:5d:bd:cd:f1:89:79:78:4d:
         eb:93:be:5d:c2:dd:a4:be:54:99:e5:36:5b:dd:af:d4:01:0b:
         a2:4b:8f:03:b3:68:02:09:3a:0e:92:bf:9a:d7:de:9d:22:63:
         ce:85:ea:95
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBakwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjU3
REI3Qjk5MTk5NzU2OTczNjZCNzAxNEY4Q0ZFMjhFRjM2NEU3MzAeFw0yMzEwMTIw
ODI1NDhaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEFFNDExRUZDQTVBNTcz
MDA3OUI5NDY2QTk3M0Y2RTkxOThGQzE4RjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1VCLR0iysLHjPNlAHmMSv7QQc/Hy0Ki998RijVWOP8vtHNzgM
Gix9uh+g3aLXfuSe8NGX4a21kuKz0f8PaH4zlEbRAuvwMC4+B66FI8Q4i4P3THX2
V2CyNCNtaepHz7QUZNtiF9U0fr9t5COUXXQFcPL4IWJI+d7AcNEd6QkDT87i1QHM
ySnOJtE5fesmTPusnZz63nOGci0AviSRJIimdrTK4C/P76ePAj3q5BQbsnUNPGnY
1l9RzyAIpi6+wW082DrUlP0majjhzkiYFA8vZ8IraLvHDyD02um7wY1p44V6USdK
z+cbE6fYTSlM0aFOJNg4sw/fVeCjvFDCLAYdAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUrkEe/KWlcwB5uUZqlz9ukZj8GPAwHwYDVR0jBBgwFoAUJX23uZGZdWlzZrcB
T4z+KO82TnMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9OR0RB
L0pYMjN1WkdaZFdselpyY0JUNHotS084MlRuTS5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvSlgyM3VaR1pkV2x6WnJjQlQ0ei1LTzgyVG5NLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9OR0RBL3JrRWVfS1dsY3dCNXVVWnFs
ejl1a1pqOEdQQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABn
er0wDQYJKoZIhvcNAQELBQADggEBABJsspFSipUAgi4sWIIBSg6J3fdYpkRIxcAj
g9cdlFYLXaIO/1CIzqk9ly8WHDD6UqH84tEOgWLyWpUaeiwnNUwHo+TqwxBYpGvt
Rz4dFwiv79W37a9MMfOO03r+v0pNEv85Xyd/slB734vVxV+qzYs0R+GSkrelvq3Q
NnGRdQqRITqzsN/zRIUsQiqyU7fQHPEOGuGrvzZ4ue3aLzrb4adUauYTjQ6oxKN8
T/jYsF4XiDSfLEcnk10s1JbslYeeeqU1olcS4VBJ75ZIHvGkQPldvc3xiXl4TeuT
vl3C3aS+VJnlNlvdr9QBC6JLjwOzaAIJOg6Sv5rX3p0iY86F6pU=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:13 2024 by rpki-client on console-ams.rpki-client.org