Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/J7x_8MdconCF9SxoW7v8FIHbXZc.roa
File:                     J7x_8MdconCF9SxoW7v8FIHbXZc.roa (raw, json)
Hash identifier:          F3msCZ4oiG8QKE+PTgXtlToZiTl9zRJa1gaIo9yYmuA=
Subject key identifier:   27:BC:7F:F0:C7:5C:A2:70:85:F5:2C:68:5B:BB:FC:14:81:DB:5D:97
Certificate issuer:       /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
Certificate serial:       0BFD
Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/J7x_8MdconCF9SxoW7v8FIHbXZc.roa
Signing time:             Fri 01 Sep 2023 09:11:51 +0000
ROA not before:           Fri 01 Sep 2023 09:11:51 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     9416
IP address blocks:        220.157.112.0/20 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3069 (0xbfd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
        Validity
            Not Before: Sep  1 09:11:51 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=27BC7FF0C75CA27085F52C685BBBFC1481DB5D97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:b8:a5:33:ec:00:36:d4:2f:68:e2:67:df:7f:
                    4a:9e:33:10:94:15:7b:b9:b3:d5:6b:de:bd:0f:bd:
                    bf:9d:9a:3d:f5:90:fb:79:a1:82:f0:07:01:ad:40:
                    cf:b0:c5:b2:ee:8a:a4:86:9f:62:4a:11:47:dd:2e:
                    38:31:f0:08:3b:d3:94:b9:32:d5:8b:dc:cb:c7:8f:
                    af:dc:6d:f2:0e:bd:17:4b:0b:bb:50:d9:3c:97:4a:
                    9f:48:ea:f0:0c:b9:c4:28:fd:95:bf:65:81:ef:d0:
                    99:92:41:03:88:07:f6:a1:11:52:2e:10:cc:6b:49:
                    34:29:18:53:6e:c2:ee:5a:5e:d1:4f:2d:d0:73:bd:
                    4f:67:7b:b0:6c:01:7e:f6:93:7e:03:7e:0a:03:2d:
                    e9:62:2e:c7:ba:ab:e9:e4:5f:22:14:8b:8e:c3:d8:
                    f0:d4:66:0c:97:19:42:ea:e0:d0:94:2c:7c:58:47:
                    c7:11:b9:ac:0e:bb:b7:f3:ce:55:ce:5c:84:98:44:
                    51:e6:d6:b7:d1:a6:75:3a:09:83:d8:0f:5d:56:b9:
                    e8:e9:8f:42:60:8f:5e:4e:1c:f8:f1:6a:11:a2:05:
                    ce:59:ff:a2:15:7d:52:92:41:af:be:8b:de:0f:06:
                    2f:36:aa:b5:fd:8a:42:a2:52:9e:c2:a7:e6:37:4f:
                    48:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:BC:7F:F0:C7:5C:A2:70:85:F5:2C:68:5B:BB:FC:14:81:DB:5D:97
            X509v3 Authority Key Identifier:
                keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/J7x_8MdconCF9SxoW7v8FIHbXZc.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  220.157.112.0/20

    Signature Algorithm: sha256WithRSAEncryption
         b3:ce:a1:f6:06:e0:bb:ed:8a:35:04:a2:1f:18:a4:29:2f:f3:
         95:6a:2b:ca:5d:2a:bd:e5:6e:b8:20:f2:ff:ee:77:49:38:d2:
         42:8a:ae:01:d9:50:45:76:78:e7:d1:70:a5:59:90:29:eb:a7:
         f3:6e:f8:0c:73:fe:9d:23:47:0d:d8:b9:3c:87:9c:25:0b:cc:
         30:a2:b8:d4:26:cb:83:f1:26:51:2f:ba:8a:60:c8:a1:bf:a5:
         f9:77:d3:1b:48:40:83:71:4c:ab:7b:4d:d1:57:c0:36:b8:ec:
         7f:49:73:e8:86:59:4e:83:3f:f4:2c:f1:3f:61:79:4c:29:81:
         d0:77:8d:17:d1:a6:d1:6b:1e:b4:d3:93:f8:aa:c2:9f:da:b7:
         eb:d4:ff:06:50:0d:fc:2f:c9:f9:0f:da:ae:17:17:06:67:9b:
         bf:46:e3:2e:d3:57:7e:53:8c:95:13:8c:d9:f6:bc:2a:aa:1c:
         7e:38:e7:7e:02:3b:e1:db:ff:71:32:19:54:86:78:84:44:e3:
         2c:bb:ce:ac:f7:53:69:57:ea:0f:44:1f:65:2a:8c:3d:c4:48:
         d4:36:a9:c0:ec:cf:58:aa:6d:3b:4e:af:86:a0:d0:31:6c:1d:
         70:45:fd:32:39:fc:57:f5:a3:f2:c8:4c:50:bc:1c:07:a2:3e:
         d6:46:7b:9b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICC/0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5
QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yMzA5MDEw
OTExNTFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDI3QkM3RkYwQzc1Q0Ey
NzA4NUY1MkM2ODVCQkJGQzE0ODFEQjVEOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAuKUz7AA21C9o4mfff0qeMxCUFXu5s9Vr3r0Pvb+dmj31kPt5
oYLwBwGtQM+wxbLuiqSGn2JKEUfdLjgx8Ag705S5MtWL3MvHj6/cbfIOvRdLC7tQ
2TyXSp9I6vAMucQo/ZW/ZYHv0JmSQQOIB/ahEVIuEMxrSTQpGFNuwu5aXtFPLdBz
vU9ne7BsAX72k34DfgoDLeliLse6q+nkXyIUi47D2PDUZgyXGULq4NCULHxYR8cR
uawOu7fzzlXOXISYRFHm1rfRpnU6CYPYD11Wuejpj0Jgj15OHPjxahGiBc5Z/6IV
fVKSQa++i94PBi82qrX9ikKiUp7Cp+Y3T0gfAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUJ7x/8MdconCF9SxoW7v8FIHbXZcwHwYDVR0jBBgwFoAUmZu+Ex3100bydifM
T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H
L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HL0o3eF84TWRjb25DRjlTeG9X
N3Y4RklIYlhaYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATc
nXAwDQYJKoZIhvcNAQELBQADggEBALPOofYG4LvtijUEoh8YpCkv85VqK8pdKr3l
brgg8v/ud0k40kKKrgHZUEV2eOfRcKVZkCnrp/Nu+Axz/p0jRw3YuTyHnCULzDCi
uNQmy4PxJlEvuopgyKG/pfl30xtIQINxTKt7TdFXwDa47H9Jc+iGWU6DP/Qs8T9h
eUwpgdB3jRfRptFrHrTTk/iqwp/at+vU/wZQDfwvyfkP2q4XFwZnm79G4y7TV35T
jJUTjNn2vCqqHH44534CO+Hb/3EyGVSGeIRE4yy7zqz3U2lX6g9EH2UqjD3ESNQ2
qcDsz1iqbTtOr4ag0DFsHXBF/TI5/Ff1o/LITFC8HAeiPtZGe5s=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:14 2024 by rpki-client on console-ams.rpki-client.org