Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/NnQ1MrK-rImC-Ye8NlwUqDXpNDI.roa
File:                     NnQ1MrK-rImC-Ye8NlwUqDXpNDI.roa (raw, json)
Hash identifier:          nu1yy/+ZWONs/pSt2HA2cig1utvqrLZCu9nX+NwwurM=
Subject key identifier:   36:74:35:32:B2:BE:AC:89:82:F9:87:BC:36:5C:14:A8:35:E9:34:32
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0F7B
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/NnQ1MrK-rImC-Ye8NlwUqDXpNDI.roa
Signing time:             Fri 01 Sep 2023 09:36:54 +0000
ROA not before:           Fri 01 Sep 2023 09:36:54 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     9924
IP address blocks:        60.199.107.0/24 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3963 (0xf7b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep  1 09:36:54 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=36743532B2BEAC8982F987BC365C14A835E93432
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:e9:4f:ec:d9:20:02:53:f1:02:e3:19:1a:57:
                    b3:5f:bb:de:d2:fa:b8:b7:70:96:7e:29:ff:f9:3d:
                    79:c0:05:8f:b3:d9:cb:57:5b:49:29:f7:43:7b:e4:
                    46:45:59:b3:21:c4:d9:a2:64:bf:84:3f:de:a3:e2:
                    83:e0:ba:ee:65:74:40:c2:1c:bf:34:ef:f4:c1:01:
                    3d:f4:1e:c3:3c:4c:18:80:c7:ff:67:7a:54:e9:42:
                    ef:a5:9a:5d:22:4a:25:2e:4a:8d:5d:c9:d3:c6:29:
                    12:e9:eb:22:fd:53:8a:1d:67:93:ef:b1:11:d6:bb:
                    e8:b7:81:09:b9:a9:8b:eb:b2:96:a9:7d:65:b0:a0:
                    45:c6:bd:48:f3:bc:f1:97:79:7c:4f:a7:a0:61:cc:
                    4d:35:0a:20:e4:36:ed:22:0a:fe:a5:e6:a7:f4:15:
                    ac:06:c6:75:1f:29:a6:f1:3b:a9:9f:3d:4f:e0:d4:
                    f8:0d:64:8e:53:b2:2a:19:83:b5:81:5d:ec:cc:88:
                    1b:87:5c:eb:73:7e:42:61:71:eb:81:c4:69:5b:d0:
                    00:b6:1c:36:47:48:7a:dd:e2:31:bc:58:33:f2:9d:
                    9f:ad:fc:f7:bc:d2:5a:4d:25:04:13:36:ca:47:60:
                    19:0a:ff:c0:b3:20:4f:a5:2c:ca:e8:10:2e:52:0e:
                    9a:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:74:35:32:B2:BE:AC:89:82:F9:87:BC:36:5C:14:A8:35:E9:34:32
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/NnQ1MrK-rImC-Ye8NlwUqDXpNDI.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  60.199.107.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:c5:53:45:58:ca:57:16:61:a3:86:1f:4a:a4:41:94:ad:eb:
         ca:78:6e:c1:34:ca:d4:da:e7:e9:a8:37:c7:bc:34:c6:da:b5:
         53:b0:5c:ac:8e:e3:ee:70:d9:87:0e:b1:e4:4e:9c:b6:9c:cc:
         bf:0a:8e:f4:dc:be:49:f4:c2:80:d8:5c:12:26:43:cf:56:5e:
         11:fb:e0:f3:d7:ec:f1:9c:02:71:5b:bb:65:a3:de:e7:6c:32:
         c8:ad:d0:1d:d9:87:8e:e0:4d:72:2c:27:94:3b:d4:2c:6f:95:
         5c:e4:5e:4b:b3:90:78:0f:9f:22:c3:ea:b6:31:c9:d4:3f:56:
         c3:0e:4c:0d:7e:cb:3c:42:45:99:79:1b:18:67:6c:68:93:4e:
         d0:1e:eb:4e:98:9f:de:1a:1f:4c:64:d9:9a:17:2e:c8:ff:36:
         7e:b6:69:98:d6:c3:fe:a4:c1:07:46:11:bf:96:a4:a7:07:90:
         c1:e2:ff:b4:24:9e:42:c6:9c:ce:ec:4d:7a:a7:5f:ed:dd:28:
         63:7d:4f:01:d4:83:2d:7a:6f:da:a1:86:39:3f:82:45:b9:ff:
         d2:90:61:81:b7:00:cb:09:db:a8:8c:77:ae:f9:ee:b9:49:87:
         65:0b:8c:7c:c7:77:58:7b:ed:58:5c:ec:98:97:7a:0e:3a:4f:
         c7:19:cf:bd
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICD3swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMzA5MDEw
OTM2NTRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDM2NzQzNTMyQjJCRUFD
ODk4MkY5ODdCQzM2NUMxNEE4MzVFOTM0MzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDF6U/s2SACU/EC4xkaV7Nfu97S+ri3cJZ+Kf/5PXnABY+z2ctX
W0kp90N75EZFWbMhxNmiZL+EP96j4oPguu5ldEDCHL807/TBAT30HsM8TBiAx/9n
elTpQu+lml0iSiUuSo1dydPGKRLp6yL9U4odZ5PvsRHWu+i3gQm5qYvrspapfWWw
oEXGvUjzvPGXeXxPp6BhzE01CiDkNu0iCv6l5qf0FawGxnUfKabxO6mfPU/g1PgN
ZI5TsioZg7WBXezMiBuHXOtzfkJhceuBxGlb0AC2HDZHSHrd4jG8WDPynZ+t/Pe8
0lpNJQQTNspHYBkK/8CzIE+lLMroEC5SDpp/AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUNnQ1MrK+rImC+Ye8NlwUqDXpNDIwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvTm5RMU1ySy1ySW1DLVll
OE5sd1VxRFhwTkRJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ADzHazANBgkqhkiG9w0BAQsFAAOCAQEADcVTRVjKVxZho4YfSqRBlK3rynhuwTTK
1Nrn6ag3x7w0xtq1U7BcrI7j7nDZhw6x5E6ctpzMvwqO9Ny+SfTCgNhcEiZDz1Ze
Efvg89fs8ZwCcVu7ZaPe52wyyK3QHdmHjuBNciwnlDvULG+VXOReS7OQeA+fIsPq
tjHJ1D9Www5MDX7LPEJFmXkbGGdsaJNO0B7rTpif3hofTGTZmhcuyP82frZpmNbD
/qTBB0YRv5akpweQweL/tCSeQsaczuxNeqdf7d0oY31PAdSDLXpv2qGGOT+CRbn/
0pBhgbcAywnbqIx3rvnuuUmHZQuMfMd3WHvtWFzsmJd6DjpPxxnPvQ==
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:22 2024 by rpki-client on console-fra.rpki-client.org