Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KKTSL/u6cbeQJOGB8_yheTBOPvBExZOWI.roa
File:                     u6cbeQJOGB8_yheTBOPvBExZOWI.roa (raw, json)
Hash identifier:          bTInNi6b+RZlezNK+BIqhGNp783UAE01WjTQAYG4rkE=
Subject key identifier:   BB:A7:1B:79:02:4E:18:1F:3F:CA:17:93:04:E3:EF:04:4C:59:39:62
Certificate issuer:       /CN=90EE69984840D1E0325E8C013DFFB7B2841047E4
Certificate serial:       0A5B
Authority key identifier: 90:EE:69:98:48:40:D1:E0:32:5E:8C:01:3D:FF:B7:B2:84:10:47:E4
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/kO5pmEhA0eAyXowBPf-3soQQR-Q.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/KKTSL/u6cbeQJOGB8_yheTBOPvBExZOWI.roa
Signing time:             Wed 29 Sep 2021 02:37:38 +0000
ROA not before:           Wed 29 Sep 2021 02:37:38 +0000
ROA not after:            Thu 29 Sep 2022 02:36:22 +0000
asID:                     131645
IP address blocks:        2405:2a40::/32 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2651 (0xa5b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=90EE69984840D1E0325E8C013DFFB7B2841047E4
        Validity
            Not Before: Sep 29 02:37:38 2021 GMT
            Not After : Sep 29 02:36:22 2022 GMT
        Subject: CN=BBA71B79024E181F3FCA179304E3EF044C593962
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:43:43:04:1b:48:19:82:cd:f3:8c:3c:87:32:
                    3b:e7:2f:ef:3a:dd:1d:2e:42:ef:14:98:f4:33:d4:
                    bf:49:68:6d:e3:dc:e2:0e:d2:03:36:4d:9a:a8:a5:
                    c2:b5:09:7c:bf:a1:53:2c:bb:13:39:ec:0c:de:30:
                    cd:60:6e:5a:ba:7b:37:cc:4f:7e:87:45:b4:b8:14:
                    40:4b:eb:55:0c:a1:08:58:ae:bc:9b:42:51:ce:de:
                    64:02:85:45:0f:43:fe:54:03:28:25:77:fa:0d:dd:
                    f8:5a:6b:e4:6a:a0:4c:81:e8:b6:a6:ae:41:fc:ab:
                    5a:a8:d3:8a:d3:c8:2a:c7:2d:a6:50:1b:1f:3a:ec:
                    10:54:74:db:bf:f0:aa:e9:68:2b:91:28:81:a6:95:
                    e9:c1:8c:a6:d5:ba:a0:06:4c:b8:3c:0e:2a:99:0e:
                    07:cb:9e:bc:ac:b4:df:03:c4:86:0d:ca:dc:5f:2f:
                    2d:f7:55:b0:0d:d1:7f:93:31:e2:9b:26:b5:ce:63:
                    ff:5a:49:d5:fd:38:fb:4b:9e:f6:3f:3a:e9:0e:f1:
                    e6:b9:eb:d0:bf:fe:1e:e2:26:06:0a:73:57:74:d2:
                    45:c1:23:4d:e7:e2:2e:75:dc:7a:93:4f:e9:c6:d5:
                    eb:fe:b2:cd:8f:d7:73:65:66:63:b0:ea:94:4e:59:
                    83:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:A7:1B:79:02:4E:18:1F:3F:CA:17:93:04:E3:EF:04:4C:59:39:62
            X509v3 Authority Key Identifier:
                keyid:90:EE:69:98:48:40:D1:E0:32:5E:8C:01:3D:FF:B7:B2:84:10:47:E4

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKTSL/kO5pmEhA0eAyXowBPf-3soQQR-Q.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/kO5pmEhA0eAyXowBPf-3soQQR-Q.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKTSL/u6cbeQJOGB8_yheTBOPvBExZOWI.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2405:2a40::/32

    Signature Algorithm: sha256WithRSAEncryption
         1b:3c:a1:79:87:a3:e9:47:15:97:10:57:4e:c2:3f:3d:ef:26:
         9d:a7:92:c6:9e:69:de:8c:50:02:c3:b2:73:f4:9c:6d:93:3d:
         db:9c:87:68:3a:17:9a:d3:3d:3e:a6:a6:e0:d2:75:45:3a:e4:
         c5:c1:21:00:e5:5a:48:90:95:0b:f1:7e:61:11:b7:70:f9:b1:
         51:dc:79:49:1a:2a:f3:99:4d:1f:a8:fd:98:91:92:34:99:71:
         41:f4:20:68:5e:59:94:ed:79:5f:9b:b6:1e:5d:f0:79:56:df:
         14:c3:c6:28:04:2a:a2:e9:45:3b:3a:74:f6:c4:0d:26:e4:52:
         07:5d:53:68:05:45:e1:1a:96:c0:03:a6:5c:2f:f4:a2:38:e4:
         b3:40:3b:17:81:90:f1:2b:c8:bb:26:62:b1:f1:07:c0:a2:1a:
         83:e5:62:47:22:b8:25:9e:ea:e0:51:33:0f:6a:e3:3f:ab:ba:
         fb:8d:32:da:72:46:0b:33:ca:b2:2c:51:9f:97:48:b5:8c:97:
         b2:20:3e:73:b1:0e:2a:cd:25:08:c0:25:62:12:45:4b:8d:24:
         68:7a:f6:6d:2b:e2:62:20:6e:03:0f:06:e5:be:56:9d:58:a0:
         68:dc:63:85:bb:cf:2c:66:9d:91:e6:4d:24:6f:58:a3:20:f3:
         f4:a4:a0:13
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICClswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTBF
RTY5OTg0ODQwRDFFMDMyNUU4QzAxM0RGRkI3QjI4NDEwNDdFNDAeFw0yMTA5Mjkw
MjM3MzhaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEJCQTcxQjc5MDI0RTE4
MUYzRkNBMTc5MzA0RTNFRjA0NEM1OTM5NjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDeQ0MEG0gZgs3zjDyHMjvnL+863R0uQu8UmPQz1L9JaG3j3OIO
0gM2TZqopcK1CXy/oVMsuxM57AzeMM1gblq6ezfMT36HRbS4FEBL61UMoQhYrryb
QlHO3mQChUUPQ/5UAygld/oN3fhaa+RqoEyB6LamrkH8q1qo04rTyCrHLaZQGx86
7BBUdNu/8KrpaCuRKIGmlenBjKbVuqAGTLg8DiqZDgfLnrystN8DxIYNytxfLy33
VbAN0X+TMeKbJrXOY/9aSdX9OPtLnvY/OukO8ea569C//h7iJgYKc1d00kXBI03n
4i513HqTT+nG1ev+ss2P13NlZmOw6pROWYNjAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUu6cbeQJOGB8/yheTBOPvBExZOWIwHwYDVR0jBBgwFoAUkO5pmEhA0eAyXowB
Pf+3soQQR+QwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0tUU0wv
a081cG1FaEEwZUF5WG93QlBmLTNzb1FRUi1RLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9rTzVwbUVoQTBlQXlYb3dCUGYtM3NvUVFSLVEuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9LS1RTTC91NmNiZVFKT0dCOF95aGVUQk9Q
dkJFeFpPV0kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAUq
QDANBgkqhkiG9w0BAQsFAAOCAQEAGzyheYej6UcVlxBXTsI/Pe8mnaeSxp5p3oxQ
AsOyc/ScbZM925yHaDoXmtM9Pqam4NJ1RTrkxcEhAOVaSJCVC/F+YRG3cPmxUdx5
SRoq85lNH6j9mJGSNJlxQfQgaF5ZlO15X5u2Hl3weVbfFMPGKAQqoulFOzp09sQN
JuRSB11TaAVF4RqWwAOmXC/0ojjks0A7F4GQ8SvIuyZisfEHwKIag+ViRyK4JZ7q
4FEzD2rjP6u6+40y2nJGCzPKsixRn5dItYyXsiA+c7EOKs0lCMAlYhJFS40kaHr2
bSviYiBuAw8G5b5WnVigaNxjhbvPLGadkeZNJG9YoyDz9KSgEw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:10 2024 by rpki-client on console-ams.rpki-client.org