Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/KfFeuEDDrfJYPwGpPYXZ46Klnyg.roa
File:                     KfFeuEDDrfJYPwGpPYXZ46Klnyg.roa (raw, json)
Hash identifier:          C69BWhRev6zyuRbSbueh/C3/v8p+tbssWlw39B12V9k=
Subject key identifier:   29:F1:5E:B8:40:C3:AD:F2:58:3F:01:A9:3D:85:D9:E3:A2:A5:9F:28
Certificate issuer:       /CN=D2A09CE42809F4DA9D7B1C4473DDF2F436A599C4
Certificate serial:       0218
Authority key identifier: D2:A0:9C:E4:28:09:F4:DA:9D:7B:1C:44:73:DD:F2:F4:36:A5:99:C4
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/0qCc5CgJ9NqdexxEc93y9DalmcQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/KfFeuEDDrfJYPwGpPYXZ46Klnyg.roa
Signing time:             Fri 01 Sep 2023 09:19:34 +0000
ROA not before:           Fri 01 Sep 2023 09:19:34 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     18428
IP address blocks:        103.172.126.0/23 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 536 (0x218)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D2A09CE42809F4DA9D7B1C4473DDF2F436A599C4
        Validity
            Not Before: Sep  1 09:19:34 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=29F15EB840C3ADF2583F01A93D85D9E3A2A59F28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:51:63:a5:ae:89:98:f9:ab:b6:fd:96:b7:26:
                    28:fb:08:51:f5:73:50:79:20:e6:f7:5f:b3:35:b6:
                    2c:9c:2b:0b:bf:8c:96:6d:03:7a:5d:ea:25:3c:4d:
                    a8:25:3e:ed:ad:dd:e7:be:29:cc:75:6d:43:12:63:
                    3d:6f:4c:9d:14:4e:48:3f:68:b5:82:93:36:a1:60:
                    c1:12:cd:84:52:ed:7b:b5:04:88:f0:ab:61:d8:1f:
                    c6:58:ab:29:aa:1c:a3:b8:cd:5e:00:e9:52:9b:c4:
                    4d:e8:84:e2:f7:f6:b2:7e:51:c5:58:f1:30:73:e1:
                    1a:3a:9d:d6:47:05:63:45:e3:67:ab:a6:1b:e3:7c:
                    5d:da:e2:5c:e2:2c:34:2b:91:07:1b:81:2c:53:de:
                    4e:52:02:03:62:b7:10:62:02:1f:00:19:16:5b:dc:
                    67:65:91:3c:6a:48:ef:f8:7c:ba:94:79:af:6d:04:
                    21:48:15:ec:af:dd:ca:67:42:12:33:a0:d4:d5:fb:
                    03:66:ff:b3:b6:94:bf:7c:39:83:37:6a:28:d2:99:
                    e4:63:e0:ba:46:f9:a0:fb:5d:ef:ec:77:7d:df:5d:
                    58:d8:6b:6f:4b:24:b1:56:b7:7f:24:3a:20:82:7a:
                    6c:7a:01:02:ca:99:c4:f0:a4:e5:ca:7f:e8:3c:67:
                    c8:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:F1:5E:B8:40:C3:AD:F2:58:3F:01:A9:3D:85:D9:E3:A2:A5:9F:28
            X509v3 Authority Key Identifier:
                keyid:D2:A0:9C:E4:28:09:F4:DA:9D:7B:1C:44:73:DD:F2:F4:36:A5:99:C4

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/0qCc5CgJ9NqdexxEc93y9DalmcQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/0qCc5CgJ9NqdexxEc93y9DalmcQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/KfFeuEDDrfJYPwGpPYXZ46Klnyg.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.172.126.0/23

    Signature Algorithm: sha256WithRSAEncryption
         99:09:74:06:3b:4e:2c:8f:8d:98:e7:8e:56:a3:68:1d:8f:0d:
         eb:63:d0:14:8b:10:44:75:5c:55:64:c4:f1:c6:01:98:42:3e:
         ca:41:63:1b:fd:90:0e:f3:bd:56:db:8b:cc:5c:fc:09:d8:3d:
         91:fc:11:e2:ac:ed:5b:61:62:56:18:8f:f0:1c:e7:92:e3:34:
         33:66:d2:b7:ee:64:c0:3d:53:c3:71:5c:e4:d3:5e:ce:78:c9:
         be:7a:b3:b9:09:41:5f:ec:59:64:2a:5f:c5:e1:47:93:8b:69:
         dd:7a:e3:c3:68:12:97:81:c4:4e:28:70:a9:cb:68:1c:bb:83:
         83:66:93:e7:04:85:b6:65:7c:b5:d5:83:8a:d8:88:98:f5:21:
         42:e8:6f:de:a8:86:76:88:0e:5b:7c:5f:25:a5:f6:c6:cd:fc:
         51:a3:82:bf:36:0a:70:92:22:4c:1e:7b:21:bf:03:e9:30:9e:
         4b:b1:2b:ae:7b:bf:b7:91:b2:1f:06:80:65:08:40:c8:59:69:
         2a:58:e5:0d:cf:9a:da:b8:e5:22:ef:90:53:b9:ab:6b:c1:ee:
         ce:05:d7:fa:f8:49:0c:5d:2f:d8:81:1a:c5:77:b9:c0:a7:20:
         63:15:f6:25:d6:1d:ff:61:72:8c:db:4e:bd:11:03:2c:59:7e:
         42:e4:6c:5e
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICAhgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
MDlDRTQyODA5RjREQTlEN0IxQzQ0NzNEREYyRjQzNkE1OTlDNDAeFw0yMzA5MDEw
OTE5MzRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDI5RjE1RUI4NDBDM0FE
RjI1ODNGMDFBOTNEODVEOUUzQTJBNTlGMjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/UWOlromY+au2/Za3Jij7CFH1c1B5IOb3X7M1tiycKwu/jJZt
A3pd6iU8TaglPu2t3ee+Kcx1bUMSYz1vTJ0UTkg/aLWCkzahYMESzYRS7Xu1BIjw
q2HYH8ZYqymqHKO4zV4A6VKbxE3ohOL39rJ+UcVY8TBz4Ro6ndZHBWNF42erphvj
fF3a4lziLDQrkQcbgSxT3k5SAgNitxBiAh8AGRZb3GdlkTxqSO/4fLqUea9tBCFI
Feyv3cpnQhIzoNTV+wNm/7O2lL98OYM3aijSmeRj4LpG+aD7Xe/sd33fXVjYa29L
JLFWt38kOiCCemx6AQLKmcTwpOXKf+g8Z8jbAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUKfFeuEDDrfJYPwGpPYXZ46KlnygwHwYDVR0jBBgwFoAU0qCc5CgJ9NqdexxE
c93y9DalmcQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTUVSQ1lD
QVQvMHFDYzVDZ0o5TnFkZXh4RWM5M3k5RGFsbWNRLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS8wcUNjNUNnSjlOcWRleHhFYzkzeTlEYWxtY1EuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9NRVJDWUNBVC9LZkZldUVERHJmSllQ
d0dwUFlYWjQ2S2xueWcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQBZ6x+MA0GCSqGSIb3DQEBCwUAA4IBAQCZCXQGO04sj42Y545Wo2gdjw3rY9AU
ixBEdVxVZMTxxgGYQj7KQWMb/ZAO871W24vMXPwJ2D2R/BHirO1bYWJWGI/wHOeS
4zQzZtK37mTAPVPDcVzk017OeMm+erO5CUFf7FlkKl/F4UeTi2ndeuPDaBKXgcRO
KHCpy2gcu4ODZpPnBIW2ZXy11YOK2IiY9SFC6G/eqIZ2iA5bfF8lpfbGzfxRo4K/
NgpwkiJMHnshvwPpMJ5LsSuue7+3kbIfBoBlCEDIWWkqWOUNz5rauOUi75BTuatr
we7OBdf6+EkMXS/YgRrFd7nApyBjFfYl1h3/YXKM2069EQMsWX5C5Gxe
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:14 2024 by rpki-client on console-ams.rpki-client.org