Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/BYmFAtNlbLN1DwwvSyo08U_4rQg.roa
File:                     BYmFAtNlbLN1DwwvSyo08U_4rQg.roa (raw, json)
Hash identifier:          LkF+8QrQAOPkv7FxhXhCxdXCTV8vD23JtAy23I9Wl9o=
Subject key identifier:   05:89:85:02:D3:65:6C:B3:75:0F:0C:2F:4B:2A:34:F1:4F:F8:AD:08
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0FAD
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/BYmFAtNlbLN1DwwvSyo08U_4rQg.roa
Signing time:             Fri 01 Sep 2023 09:37:08 +0000
ROA not before:           Fri 01 Sep 2023 09:37:08 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     9924
IP address blocks:        210.17.17.0/24 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4013 (0xfad)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep  1 09:37:08 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=05898502D3656CB3750F0C2F4B2A34F14FF8AD08
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:71:05:96:5d:2b:56:13:0b:bb:63:ae:66:71:
                    f4:a9:ed:12:2d:a8:0b:6b:db:3d:82:9f:af:30:7e:
                    be:74:18:7a:83:4b:e4:d9:03:bc:e1:03:3d:ca:b6:
                    9a:96:06:a4:93:c9:83:4b:a5:27:ad:e9:e8:cf:d0:
                    3f:58:bf:db:c7:92:71:ce:1f:7a:32:9e:81:64:4e:
                    3f:77:69:a6:1a:a8:dc:5d:33:30:14:b7:75:7e:c1:
                    27:15:f2:10:97:fd:de:4c:47:43:45:7c:63:24:2e:
                    cf:ac:2b:6d:38:dd:d7:22:3d:16:f0:12:9c:a0:ba:
                    b3:4a:2d:8b:1e:9e:59:88:04:b2:0a:1f:e4:70:e6:
                    5b:59:02:2a:38:66:20:5b:8e:55:e8:59:53:46:9e:
                    bc:4b:dc:57:de:bc:6d:d6:d8:47:2c:c8:0b:37:05:
                    08:b8:7c:7a:99:d9:58:3b:23:ab:61:ea:3d:b6:b5:
                    74:46:2d:5c:3d:a8:80:bf:8c:16:36:b4:b3:cd:c2:
                    ed:9f:26:21:3b:63:65:8f:b9:ec:0a:ab:38:cd:35:
                    da:cd:85:4d:4a:66:66:cd:76:8d:08:bb:01:6b:01:
                    76:89:34:ff:3d:45:26:8d:18:47:91:af:f9:e6:5a:
                    82:f2:83:61:cf:de:e5:12:a7:87:d4:85:70:f6:e6:
                    79:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:89:85:02:D3:65:6C:B3:75:0F:0C:2F:4B:2A:34:F1:4F:F8:AD:08
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/BYmFAtNlbLN1DwwvSyo08U_4rQg.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.17.17.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:9b:e6:32:2d:76:9f:57:36:30:0e:54:5b:c4:48:5c:31:81:
         ce:a5:cd:46:99:05:ef:54:19:b2:99:55:34:e6:02:4c:bc:3e:
         23:9c:1b:71:f3:d7:37:e2:c0:ba:cb:8e:64:33:0a:ce:62:7d:
         db:fc:29:6a:8d:2f:77:6f:d1:70:b6:5b:5a:42:6c:10:af:3e:
         a9:ff:14:17:a0:a4:a8:54:da:a0:e9:f4:2d:dd:d5:60:6c:9c:
         a3:7e:bc:af:9f:4c:49:ea:ec:0d:ee:a5:23:3a:71:b4:5b:e7:
         c9:e1:b3:a8:0a:e9:c4:55:1c:02:8e:44:ad:4e:a8:83:02:47:
         82:f3:5d:76:2e:49:28:e9:cf:a6:e1:c7:60:87:a8:5c:ad:bb:
         42:fb:e3:64:db:d0:9c:af:34:94:a3:70:6e:2d:f6:cc:21:4b:
         e7:30:c2:40:a8:15:1a:62:4b:84:df:96:58:4f:33:e0:3d:ef:
         b0:5b:02:f4:b8:05:56:5b:c5:83:e0:83:55:80:28:32:eb:3f:
         ef:26:88:12:0d:09:45:7e:63:7d:14:44:d5:20:f8:54:d9:33:
         4e:24:75:7c:2c:6d:fa:d2:ae:12:bd:fc:01:9a:ae:b1:87:75:
         f9:19:5a:99:a3:25:de:67:09:be:73:f1:c9:59:f0:87:f2:b8:
         18:23:6f:06
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICD60wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMzA5MDEw
OTM3MDhaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDA1ODk4NTAyRDM2NTZD
QjM3NTBGMEMyRjRCMkEzNEYxNEZGOEFEMDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCncQWWXStWEwu7Y65mcfSp7RItqAtr2z2Cn68wfr50GHqDS+TZ
A7zhAz3KtpqWBqSTyYNLpSet6ejP0D9Yv9vHknHOH3oynoFkTj93aaYaqNxdMzAU
t3V+wScV8hCX/d5MR0NFfGMkLs+sK2043dciPRbwEpygurNKLYsenlmIBLIKH+Rw
5ltZAio4ZiBbjlXoWVNGnrxL3FfevG3W2EcsyAs3BQi4fHqZ2Vg7I6th6j22tXRG
LVw9qIC/jBY2tLPNwu2fJiE7Y2WPuewKqzjNNdrNhU1KZmbNdo0IuwFrAXaJNP89
RSaNGEeRr/nmWoLyg2HP3uUSp4fUhXD25nl9AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUBYmFAtNlbLN1DwwvSyo08U/4rQgwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvQlltRkF0TmxiTE4xRHd3
dlN5bzA4VV80clFnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ANIRETANBgkqhkiG9w0BAQsFAAOCAQEAepvmMi12n1c2MA5UW8RIXDGBzqXNRpkF
71QZsplVNOYCTLw+I5wbcfPXN+LAusuOZDMKzmJ92/wpao0vd2/RcLZbWkJsEK8+
qf8UF6CkqFTaoOn0Ld3VYGyco368r59MSersDe6lIzpxtFvnyeGzqArpxFUcAo5E
rU6ogwJHgvNddi5JKOnPpuHHYIeoXK27QvvjZNvQnK80lKNwbi32zCFL5zDCQKgV
GmJLhN+WWE8z4D3vsFsC9LgFVlvFg+CDVYAoMus/7yaIEg0JRX5jfRRE1SD4VNkz
TiR1fCxt+tKuEr38AZqusYd1+RlamaMl3mcJvnPxyVnwh/K4GCNvBg==
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:15 2024 by rpki-client on console-ams.rpki-client.org