Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KKMT/tyn8VRVNTYCfrX7mzzfvsrddSiU.roa
File:                     tyn8VRVNTYCfrX7mzzfvsrddSiU.roa (raw, json)
Hash identifier:          X+1Ipn4BAqsDAluXHbawrbSBNr8+QjAz8WHaLEiDclU=
Subject key identifier:   B7:29:FC:55:15:4D:4D:80:9F:AD:7E:E6:CF:37:EF:B2:B7:5D:4A:25
Certificate issuer:       /CN=48540E13F8B2CAE86CD1F8C7252839A5078F16A5
Certificate serial:       0CB4
Authority key identifier: 48:54:0E:13:F8:B2:CA:E8:6C:D1:F8:C7:25:28:39:A5:07:8F:16:A5
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/SFQOE_iyyuhs0fjHJSg5pQePFqU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/KKMT/tyn8VRVNTYCfrX7mzzfvsrddSiU.roa
Signing time:             Fri 01 Sep 2023 09:14:30 +0000
ROA not before:           Fri 01 Sep 2023 09:14:30 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     131645
IP address blocks:        2405:1540::/32 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3252 (0xcb4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=48540E13F8B2CAE86CD1F8C7252839A5078F16A5
        Validity
            Not Before: Sep  1 09:14:30 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=B729FC55154D4D809FAD7EE6CF37EFB2B75D4A25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:1c:79:67:34:05:2e:03:26:2f:9f:16:12:93:
                    a4:d1:01:e1:e5:2c:1d:68:9a:69:51:1d:ac:3f:59:
                    6f:de:9c:4a:f3:c2:ed:6c:48:81:e9:3e:c8:8a:21:
                    28:03:d7:d1:a0:93:3e:0f:28:af:43:14:7a:3e:a2:
                    6e:8e:9c:00:86:4d:33:34:9a:ef:47:39:9e:f4:b5:
                    e4:fe:6d:17:3c:47:49:f0:5d:4d:4f:c6:93:66:09:
                    5f:c2:c6:ab:1a:27:ea:a6:fa:ed:45:fb:04:87:b3:
                    11:51:a2:9d:8d:36:24:a7:2a:55:e0:37:40:35:ce:
                    2c:7a:3c:dc:d9:3a:20:07:98:11:0d:b0:81:77:c1:
                    48:bf:ce:ee:99:6b:6e:7e:a6:d7:3a:98:aa:b3:be:
                    f8:2c:03:46:27:3b:b6:c8:bc:74:3e:e4:db:0b:70:
                    07:8b:1b:66:35:90:80:f2:12:2c:c8:c7:13:b4:b7:
                    ad:b2:57:43:ea:53:ba:7f:90:e2:52:59:35:46:ea:
                    14:76:f5:3d:d3:27:eb:9d:53:ed:38:26:80:34:9b:
                    49:d4:de:e8:a3:bf:83:48:f0:a8:e3:3c:da:a4:25:
                    24:ac:f1:ca:79:d3:da:b7:08:2b:1e:9a:0a:fa:a2:
                    79:d2:a7:a1:9f:6c:a5:31:97:6f:d3:f7:cb:bc:e7:
                    6a:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:29:FC:55:15:4D:4D:80:9F:AD:7E:E6:CF:37:EF:B2:B7:5D:4A:25
            X509v3 Authority Key Identifier:
                keyid:48:54:0E:13:F8:B2:CA:E8:6C:D1:F8:C7:25:28:39:A5:07:8F:16:A5

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKMT/SFQOE_iyyuhs0fjHJSg5pQePFqU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SFQOE_iyyuhs0fjHJSg5pQePFqU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKMT/tyn8VRVNTYCfrX7mzzfvsrddSiU.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2405:1540::/32

    Signature Algorithm: sha256WithRSAEncryption
         76:46:92:a1:15:8c:98:18:16:61:75:d5:d3:af:55:be:b3:37:
         fd:33:83:39:af:bb:df:c0:6e:e9:29:fd:98:5e:9f:23:5c:cd:
         22:65:35:eb:a5:99:29:d3:bd:ff:c5:d1:0f:2a:8a:cc:ea:e5:
         5c:9a:a2:29:85:d2:65:9d:e3:d2:06:79:c5:2c:89:1d:7f:1a:
         29:0b:50:2b:4f:94:49:29:32:eb:26:f2:da:ea:8a:12:39:09:
         6b:c3:b6:9c:12:ed:78:36:7d:11:22:f9:5e:f9:e4:6e:6d:5a:
         5f:3b:14:cf:88:05:24:c1:e3:ec:49:bb:55:35:e9:8f:91:6e:
         04:d5:af:c4:84:2a:0e:aa:a2:de:b3:f0:58:90:ef:f0:01:cb:
         e0:fd:98:a8:27:dc:51:f8:67:2d:57:a0:4e:e0:1b:cf:90:ea:
         0d:df:d1:73:53:9d:e1:f4:df:d5:34:fc:46:87:3d:47:51:77:
         22:ec:ac:7f:e6:1c:0f:e0:36:0f:63:3a:54:e3:07:3f:fd:c3:
         c3:23:5d:3b:83:da:d6:20:0b:b6:3f:ea:30:e9:28:f4:96:8d:
         e2:50:e4:48:c4:db:37:ff:a0:18:de:0c:6b:ed:38:d0:bc:f6:
         eb:67:8b:3f:59:b8:56:11:f1:e7:8c:7d:4c:6e:7e:31:08:a0:
         ac:b6:da:b5
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDLQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDg1
NDBFMTNGOEIyQ0FFODZDRDFGOEM3MjUyODM5QTUwNzhGMTZBNTAeFw0yMzA5MDEw
OTE0MzBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEI3MjlGQzU1MTU0RDRE
ODA5RkFEN0VFNkNGMzdFRkIyQjc1RDRBMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMHHlnNAUuAyYvnxYSk6TRAeHlLB1ommlRHaw/WW/enErzwu1s
SIHpPsiKISgD19Ggkz4PKK9DFHo+om6OnACGTTM0mu9HOZ70teT+bRc8R0nwXU1P
xpNmCV/CxqsaJ+qm+u1F+wSHsxFRop2NNiSnKlXgN0A1zix6PNzZOiAHmBENsIF3
wUi/zu6Za25+ptc6mKqzvvgsA0YnO7bIvHQ+5NsLcAeLG2Y1kIDyEizIxxO0t62y
V0PqU7p/kOJSWTVG6hR29T3TJ+udU+04JoA0m0nU3uijv4NI8KjjPNqkJSSs8cp5
09q3CCsemgr6onnSp6GfbKUxl2/T98u852rLAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUtyn8VRVNTYCfrX7mzzfvsrddSiUwHwYDVR0jBBgwFoAUSFQOE/iyyuhs0fjH
JSg5pQePFqUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0tNVC9T
RlFPRV9peXl1aHMwZmpISlNnNXBRZVBGcVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L1NGUU9FX2l5eXVoczBmakhKU2c1cFFlUEZxVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0tLTVQvdHluOFZSVk5UWUNmclg3bXp6ZnZz
cmRkU2lVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQFFUAw
DQYJKoZIhvcNAQELBQADggEBAHZGkqEVjJgYFmF11dOvVb6zN/0zgzmvu9/Abukp
/ZhenyNczSJlNeulmSnTvf/F0Q8qiszq5VyaoimF0mWd49IGecUsiR1/GikLUCtP
lEkpMusm8trqihI5CWvDtpwS7Xg2fREi+V755G5tWl87FM+IBSTB4+xJu1U16Y+R
bgTVr8SEKg6qot6z8FiQ7/ABy+D9mKgn3FH4Zy1XoE7gG8+Q6g3f0XNTneH039U0
/EaHPUdRdyLsrH/mHA/gNg9jOlTjBz/9w8MjXTuD2tYgC7Y/6jDpKPSWjeJQ5EjE
2zf/oBjeDGvtONC89utniz9ZuFYR8eeMfUxufjEIoKy22rU=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:21 2024 by rpki-client on console-fra.rpki-client.org