Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/JIGENTEC/J4fmb7kHQ_3ylT7qz8inAD-XVhg.roa
File:                     J4fmb7kHQ_3ylT7qz8inAD-XVhg.roa (raw, json)
Hash identifier:          BM+tw/2yi2TbfiFWmHpUvZ6AEFJLUH7YoZmUJiTnRQc=
Subject key identifier:   27:87:E6:6F:B9:07:43:FD:F2:95:3E:EA:CF:C8:A7:00:3F:97:56:18
Certificate issuer:       /CN=830BC4410162A58D0DB17E0A351551FBB3D751A1
Certificate serial:       0B4A
Authority key identifier: 83:0B:C4:41:01:62:A5:8D:0D:B1:7E:0A:35:15:51:FB:B3:D7:51:A1
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/gwvEQQFipY0NsX4KNRVR-7PXUaE.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/JIGENTEC/J4fmb7kHQ_3ylT7qz8inAD-XVhg.roa
Signing time:             Fri 01 Sep 2023 09:11:16 +0000
ROA not before:           Fri 01 Sep 2023 09:11:16 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     131619
IP address blocks:        103.116.98.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2890 (0xb4a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=830BC4410162A58D0DB17E0A351551FBB3D751A1
        Validity
            Not Before: Sep  1 09:11:16 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=2787E66FB90743FDF2953EEACFC8A7003F975618
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:2e:90:ab:1d:22:a5:8b:46:09:5d:73:03:eb:
                    13:b0:9f:e1:72:9e:2f:64:4b:03:6e:27:f5:85:cb:
                    67:eb:24:cf:93:ef:6e:27:be:d0:7a:ee:1e:63:0e:
                    2f:58:18:23:03:77:d3:12:64:6b:11:5e:af:21:65:
                    38:3d:1e:1a:63:71:e2:9a:e2:73:23:c7:e6:fb:54:
                    57:7b:4e:a9:de:9e:db:a9:94:59:39:36:b0:4e:e8:
                    63:bd:0b:58:73:b7:c6:e4:f2:bc:c6:07:f6:60:ec:
                    57:f4:0b:6e:4e:59:72:79:b0:03:92:6b:5f:7a:85:
                    6d:41:bd:6c:71:f3:8c:f0:6b:70:31:46:dc:0c:97:
                    3c:eb:27:ad:44:56:ed:4b:00:66:e4:5a:de:9d:97:
                    15:e8:88:f0:b6:1b:75:62:2b:46:0a:5f:da:88:1c:
                    09:a9:32:4a:48:05:8f:ef:73:28:0a:b9:56:4b:f7:
                    40:cd:32:6a:ea:75:ba:0b:05:46:6d:76:b7:82:02:
                    ea:44:d4:1c:73:f5:bc:9d:59:eb:7d:a1:9a:05:05:
                    51:4f:b6:44:68:66:f9:8e:1f:56:f9:9c:16:01:ee:
                    a2:39:6e:ac:91:ac:2f:b4:5b:a1:e7:b9:2e:43:a2:
                    f0:07:72:a8:88:a5:87:b1:95:a3:f0:28:84:b8:a6:
                    b7:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:87:E6:6F:B9:07:43:FD:F2:95:3E:EA:CF:C8:A7:00:3F:97:56:18
            X509v3 Authority Key Identifier:
                keyid:83:0B:C4:41:01:62:A5:8D:0D:B1:7E:0A:35:15:51:FB:B3:D7:51:A1

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/JIGENTEC/gwvEQQFipY0NsX4KNRVR-7PXUaE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gwvEQQFipY0NsX4KNRVR-7PXUaE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/JIGENTEC/J4fmb7kHQ_3ylT7qz8inAD-XVhg.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.116.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:de:ad:e0:86:97:09:64:70:3d:eb:72:ad:d0:c9:5f:68:61:
         35:e6:bc:66:cd:9f:4a:dc:c9:f1:0c:ba:b5:20:5e:a2:c9:2e:
         e9:70:00:7e:a0:e3:90:0b:1d:f1:6b:51:a6:c1:c8:46:10:a5:
         1f:10:08:fc:77:a8:86:9c:74:90:f9:aa:da:66:fd:59:4c:6b:
         2e:54:57:4b:19:24:16:45:3a:6e:6e:95:29:bd:a4:9b:0f:ec:
         60:9f:e9:23:39:ae:3b:07:29:07:29:59:a2:cb:09:dc:e9:95:
         99:d4:8f:2c:b4:91:aa:41:82:36:5b:17:26:60:57:33:2a:c4:
         82:42:7a:c2:0a:f5:1e:cd:a4:c9:9b:77:3f:2e:29:cd:41:c2:
         78:be:01:d5:d8:0e:21:f7:84:e2:a8:e5:3e:65:40:be:37:7e:
         fe:0a:81:01:0a:d4:35:0b:d5:3e:8e:07:b7:27:ca:19:57:3c:
         67:8c:ec:2a:eb:80:18:e5:d4:b7:0c:bb:d2:86:a0:e8:5c:61:
         ce:32:d5:97:49:ab:71:4d:a1:9e:2e:59:5a:27:27:7a:38:51:
         28:38:fa:64:ac:c3:7b:5e:7a:49:67:aa:3e:62:2f:5e:df:20:
         5c:ed:01:40:77:03:cc:6c:87:d2:05:6a:91:a3:fb:7d:8d:91:
         bb:e7:f9:ed
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICC0owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODMw
QkM0NDEwMTYyQTU4RDBEQjE3RTBBMzUxNTUxRkJCM0Q3NTFBMTAeFw0yMzA5MDEw
OTExMTZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDI3ODdFNjZGQjkwNzQz
RkRGMjk1M0VFQUNGQzhBNzAwM0Y5NzU2MTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwLpCrHSKli0YJXXMD6xOwn+Fyni9kSwNuJ/WFy2frJM+T724n
vtB67h5jDi9YGCMDd9MSZGsRXq8hZTg9HhpjceKa4nMjx+b7VFd7TqnentuplFk5
NrBO6GO9C1hzt8bk8rzGB/Zg7Ff0C25OWXJ5sAOSa196hW1BvWxx84zwa3AxRtwM
lzzrJ61EVu1LAGbkWt6dlxXoiPC2G3ViK0YKX9qIHAmpMkpIBY/vcygKuVZL90DN
MmrqdboLBUZtdreCAupE1Bxz9bydWet9oZoFBVFPtkRoZvmOH1b5nBYB7qI5bqyR
rC+0W6HnuS5DovAHcqiIpYexlaPwKIS4prelAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUJ4fmb7kHQ/3ylT7qz8inAD+XVhgwHwYDVR0jBBgwFoAUgwvEQQFipY0NsX4K
NRVR+7PXUaEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSklHRU5U
RUMvZ3d2RVFRRmlwWTBOc1g0S05SVlItN1BYVWFFLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9nd3ZFUVFGaXBZME5zWDRLTlJWUi03UFhVYUUuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9KSUdFTlRFQy9KNGZtYjdrSFFfM3ls
VDdxejhpbkFELVhWaGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3RiMA0GCSqGSIb3DQEBCwUAA4IBAQCf3q3ghpcJZHA963Kt0MlfaGE15rxm
zZ9K3MnxDLq1IF6iyS7pcAB+oOOQCx3xa1GmwchGEKUfEAj8d6iGnHSQ+araZv1Z
TGsuVFdLGSQWRTpubpUpvaSbD+xgn+kjOa47BykHKVmiywnc6ZWZ1I8stJGqQYI2
WxcmYFczKsSCQnrCCvUezaTJm3c/LinNQcJ4vgHV2A4h94TiqOU+ZUC+N37+CoEB
CtQ1C9U+jge3J8oZVzxnjOwq64AY5dS3DLvShqDoXGHOMtWXSatxTaGeLllaJyd6
OFEoOPpkrMN7XnpJZ6o+Yi9e3yBc7QFAdwPMbIfSBWqRo/t9jZG75/nt
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:14 2024 by rpki-client on console-ams.rpki-client.org