Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/MINGJINGEN/kx45y5SKr9jgodVb0c3enAywJ-Q.roa
File:                     kx45y5SKr9jgodVb0c3enAywJ-Q.roa (raw, json)
Hash identifier:          iC46FPm7oyuzru4jywpS1yZDI9Ub/n9Yn935gnn4C8E=
Subject key identifier:   93:1E:39:CB:94:8A:AF:D8:E0:A1:D5:5B:D1:CD:DE:9C:0C:B0:27:E4
Certificate issuer:       /CN=A18EB377DD0318AE465D8F3F7D6E0AD0A4E9ED1E
Certificate serial:       0DC8
Authority key identifier: A1:8E:B3:77:DD:03:18:AE:46:5D:8F:3F:7D:6E:0A:D0:A4:E9:ED:1E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/oY6zd90DGK5GXY8_fW4K0KTp7R4.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/MINGJINGEN/kx45y5SKr9jgodVb0c3enAywJ-Q.roa
Signing time:             Mon 19 Feb 2024 12:54:00 +0000
ROA not before:           Mon 19 Feb 2024 12:54:00 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     131633
IP address blocks:        2404:73c0::/32 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3528 (0xdc8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A18EB377DD0318AE465D8F3F7D6E0AD0A4E9ED1E
        Validity
            Not Before: Feb 19 12:54:00 2024 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=931E39CB948AAFD8E0A1D55BD1CDDE9C0CB027E4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:29:bd:7a:4b:89:f4:e5:c4:35:d2:7a:13:62:
                    f9:6b:0b:04:25:ed:8c:28:38:95:63:be:38:f1:5b:
                    ba:a7:96:7e:aa:82:99:51:4a:da:54:db:a6:78:56:
                    fc:9a:aa:b7:48:13:7e:0a:43:9c:6f:6d:0f:e2:b2:
                    c1:b5:3b:1d:6e:7e:6b:9e:f9:f1:d1:cf:af:a2:5f:
                    93:12:f9:af:1b:3c:57:97:ad:c0:13:b8:ae:e0:a7:
                    d1:4e:46:e1:5d:aa:da:a9:11:b2:9a:a6:e9:12:d0:
                    a3:84:3c:44:8f:0f:cb:fd:54:83:8a:08:df:be:71:
                    a1:ec:5b:bd:9c:1c:8a:dd:ad:9c:19:80:48:51:cc:
                    9e:ce:ad:1c:0f:9c:f7:42:bf:9e:05:6b:c0:cd:33:
                    71:23:5c:8e:24:4a:e4:21:99:cd:25:b1:5a:81:ee:
                    3f:41:77:55:15:ac:d8:a6:84:0f:21:17:dd:59:d2:
                    6e:e7:90:bd:7e:d4:63:ae:1a:ae:da:4a:b7:45:c5:
                    09:09:e2:3c:eb:05:14:e0:99:f5:f3:8a:e4:ee:d4:
                    3e:1a:cf:a3:9f:d4:57:1c:60:06:2a:09:19:68:b0:
                    e8:72:52:ad:f4:55:59:f8:88:09:bb:bf:01:33:48:
                    fd:9a:91:b5:82:8c:65:7a:04:c1:9a:c7:15:58:ee:
                    0a:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:1E:39:CB:94:8A:AF:D8:E0:A1:D5:5B:D1:CD:DE:9C:0C:B0:27:E4
            X509v3 Authority Key Identifier:
                keyid:A1:8E:B3:77:DD:03:18:AE:46:5D:8F:3F:7D:6E:0A:D0:A4:E9:ED:1E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MINGJINGEN/oY6zd90DGK5GXY8_fW4K0KTp7R4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/oY6zd90DGK5GXY8_fW4K0KTp7R4.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MINGJINGEN/kx45y5SKr9jgodVb0c3enAywJ-Q.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:73c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         31:25:7a:ea:48:4a:23:0e:ab:8a:39:6d:9c:79:7d:f3:94:d5:
         4c:9a:ef:43:11:0a:ed:c0:b8:f1:05:99:2f:6b:03:fc:b1:a3:
         85:25:d6:55:a1:db:06:6a:35:3c:88:d5:e2:1e:fe:ec:73:9b:
         fb:92:e9:57:b6:83:10:6b:10:d2:d1:2b:a1:35:cc:bb:05:64:
         c6:3a:37:4d:02:0a:65:d7:1d:31:3c:c4:e0:78:65:e2:72:e0:
         17:eb:4d:84:ab:f7:fd:9c:9f:11:9b:dd:7c:ee:8b:6f:e2:ec:
         72:a1:2f:6f:1e:24:29:1a:0f:69:3b:3e:9b:db:c4:e3:2d:0e:
         4b:af:e0:04:8a:0f:c1:ff:34:05:66:95:8b:26:96:5f:a1:fa:
         84:0b:46:8b:a4:72:2a:22:1b:56:86:db:b9:36:14:e3:fe:d4:
         ae:ab:00:c1:53:b7:b9:1e:b5:e1:5d:8c:b5:78:da:88:d4:6c:
         6b:c1:b2:6c:36:0b:74:d7:98:bd:49:3e:6b:0c:ba:53:bb:f1:
         6c:fd:45:a8:ca:d1:44:6f:e6:87:ec:5e:64:9a:24:09:2b:78:
         75:81:7e:75:1d:27:f1:11:0d:3b:fd:22:50:eb:44:ed:e2:74:
         6b:a0:4a:33:22:15:db:a5:92:d2:c0:6d:e0:40:43:46:62:6d:
         41:6d:82:79
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDcgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTE4
RUIzNzdERDAzMThBRTQ2NUQ4RjNGN0Q2RTBBRDBBNEU5RUQxRTAeFw0yNDAyMTkx
MjU0MDBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDkzMUUzOUNCOTQ4QUFG
RDhFMEExRDU1QkQxQ0RERTlDMENCMDI3RTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDiKb16S4n05cQ10noTYvlrCwQl7YwoOJVjvjjxW7qnln6qgplR
StpU26Z4VvyaqrdIE34KQ5xvbQ/issG1Ox1ufmue+fHRz6+iX5MS+a8bPFeXrcAT
uK7gp9FORuFdqtqpEbKapukS0KOEPESPD8v9VIOKCN++caHsW72cHIrdrZwZgEhR
zJ7OrRwPnPdCv54Fa8DNM3EjXI4kSuQhmc0lsVqB7j9Bd1UVrNimhA8hF91Z0m7n
kL1+1GOuGq7aSrdFxQkJ4jzrBRTgmfXziuTu1D4az6Of1FccYAYqCRlosOhyUq30
VVn4iAm7vwEzSP2akbWCjGV6BMGaxxVY7grRAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUkx45y5SKr9jgodVb0c3enAywJ+QwHwYDVR0jBBgwFoAUoY6zd90DGK5GXY8/
fW4K0KTp7R4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg
U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTUlOR0pJ
TkdFTi9vWTZ6ZDkwREdLNUdYWThfZlc0SzBLVHA3UjQuY3JsMGAGCCsGAQUFBwEB
BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U
V05JQ0NBL29ZNnpkOTBER0s1R1hZOF9mVzRLMEtUcDdSNC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y
cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL01JTkdKSU5HRU4va3g0NXk1U0ty
OWpnb2RWYjBjM2VuQXl3Si1RLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw
LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQC
AAIwBwMFACQEc8AwDQYJKoZIhvcNAQELBQADggEBADEleupISiMOq4o5bZx5ffOU
1Uya70MRCu3AuPEFmS9rA/yxo4Ul1lWh2wZqNTyI1eIe/uxzm/uS6Ve2gxBrENLR
K6E1zLsFZMY6N00CCmXXHTE8xOB4ZeJy4BfrTYSr9/2cnxGb3Xzui2/i7HKhL28e
JCkaD2k7PpvbxOMtDkuv4ASKD8H/NAVmlYsmll+h+oQLRoukcioiG1aG27k2FOP+
1K6rAMFTt7keteFdjLV42ojUbGvBsmw2C3TXmL1JPmsMulO78Wz9RajK0URv5ofs
XmSaJAkreHWBfnUdJ/ERDTv9IlDrRO3idGugSjMiFdulktLAbeBAQ0ZibUFtgnk=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:14 2024 by rpki-client on console-ams.rpki-client.org