Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KKTSL/LJY4XxHZkzyxPtfAk6tD0LFqTJU.roa
File:                     LJY4XxHZkzyxPtfAk6tD0LFqTJU.roa (raw, json)
Hash identifier:          GFiW54az9Q9haYxpnGN1dcIREb24S4RKgRQy+pQk7xc=
Subject key identifier:   2C:96:38:5F:11:D9:93:3C:B1:3E:D7:C0:93:AB:43:D0:B1:6A:4C:95
Certificate issuer:       /CN=90EE69984840D1E0325E8C013DFFB7B2841047E4
Certificate serial:       087C
Authority key identifier: 90:EE:69:98:48:40:D1:E0:32:5E:8C:01:3D:FF:B7:B2:84:10:47:E4
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/kO5pmEhA0eAyXowBPf-3soQQR-Q.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/KKTSL/LJY4XxHZkzyxPtfAk6tD0LFqTJU.roa
Signing time:             Tue 29 Sep 2020 10:04:47 +0000
ROA not before:           Tue 29 Sep 2020 10:04:47 +0000
ROA not after:            Wed 29 Sep 2021 09:51:23 +0000
asID:                     131645
IP address blocks:        2405:2a40::/32 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2172 (0x87c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=90EE69984840D1E0325E8C013DFFB7B2841047E4
        Validity
            Not Before: Sep 29 10:04:47 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=2C96385F11D9933CB13ED7C093AB43D0B16A4C95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:b9:0d:4e:fc:b3:70:9b:f6:34:03:aa:24:8f:
                    70:61:9d:39:ac:d2:3a:4e:77:0c:06:b2:20:e8:b4:
                    fc:10:ea:90:02:19:f9:78:f1:61:fe:cf:c0:eb:2d:
                    19:53:a8:38:37:e1:4c:b7:fd:a4:84:1f:4c:99:3d:
                    26:0a:ce:a6:e6:29:c4:9b:fa:42:c6:b9:e7:71:dc:
                    d2:9f:34:a6:b5:9d:bd:b7:dd:41:41:8d:a7:28:6a:
                    44:04:7f:fd:67:fc:7f:e5:16:3b:06:4c:c9:62:14:
                    9a:e6:c8:2f:a7:4e:1e:4f:ce:19:57:ce:38:dc:d0:
                    9b:d7:a8:18:80:51:b3:05:91:60:9d:b2:ed:7c:db:
                    ab:be:e3:ff:a2:df:ff:b3:cd:23:11:8d:23:d9:e9:
                    24:34:c7:fa:6c:9b:61:76:cc:29:88:67:3e:70:ce:
                    e6:60:be:64:3f:f6:b2:af:c5:10:59:77:f7:80:ca:
                    6e:e0:25:43:68:c4:11:e6:ef:6d:df:b8:c8:d3:80:
                    b4:82:a9:f7:b2:44:1c:86:11:5c:6c:9d:72:76:d7:
                    5b:d6:5e:8c:23:60:dc:c6:90:36:2d:e4:8e:1d:b7:
                    ee:b0:af:74:d6:05:67:1d:d9:c2:91:1a:12:4d:94:
                    38:86:38:21:9a:81:5e:f7:16:ca:18:54:3d:3f:be:
                    b2:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:96:38:5F:11:D9:93:3C:B1:3E:D7:C0:93:AB:43:D0:B1:6A:4C:95
            X509v3 Authority Key Identifier:
                keyid:90:EE:69:98:48:40:D1:E0:32:5E:8C:01:3D:FF:B7:B2:84:10:47:E4

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKTSL/kO5pmEhA0eAyXowBPf-3soQQR-Q.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/kO5pmEhA0eAyXowBPf-3soQQR-Q.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKTSL/LJY4XxHZkzyxPtfAk6tD0LFqTJU.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2405:2a40::/32

    Signature Algorithm: sha256WithRSAEncryption
         47:b7:ac:a6:b5:7e:f0:19:56:8b:c9:75:ab:c8:90:c6:72:4f:
         ca:01:cb:81:54:8a:6c:c7:ca:ee:07:c5:c3:d2:f1:21:dd:20:
         7d:58:cf:50:45:01:d8:10:84:7c:25:0c:93:3e:cd:55:14:4b:
         be:15:1a:77:63:38:f5:15:28:7d:d3:21:f6:89:70:5f:66:80:
         1e:be:78:e5:ea:53:0b:61:55:99:1a:ae:3a:2e:66:48:62:94:
         73:86:9d:e1:af:f8:9a:b5:6c:1d:6c:60:63:cc:13:87:fd:0a:
         60:b7:7e:92:a9:0c:74:fe:ec:d2:f3:94:fd:f8:d9:56:43:ae:
         ed:fa:4c:28:8f:9a:d5:0e:6e:65:d3:27:d6:96:a3:2d:6d:10:
         4c:31:1b:69:84:91:ea:0b:a5:2e:00:93:dd:d0:fa:45:96:b0:
         33:8b:09:58:6c:8f:bd:58:e8:0b:0c:06:e1:da:6b:ed:ec:34:
         86:c4:cd:50:97:c3:e5:ea:91:04:39:85:a1:cd:14:8f:de:73:
         a1:53:5a:8a:91:ab:96:5c:b7:4a:db:2a:97:c0:04:76:d2:56:
         ac:4a:a6:92:6b:03:f5:ef:99:3d:40:67:fc:3e:75:67:26:f1:
         f7:66:34:1d:bf:53:2e:fa:6b:28:7f:d4:b1:47:01:2f:e8:cf:
         57:ee:13:e3
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICCHwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTBF
RTY5OTg0ODQwRDFFMDMyNUU4QzAxM0RGRkI3QjI4NDEwNDdFNDAeFw0yMDA5Mjkx
MDA0NDdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDJDOTYzODVGMTFEOTkz
M0NCMTNFRDdDMDkzQUI0M0QwQjE2QTRDOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWuQ1O/LNwm/Y0A6okj3BhnTms0jpOdwwGsiDotPwQ6pACGfl4
8WH+z8DrLRlTqDg34Uy3/aSEH0yZPSYKzqbmKcSb+kLGuedx3NKfNKa1nb233UFB
jacoakQEf/1n/H/lFjsGTMliFJrmyC+nTh5PzhlXzjjc0JvXqBiAUbMFkWCdsu18
26u+4/+i3/+zzSMRjSPZ6SQ0x/psm2F2zCmIZz5wzuZgvmQ/9rKvxRBZd/eAym7g
JUNoxBHm723fuMjTgLSCqfeyRByGEVxsnXJ211vWXowjYNzGkDYt5I4dt+6wr3TW
BWcd2cKRGhJNlDiGOCGagV73FsoYVD0/vrJzAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQULJY4XxHZkzyxPtfAk6tD0LFqTJUwHwYDVR0jBBgwFoAUkO5pmEhA0eAyXowB
Pf+3soQQR+QwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0tUU0wv
a081cG1FaEEwZUF5WG93QlBmLTNzb1FRUi1RLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9rTzVwbUVoQTBlQXlYb3dCUGYtM3NvUVFSLVEuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9LS1RTTC9MSlk0WHhIWmt6eXhQdGZBazZ0
RDBMRnFUSlUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAUq
QDANBgkqhkiG9w0BAQsFAAOCAQEAR7esprV+8BlWi8l1q8iQxnJPygHLgVSKbMfK
7gfFw9LxId0gfVjPUEUB2BCEfCUMkz7NVRRLvhUad2M49RUofdMh9olwX2aAHr54
5epTC2FVmRquOi5mSGKUc4ad4a/4mrVsHWxgY8wTh/0KYLd+kqkMdP7s0vOU/fjZ
VkOu7fpMKI+a1Q5uZdMn1pajLW0QTDEbaYSR6gulLgCT3dD6RZawM4sJWGyPvVjo
CwwG4dpr7ew0hsTNUJfD5eqRBDmFoc0Uj95zoVNaipGrlly3Stsql8AEdtJWrEqm
kmsD9e+ZPUBn/D51Zybx92Y0Hb9TLvprKH/UsUcBL+jPV+4T4w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:10 2024 by rpki-client on console-ams.rpki-client.org