Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/bHan9D8WiRknI9T9YajJ1TrI3WY.roa
File:                     bHan9D8WiRknI9T9YajJ1TrI3WY.roa (raw, json)
Hash identifier:          t4Ec519IddQDsD4cNFU1Fio+cdA1OLAeB1hNW/z0AMQ=
Subject key identifier:   6C:76:A7:F4:3F:16:89:19:27:23:D4:FD:61:A8:C9:D5:3A:C8:DD:66
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0FB4
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/bHan9D8WiRknI9T9YajJ1TrI3WY.roa
Signing time:             Fri 01 Sep 2023 09:37:11 +0000
ROA not before:           Fri 01 Sep 2023 09:37:11 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     9924
IP address blocks:        219.80.0.0/15 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4020 (0xfb4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep  1 09:37:11 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=6C76A7F43F1689192723D4FD61A8C9D53AC8DD66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:fe:aa:c8:8c:af:46:67:3c:22:7e:79:b4:d6:
                    cb:a1:7e:ba:13:cc:a3:ab:ac:46:6d:b5:32:13:26:
                    87:17:5d:5d:f9:26:22:81:ed:1c:a7:03:09:b5:2f:
                    ad:03:ab:61:dc:48:10:10:ec:8a:f0:8b:c3:d7:b9:
                    eb:07:d7:75:c5:59:a0:bf:bd:8a:dd:f8:d6:e5:80:
                    f3:72:2a:27:ee:83:5b:c7:ff:15:d3:4f:6c:e7:6d:
                    c3:c7:ea:7f:b4:34:46:2f:bf:56:f8:ed:16:2e:f3:
                    52:33:05:a1:f5:9f:d1:58:fc:e6:55:fd:e6:09:f3:
                    21:d4:1e:1a:5b:bd:7d:34:47:26:e3:1f:3b:b5:80:
                    0c:79:33:0f:a5:f5:8a:f9:fd:24:a2:9e:e0:92:a6:
                    8e:85:ba:e2:ec:9f:f8:13:34:b5:f0:97:9a:a5:db:
                    df:b1:fb:b4:27:44:7d:b4:1c:ce:d7:a0:5d:b0:2f:
                    36:24:98:0f:a1:cc:26:fc:a0:2d:a4:ab:24:43:f5:
                    1b:43:cc:10:2f:db:68:8b:1b:20:5a:53:de:db:cd:
                    45:af:3f:29:b5:65:71:bc:73:37:24:13:50:26:48:
                    b6:0f:47:45:4e:b2:06:dd:d6:54:03:00:68:9c:22:
                    3d:c3:96:10:bf:90:27:38:5b:16:a9:42:d9:d4:a9:
                    02:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:76:A7:F4:3F:16:89:19:27:23:D4:FD:61:A8:C9:D5:3A:C8:DD:66
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/bHan9D8WiRknI9T9YajJ1TrI3WY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  219.80.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         10:40:1a:c0:57:f1:1e:e8:5e:70:bf:d4:25:56:f7:cf:17:72:
         54:3b:e0:81:c8:f6:36:e6:47:ac:5f:d9:47:a3:61:dc:09:39:
         5a:e0:bb:1c:15:1e:d0:a7:8b:4f:a1:44:98:95:ce:34:c5:00:
         22:8b:a9:44:be:b1:b5:f7:6a:13:b1:54:9e:06:b2:f1:5b:b1:
         af:a6:17:3c:1c:e7:bc:2c:c1:58:bf:d2:a6:08:e0:09:dd:80:
         64:bd:33:f5:39:37:d5:ce:41:a6:1d:b1:ab:01:55:c6:1e:21:
         d4:08:6b:92:4a:97:81:86:4c:c0:ef:ee:ca:b3:23:b7:f1:f3:
         61:22:a5:a0:cb:38:8a:ee:5d:ff:e2:15:91:a4:bf:e7:65:d1:
         82:a5:3c:f2:13:46:25:af:7b:d6:61:a0:a3:8f:58:53:17:81:
         0e:a7:91:3c:ab:21:b9:27:ce:ca:2b:d5:29:45:a7:7f:58:86:
         a6:90:47:4b:ac:fe:41:4a:a2:94:2a:b2:ee:9a:94:82:fa:7d:
         b0:2f:5c:3b:34:51:d1:c0:ac:33:df:a0:5f:31:4c:f3:65:72:
         84:2f:01:ba:92:d2:ef:c7:c7:01:1a:95:2f:7d:34:ad:12:ab:
         32:3d:5e:d8:aa:0f:fe:62:11:2b:90:18:bf:9d:41:2c:1b:60:
         cd:d4:6d:42
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICD7QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMzA5MDEw
OTM3MTFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDZDNzZBN0Y0M0YxNjg5
MTkyNzIzRDRGRDYxQThDOUQ1M0FDOERENjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7/qrIjK9GZzwifnm01suhfroTzKOrrEZttTITJocXXV35JiKB
7RynAwm1L60Dq2HcSBAQ7Irwi8PXuesH13XFWaC/vYrd+NblgPNyKifug1vH/xXT
T2znbcPH6n+0NEYvv1b47RYu81IzBaH1n9FY/OZV/eYJ8yHUHhpbvX00RybjHzu1
gAx5Mw+l9Yr5/SSinuCSpo6FuuLsn/gTNLXwl5ql29+x+7QnRH20HM7XoF2wLzYk
mA+hzCb8oC2kqyRD9RtDzBAv22iLGyBaU97bzUWvPym1ZXG8czckE1AmSLYPR0VO
sgbd1lQDAGicIj3DlhC/kCc4WxapQtnUqQK3AgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUbHan9D8WiRknI9T9YajJ1TrI3WYwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvYkhhbjlEOFdpUmtuSTlU
OVlhakoxVHJJM1dZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMD
AdtQMA0GCSqGSIb3DQEBCwUAA4IBAQAQQBrAV/Ee6F5wv9QlVvfPF3JUO+CByPY2
5kesX9lHo2HcCTla4LscFR7Qp4tPoUSYlc40xQAii6lEvrG192oTsVSeBrLxW7Gv
phc8HOe8LMFYv9KmCOAJ3YBkvTP1OTfVzkGmHbGrAVXGHiHUCGuSSpeBhkzA7+7K
syO38fNhIqWgyziK7l3/4hWRpL/nZdGCpTzyE0Ylr3vWYaCjj1hTF4EOp5E8qyG5
J87KK9UpRad/WIamkEdLrP5BSqKUKrLumpSC+n2wL1w7NFHRwKwz36BfMUzzZXKE
LwG6ktLvx8cBGpUvfTStEqsyPV7Yqg/+YhErkBi/nUEsG2DN1G1C
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:15 2024 by rpki-client on console-ams.rpki-client.org