Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HOSTCOMTW/kYZXUi-o_zG30FktLVXkIwklAmQ.roa
File:                     kYZXUi-o_zG30FktLVXkIwklAmQ.roa (raw, json)
Hash identifier:          bFZjuFXADAabzAdQVjlippDP77V4BejzCfOM9RwLHt4=
Subject key identifier:   91:86:57:52:2F:A8:FF:31:B7:D0:59:2D:2D:55:E4:23:09:25:02:64
Certificate issuer:       /CN=4E609BA74186D0B0E3A1A9C010DA1DF0559A1982
Certificate serial:       09FE
Authority key identifier: 4E:60:9B:A7:41:86:D0:B0:E3:A1:A9:C0:10:DA:1D:F0:55:9A:19:82
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/TmCbp0GG0LDjoanAENod8FWaGYI.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTCOMTW/kYZXUi-o_zG30FktLVXkIwklAmQ.roa
Signing time:             Thu 15 Sep 2022 02:50:25 +0000
ROA not before:           Thu 15 Sep 2022 02:50:25 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     131149
IP address blocks:        2403:81c0::/32 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2558 (0x9fe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4E609BA74186D0B0E3A1A9C010DA1DF0559A1982
        Validity
            Not Before: Sep 15 02:50:25 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=918657522FA8FF31B7D0592D2D55E42309250264
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:d7:aa:af:2c:c4:11:4a:8a:aa:d7:24:bd:8f:
                    8a:59:46:87:08:eb:b1:d3:96:4a:b6:7f:f9:9d:b9:
                    79:c1:c7:7a:30:5d:90:51:e0:59:b6:8e:1a:a3:b1:
                    47:7d:a6:e2:dd:26:a2:79:0a:3f:c9:cc:e4:99:ef:
                    50:11:94:7b:86:7b:3e:b9:dd:c6:40:fc:80:42:15:
                    22:58:c0:cf:68:7a:9e:d5:2a:7c:00:09:6b:92:2f:
                    db:76:2a:d8:a0:4b:95:72:29:f0:fa:78:a5:28:ba:
                    8c:bd:94:05:33:15:2d:95:af:b0:7b:41:5e:f1:50:
                    aa:2b:3b:da:d1:14:a9:56:96:f0:98:4b:cf:0b:5c:
                    ad:eb:c8:3b:b1:ac:b3:74:d9:0c:72:f2:58:b7:b4:
                    12:53:06:60:81:5f:eb:8c:dd:7e:2f:7f:90:c3:53:
                    cd:33:d0:4d:e9:9f:b3:a0:6b:95:23:89:40:cf:f9:
                    e1:20:dc:88:59:3b:00:9d:bc:9b:c8:5b:66:a1:ad:
                    14:8e:de:3d:d6:69:21:56:da:0d:9f:f8:86:73:0d:
                    ab:c7:d9:78:36:96:c5:70:70:d3:e6:ca:eb:78:be:
                    2d:e2:96:60:93:88:20:03:57:89:f5:3a:54:d8:51:
                    00:bb:22:87:9f:ae:da:8d:64:d2:bf:1e:97:e4:b8:
                    58:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:86:57:52:2F:A8:FF:31:B7:D0:59:2D:2D:55:E4:23:09:25:02:64
            X509v3 Authority Key Identifier:
                keyid:4E:60:9B:A7:41:86:D0:B0:E3:A1:A9:C0:10:DA:1D:F0:55:9A:19:82

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTCOMTW/TmCbp0GG0LDjoanAENod8FWaGYI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TmCbp0GG0LDjoanAENod8FWaGYI.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTCOMTW/kYZXUi-o_zG30FktLVXkIwklAmQ.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2403:81c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         8c:35:0a:ea:97:ab:d4:ce:34:d0:c6:c0:7c:14:8b:df:9a:ff:
         ff:f2:8c:e5:6e:ae:39:ae:9d:02:b0:e2:15:9c:ea:8a:83:bd:
         6c:14:56:55:3f:0f:99:5f:43:41:80:bb:06:48:5c:bf:95:3d:
         fb:7d:24:7c:19:7c:29:bb:77:eb:b0:b3:28:e7:8d:9e:f9:1a:
         54:ac:57:cd:11:ab:a5:20:63:e1:d1:f8:16:64:44:7a:f9:7d:
         9d:3b:d8:1f:47:4f:28:0a:50:bd:57:dd:8f:3f:48:cb:4c:bd:
         4e:fd:72:c5:a7:61:75:ec:b1:18:4a:79:40:1b:3e:52:ab:39:
         b7:ce:91:df:61:01:67:12:5b:58:2b:eb:02:56:cf:f4:56:9a:
         f4:ff:a3:82:82:ff:03:aa:fb:51:3f:7b:22:77:e4:0f:35:36:
         2e:a3:dc:2c:e8:b2:81:ec:83:ba:94:04:91:fc:8a:1d:d8:5c:
         11:23:d2:2e:43:0f:5d:8a:1a:92:c4:1b:c5:a9:a6:54:99:d6:
         7b:f8:33:eb:3a:99:60:7f:fe:9d:ed:10:54:75:56:7f:7b:93:
         25:b7:84:29:55:68:22:29:a2:af:f8:d1:5f:1b:54:20:ce:52:
         ea:85:f8:c4:b5:10:4c:ca:3c:3f:64:54:2c:b7:aa:5d:4f:1f:
         15:60:24:ab
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgICCf4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEU2
MDlCQTc0MTg2RDBCMEUzQTFBOUMwMTBEQTFERjA1NTlBMTk4MjAeFw0yMjA5MTUw
MjUwMjVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDkxODY1NzUyMkZBOEZG
MzFCN0QwNTkyRDJENTVFNDIzMDkyNTAyNjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJ16qvLMQRSoqq1yS9j4pZRocI67HTlkq2f/mduXnBx3owXZBR
4Fm2jhqjsUd9puLdJqJ5Cj/JzOSZ71ARlHuGez653cZA/IBCFSJYwM9oep7VKnwA
CWuSL9t2KtigS5VyKfD6eKUouoy9lAUzFS2Vr7B7QV7xUKorO9rRFKlWlvCYS88L
XK3ryDuxrLN02Qxy8li3tBJTBmCBX+uM3X4vf5DDU80z0E3pn7Oga5UjiUDP+eEg
3IhZOwCdvJvIW2ahrRSO3j3WaSFW2g2f+IZzDavH2Xg2lsVwcNPmyut4vi3ilmCT
iCADV4n1OlTYUQC7IoefrtqNZNK/HpfkuFjfAgMBAAGjggH1MIIB8TAdBgNVHQ4E
FgQUkYZXUi+o/zG30FktLVXkIwklAmQwHwYDVR0jBBgwFoAUTmCbp0GG0LDjoanA
ENod8FWaGYIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVENP
TVRXL1RtQ2JwMEdHMExEam9hbkFFTm9kOEZXYUdZSS5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvVG1DYnAwR0cwTERqb2FuQUVOb2Q4RldhR1lJLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVENPTVRXL2tZWlhVaS1vX3pH
MzBGa3RMVlhrSXdrbEFtUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC
MAcDBQAkA4HAMA0GCSqGSIb3DQEBCwUAA4IBAQCMNQrql6vUzjTQxsB8FIvfmv//
8ozlbq45rp0CsOIVnOqKg71sFFZVPw+ZX0NBgLsGSFy/lT37fSR8GXwpu3frsLMo
542e+RpUrFfNEaulIGPh0fgWZER6+X2dO9gfR08oClC9V92PP0jLTL1O/XLFp2F1
7LEYSnlAGz5Sqzm3zpHfYQFnEltYK+sCVs/0Vpr0/6OCgv8DqvtRP3sid+QPNTYu
o9ws6LKB7IO6lASR/Iod2FwRI9IuQw9dihqSxBvFqaZUmdZ7+DPrOplgf/6d7RBU
dVZ/e5Mlt4QpVWgiKaKv+NFfG1QgzlLqhfjEtRBMyjw/ZFQst6pdTx8VYCSr
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:09 2024 by rpki-client on console-ams.rpki-client.org