Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/HHGkp988dfvCLSMp87LnoAz97YY.roa
File:                     HHGkp988dfvCLSMp87LnoAz97YY.roa (raw, json)
Hash identifier:          C57RPKqXmopsIgqLJfguFEEdi29nWOnx+3AeRauaKLM=
Subject key identifier:   1C:71:A4:A7:DF:3C:75:FB:C2:2D:23:29:F3:B2:E7:A0:0C:FD:ED:86
Certificate issuer:       /CN=ABED28FFCC040E36032C42615495562BCC6EF45C
Certificate serial:       056A
Authority key identifier: AB:ED:28:FF:CC:04:0E:36:03:2C:42:61:54:95:56:2B:CC:6E:F4:5C
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/HHGkp988dfvCLSMp87LnoAz97YY.roa
Signing time:             Fri 01 Sep 2023 09:00:32 +0000
ROA not before:           Fri 01 Sep 2023 09:00:32 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     9678
IP address blocks:        2401:95c0::/32 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1386 (0x56a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ABED28FFCC040E36032C42615495562BCC6EF45C
        Validity
            Not Before: Sep  1 09:00:32 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=1C71A4A7DF3C75FBC22D2329F3B2E7A00CFDED86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:cc:b3:7f:6e:3f:de:f4:11:3e:54:d8:83:8b:
                    4e:71:07:e0:66:a8:69:3b:6d:f0:9f:ad:ed:dd:d9:
                    85:dd:a9:87:94:c7:0a:3c:5e:18:f9:c0:6c:8e:4b:
                    61:f2:53:fa:b3:32:12:52:b8:80:fc:dd:49:3c:27:
                    20:5c:d7:d3:43:9b:d4:f2:83:0c:7c:2c:dc:2c:e6:
                    56:87:83:31:85:e5:b3:e7:77:c1:cc:87:f2:65:e9:
                    01:36:17:c7:f5:f1:19:fa:33:f5:17:35:e2:7b:86:
                    f2:48:f8:83:df:8c:15:89:53:ac:fe:e2:31:b0:d0:
                    68:f8:06:7b:ce:77:e0:07:e4:50:13:95:19:ec:e3:
                    5e:c9:31:3c:68:96:b6:6e:4e:9b:d9:85:8f:af:d7:
                    e8:f2:ce:aa:5b:58:38:a5:1c:5e:65:77:96:5f:3c:
                    e6:26:eb:38:bd:9f:94:43:e0:59:80:29:24:bc:22:
                    bd:4f:91:9e:e0:7e:62:43:aa:f4:13:a1:55:59:24:
                    d4:e4:43:70:5e:f5:d4:d8:5e:b5:02:cb:0e:94:cf:
                    c6:90:4e:62:bb:a1:0a:9d:b1:7f:39:53:6e:fd:88:
                    b4:6e:b8:c5:8c:f6:57:78:31:90:26:b8:4a:2d:06:
                    8c:e3:9d:dc:27:7f:dc:86:81:8a:f6:ed:8a:f6:f0:
                    4c:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:71:A4:A7:DF:3C:75:FB:C2:2D:23:29:F3:B2:E7:A0:0C:FD:ED:86
            X509v3 Authority Key Identifier:
                keyid:AB:ED:28:FF:CC:04:0E:36:03:2C:42:61:54:95:56:2B:CC:6E:F4:5C

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/HHGkp988dfvCLSMp87LnoAz97YY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:95c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         37:2a:c8:a7:f2:83:eb:c9:0d:57:35:32:29:97:34:db:83:51:
         96:e8:df:cc:01:cb:dc:c1:08:f0:1c:15:ce:e9:3f:01:d6:e0:
         fc:db:b5:02:54:8c:f3:1a:e2:fc:c3:4e:b0:a1:b9:03:01:5a:
         61:c8:54:4e:a5:8a:f7:64:7d:ce:7f:49:fc:b9:c0:8e:88:75:
         b1:00:85:a1:b3:c4:e7:0e:bd:8c:dc:6a:5a:b4:76:a0:0f:19:
         c8:0d:b1:b7:ba:45:44:7f:c1:e3:f8:bd:d5:84:e5:bd:6e:94:
         2a:e6:e0:27:2b:fd:a5:52:76:cc:14:f4:64:e2:78:de:7a:89:
         1d:ee:e5:94:3d:26:7a:cb:4b:1c:65:0b:67:eb:4a:d1:83:23:
         45:c5:9e:8c:9b:31:c9:07:b2:3c:06:47:40:ee:5e:02:51:c9:
         f6:22:86:9e:3f:73:1b:8f:d2:ff:31:2c:af:95:24:61:d1:55:
         17:ff:be:0d:c2:44:d9:fc:ad:f7:66:bb:ce:f1:9a:8d:1e:b4:
         19:c0:14:bc:a9:6f:ad:6d:7e:b6:6c:2d:be:da:9e:df:49:fa:
         c2:46:f4:65:84:4e:ba:f9:de:f7:dc:5d:90:89:3c:bf:08:43:
         34:27:37:97:47:8b:cf:73:89:bb:9b:ab:5f:eb:28:90:0e:3e:
         55:59:39:cf
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICBWowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUJF
RDI4RkZDQzA0MEUzNjAzMkM0MjYxNTQ5NTU2MkJDQzZFRjQ1QzAeFw0yMzA5MDEw
OTAwMzJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDFDNzFBNEE3REYzQzc1
RkJDMjJEMjMyOUYzQjJFN0EwMENGREVEODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAzLN/bj/e9BE+VNiDi05xB+BmqGk7bfCfre3d2YXdqYeUxwo8
Xhj5wGyOS2HyU/qzMhJSuID83Uk8JyBc19NDm9Tygwx8LNws5laHgzGF5bPnd8HM
h/Jl6QE2F8f18Rn6M/UXNeJ7hvJI+IPfjBWJU6z+4jGw0Gj4BnvOd+AH5FATlRns
417JMTxolrZuTpvZhY+v1+jyzqpbWDilHF5ld5ZfPOYm6zi9n5RD4FmAKSS8Ir1P
kZ7gfmJDqvQToVVZJNTkQ3Be9dTYXrUCyw6Uz8aQTmK7oQqdsX85U279iLRuuMWM
9ld4MZAmuEotBozjndwnf9yGgYr27Yr28EyPAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUHHGkp988dfvCLSMp87LnoAz97YYwHwYDVR0jBBgwFoAUq+0o/8wEDjYDLEJh
VJVWK8xu9FwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElO
L3EtMG9fOHdFRGpZRExFSmhWSlZXSzh4dTlGdy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvcS0wb184d0VEallETEVKaFZKVldLOHh1OUZ3LmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElOL0hIR2twOTg4ZGZ2Q0xTTXA4
N0xub0F6OTdZWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAk
AZXAMA0GCSqGSIb3DQEBCwUAA4IBAQA3Ksin8oPryQ1XNTIplzTbg1GW6N/MAcvc
wQjwHBXO6T8B1uD827UCVIzzGuL8w06wobkDAVphyFROpYr3ZH3Of0n8ucCOiHWx
AIWhs8TnDr2M3GpatHagDxnIDbG3ukVEf8Hj+L3VhOW9bpQq5uAnK/2lUnbMFPRk
4njeeokd7uWUPSZ6y0scZQtn60rRgyNFxZ6MmzHJB7I8BkdA7l4CUcn2IoaeP3Mb
j9L/MSyvlSRh0VUX/74NwkTZ/K33ZrvO8ZqNHrQZwBS8qW+tbX62bC2+2p7fSfrC
RvRlhE66+d733F2QiTy/CEM0JzeXR4vPc4m7m6tf6yiQDj5VWTnP
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:13 2024 by rpki-client on console-ams.rpki-client.org