Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HONGDA/sJDQKW1oRlZd2p9TRmyuoKxCYeU.roa
File:                     sJDQKW1oRlZd2p9TRmyuoKxCYeU.roa (raw, json)
Hash identifier:          Ks0Ptd40z+7RW5VRjAHIosEHsLZv5CZo0TaW4tBnTyg=
Subject key identifier:   B0:90:D0:29:6D:68:46:56:5D:DA:9F:53:46:6C:AE:A0:AC:42:61:E5
Certificate issuer:       /CN=257DB7B9919975697366B7014F8CFE28EF364E73
Certificate serial:       0577
Authority key identifier: 25:7D:B7:B9:91:99:75:69:73:66:B7:01:4F:8C:FE:28:EF:36:4E:73
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/JX23uZGZdWlzZrcBT4z-KO82TnM.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/sJDQKW1oRlZd2p9TRmyuoKxCYeU.roa
Signing time:             Fri 01 Sep 2023 08:59:51 +0000
ROA not before:           Fri 01 Sep 2023 08:59:51 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     131657
IP address blocks:        2406:48c0::/32 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1399 (0x577)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=257DB7B9919975697366B7014F8CFE28EF364E73
        Validity
            Not Before: Sep  1 08:59:51 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=B090D0296D6846565DDA9F53466CAEA0AC4261E5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:ca:d0:6c:c8:da:bc:5a:79:69:3a:97:dd:fa:
                    8b:1a:de:95:25:27:f4:3b:1e:86:35:bc:51:40:22:
                    2d:21:c2:19:d8:07:8f:02:ad:5e:ca:97:97:83:ff:
                    5c:ea:9d:af:36:31:8b:b1:98:9e:c0:72:a5:e7:d4:
                    e9:09:0c:86:25:5f:11:57:15:66:d9:82:1a:77:a1:
                    ff:61:b2:4c:19:4e:a0:a5:ad:e6:92:40:1b:45:11:
                    3c:c9:10:58:fe:85:3b:5b:85:3c:0b:e4:4b:7f:11:
                    ed:8b:1a:e5:c4:a2:72:fe:0a:66:c9:a3:48:93:5d:
                    00:a2:a5:4f:06:79:b2:2a:45:85:32:e0:4a:68:47:
                    18:58:a3:d5:f5:49:e2:8d:f4:dd:f7:ec:a9:3a:a9:
                    3c:3a:bf:3a:1f:cd:77:39:e7:96:c1:8d:67:ae:f1:
                    bd:18:c9:ab:eb:35:e0:6e:62:06:57:ea:a7:88:b1:
                    22:79:bc:4a:f5:b3:10:47:19:7a:8a:5c:7c:31:78:
                    ff:61:39:f5:60:6f:b8:2e:48:bd:92:15:55:2c:d6:
                    ea:86:02:8d:ae:49:b9:3e:ad:6f:63:d2:ef:e1:c5:
                    9e:15:35:54:a4:fb:74:a2:17:e3:db:39:28:64:2e:
                    e8:25:1e:22:ef:06:67:d4:ff:a0:17:a6:c8:15:a2:
                    04:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:90:D0:29:6D:68:46:56:5D:DA:9F:53:46:6C:AE:A0:AC:42:61:E5
            X509v3 Authority Key Identifier:
                keyid:25:7D:B7:B9:91:99:75:69:73:66:B7:01:4F:8C:FE:28:EF:36:4E:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/JX23uZGZdWlzZrcBT4z-KO82TnM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/JX23uZGZdWlzZrcBT4z-KO82TnM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/sJDQKW1oRlZd2p9TRmyuoKxCYeU.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:48c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         75:ee:1b:f8:00:e8:b6:f3:b2:d8:eb:e3:bc:c8:22:3a:c5:ab:
         17:0b:73:8c:0d:d2:99:ef:57:8c:16:9c:40:d5:15:0c:f9:8e:
         f9:d1:83:b6:39:e7:ac:10:4c:92:9a:e3:d7:b8:83:39:a7:12:
         c9:5d:16:89:0b:20:c7:5c:30:5a:1e:97:60:6d:ce:99:06:d6:
         5d:25:ab:ec:1a:8e:0c:e1:18:a6:de:87:8e:b4:75:36:10:38:
         e2:70:ac:8e:ee:26:6c:a9:dc:c2:8b:7b:64:5c:67:62:9e:f0:
         1b:4f:56:03:cc:ce:59:ea:f3:a9:04:da:1c:49:65:e3:f0:30:
         3e:7a:19:cd:95:8a:ed:2a:64:d1:e3:f2:07:b7:94:ec:92:95:
         01:be:51:01:da:f8:d8:a6:81:e2:36:8a:a8:32:e7:1e:e0:94:
         ed:20:93:9e:ca:b0:ea:f1:63:14:8d:7f:fb:39:f2:2f:92:0f:
         e9:3a:fa:4d:82:27:9a:11:40:16:fe:fe:5d:af:a6:b6:5a:f5:
         cf:98:9f:33:69:b0:cf:00:11:8e:97:50:7c:dc:a1:ff:d4:2a:
         06:3a:db:e2:e8:0b:c5:a7:64:eb:77:02:05:53:27:bc:da:92:
         c3:f5:e6:70:1e:ea:3c:69:80:79:10:8f:ac:d3:ce:9f:20:f3:
         87:cb:7f:20
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICBXcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjU3
REI3Qjk5MTk5NzU2OTczNjZCNzAxNEY4Q0ZFMjhFRjM2NEU3MzAeFw0yMzA5MDEw
ODU5NTFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEIwOTBEMDI5NkQ2ODQ2
NTY1RERBOUY1MzQ2NkNBRUEwQUM0MjYxRTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSytBsyNq8WnlpOpfd+osa3pUlJ/Q7HoY1vFFAIi0hwhnYB48C
rV7Kl5eD/1zqna82MYuxmJ7AcqXn1OkJDIYlXxFXFWbZghp3of9hskwZTqClreaS
QBtFETzJEFj+hTtbhTwL5Et/Ee2LGuXEonL+CmbJo0iTXQCipU8GebIqRYUy4Epo
RxhYo9X1SeKN9N337Kk6qTw6vzofzXc555bBjWeu8b0YyavrNeBuYgZX6qeIsSJ5
vEr1sxBHGXqKXHwxeP9hOfVgb7guSL2SFVUs1uqGAo2uSbk+rW9j0u/hxZ4VNVSk
+3SiF+PbOShkLuglHiLvBmfU/6AXpsgVogTfAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUsJDQKW1oRlZd2p9TRmyuoKxCYeUwHwYDVR0jBBgwFoAUJX23uZGZdWlzZrcB
T4z+KO82TnMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9OR0RB
L0pYMjN1WkdaZFdselpyY0JUNHotS084MlRuTS5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvSlgyM3VaR1pkV2x6WnJjQlQ0ei1LTzgyVG5NLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9OR0RBL3NKRFFLVzFvUmxaZDJwOVRS
bXl1b0t4Q1llVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAk
BkjAMA0GCSqGSIb3DQEBCwUAA4IBAQB17hv4AOi287LY6+O8yCI6xasXC3OMDdKZ
71eMFpxA1RUM+Y750YO2OeesEEySmuPXuIM5pxLJXRaJCyDHXDBaHpdgbc6ZBtZd
JavsGo4M4Rim3oeOtHU2EDjicKyO7iZsqdzCi3tkXGdinvAbT1YDzM5Z6vOpBNoc
SWXj8DA+ehnNlYrtKmTR4/IHt5TskpUBvlEB2vjYpoHiNoqoMuce4JTtIJOeyrDq
8WMUjX/7OfIvkg/pOvpNgieaEUAW/v5dr6a2WvXPmJ8zabDPABGOl1B83KH/1CoG
Otvi6AvFp2TrdwIFUye82pLD9eZwHuo8aYB5EI+s086fIPOHy38g
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:20 2024 by rpki-client on console-fra.rpki-client.org