Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/Jc4meAlsReONBarzWreMygHNt0w.roa
File:                     Jc4meAlsReONBarzWreMygHNt0w.roa (raw, json)
Hash identifier:          WvhIsHUwCyxUIBzVcBFRHJHPzr+0DC6vpNIvEhfuzBc=
Subject key identifier:   25:CE:26:78:09:6C:45:E3:8D:05:AA:F3:5A:B7:8C:CA:01:CD:B7:4C
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0FB1
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/Jc4meAlsReONBarzWreMygHNt0w.roa
Signing time:             Fri 01 Sep 2023 09:37:09 +0000
ROA not before:           Fri 01 Sep 2023 09:37:09 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     131628
IP address blocks:        175.97.128.0/18 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4017 (0xfb1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep  1 09:37:09 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=25CE2678096C45E38D05AAF35AB78CCA01CDB74C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:1e:79:30:e8:5e:29:bc:1a:fc:7f:e6:4b:b4:
                    04:45:11:8d:d4:73:31:ae:76:68:71:87:20:41:ae:
                    38:37:be:51:5d:e9:62:42:96:40:cc:94:b1:27:97:
                    c5:ca:87:88:19:94:a4:18:b0:66:15:04:bc:ba:f5:
                    41:7d:18:6a:cb:cd:28:79:8a:ac:fa:45:65:0d:49:
                    a3:ea:38:ee:86:84:6d:ee:69:24:46:08:c9:3d:1b:
                    63:3e:30:e5:90:4b:f2:8e:5d:01:6a:cc:e4:43:3c:
                    8d:f9:70:7e:c4:01:a1:b5:fc:18:30:31:11:87:35:
                    44:8a:e5:cc:82:e7:df:e1:dc:72:d7:ac:24:b1:81:
                    4f:74:4f:b5:d2:a1:8e:fe:9f:49:44:dc:9b:a1:f0:
                    e3:07:2e:17:98:af:05:4f:17:c6:bc:39:e4:2e:3b:
                    ff:95:16:df:2c:bb:d7:8a:65:9c:c7:51:4d:90:2b:
                    e1:76:97:d4:17:48:99:6a:4f:64:db:ae:c3:d5:4d:
                    65:75:2d:86:c5:24:35:bd:ef:de:e7:7f:d9:96:a4:
                    b8:e8:0b:c4:d5:d0:0b:1e:fa:c3:04:18:f4:bb:db:
                    e4:d8:ef:3d:86:f5:5f:5b:d2:91:cf:dd:9e:85:41:
                    5f:0d:9b:34:4f:fe:70:c6:8f:80:b6:cb:95:a8:f1:
                    80:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:CE:26:78:09:6C:45:E3:8D:05:AA:F3:5A:B7:8C:CA:01:CD:B7:4C
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/Jc4meAlsReONBarzWreMygHNt0w.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  175.97.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         5d:72:b0:5e:fe:7b:93:18:d9:1a:44:a9:d5:19:36:d7:51:ae:
         2f:b3:43:a6:1e:1d:2c:1b:3c:9a:77:56:17:62:90:5a:ed:c2:
         0c:74:8c:e7:01:20:9b:1a:60:c8:65:dc:a7:86:12:0b:da:4d:
         a2:65:b1:4f:41:b7:ea:dc:24:89:1f:fa:0d:33:88:7b:fe:d0:
         13:f0:cf:07:d5:62:36:6a:7d:6d:33:ba:e8:5d:a4:43:80:38:
         d8:30:f6:ef:7e:c4:e9:ad:a8:b7:6b:ad:81:57:4b:e4:41:a7:
         d5:54:2f:ab:1b:08:24:df:2c:84:10:90:6d:1f:bd:6c:e3:58:
         52:7c:e7:1d:5a:c0:cc:d9:f2:26:9d:84:fa:4f:76:b7:27:3c:
         04:8c:a3:34:34:1b:69:24:4f:29:39:dc:0b:b7:66:1f:a1:8d:
         a6:f2:ba:6d:2b:55:0b:3b:20:39:03:80:46:19:65:85:94:d2:
         d7:e6:cb:a4:29:b1:ea:ae:8b:5c:cb:24:20:b1:d6:82:5e:de:
         27:36:43:2a:15:72:a7:b0:31:0e:4f:cf:9f:4a:a9:cd:94:ad:
         bf:7d:e7:7e:4d:28:3c:74:f2:3b:42:82:93:27:22:a2:2f:e8:
         69:25:e0:4e:42:29:ab:e3:76:b1:5a:fe:89:fd:1a:c0:6d:cc:
         b4:f1:5d:ba
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICD7EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMzA5MDEw
OTM3MDlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDI1Q0UyNjc4MDk2QzQ1
RTM4RDA1QUFGMzVBQjc4Q0NBMDFDREI3NEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWHnkw6F4pvBr8f+ZLtARFEY3UczGudmhxhyBBrjg3vlFd6WJC
lkDMlLEnl8XKh4gZlKQYsGYVBLy69UF9GGrLzSh5iqz6RWUNSaPqOO6GhG3uaSRG
CMk9G2M+MOWQS/KOXQFqzORDPI35cH7EAaG1/BgwMRGHNUSK5cyC59/h3HLXrCSx
gU90T7XSoY7+n0lE3Juh8OMHLheYrwVPF8a8OeQuO/+VFt8su9eKZZzHUU2QK+F2
l9QXSJlqT2TbrsPVTWV1LYbFJDW9797nf9mWpLjoC8TV0Ase+sMEGPS72+TY7z2G
9V9b0pHP3Z6FQV8NmzRP/nDGj4C2y5Wo8YDpAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUJc4meAlsReONBarzWreMygHNt0wwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvSmM0bWVBbHNSZU9OQmFy
eldyZU15Z0hOdDB3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
Bq9hgDANBgkqhkiG9w0BAQsFAAOCAQEAXXKwXv57kxjZGkSp1Rk211GuL7NDph4d
LBs8mndWF2KQWu3CDHSM5wEgmxpgyGXcp4YSC9pNomWxT0G36twkiR/6DTOIe/7Q
E/DPB9ViNmp9bTO66F2kQ4A42DD2737E6a2ot2utgVdL5EGn1VQvqxsIJN8shBCQ
bR+9bONYUnznHVrAzNnyJp2E+k92tyc8BIyjNDQbaSRPKTncC7dmH6GNpvK6bStV
CzsgOQOARhllhZTS1+bLpCmx6q6LXMskILHWgl7eJzZDKhVyp7AxDk/Pn0qpzZSt
v33nfk0oPHTyO0KCkycioi/oaSXgTkIpq+N2sVr+if0awG3MtPFdug==
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:15 2024 by rpki-client on console-ams.rpki-client.org