Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/nseCnN-u8RaTTImV59oysMHYt0Q.roa
File:                     nseCnN-u8RaTTImV59oysMHYt0Q.roa (raw, json)
Hash identifier:          Wa9OQQdC7cRuqvh5vGWBAMl/HHVKdu+2JcZey7/kyho=
Subject key identifier:   9E:C7:82:9C:DF:AE:F1:16:93:4C:89:95:E7:DA:32:B0:C1:D8:B7:44
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0FC7
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/nseCnN-u8RaTTImV59oysMHYt0Q.roa
Signing time:             Fri 01 Sep 2023 09:37:16 +0000
ROA not before:           Fri 01 Sep 2023 09:37:16 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     17213
IP address blocks:        60.198.153.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4039 (0xfc7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep  1 09:37:16 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=9EC7829CDFAEF116934C8995E7DA32B0C1D8B744
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:4e:9e:0b:e8:fb:8d:a5:fb:62:4d:f6:9e:f5:
                    ad:72:62:e2:45:2f:a9:85:de:c5:3e:ed:cb:e1:f2:
                    b7:39:4b:b0:50:4b:68:47:97:1c:a5:0f:05:b6:32:
                    3a:a4:c1:d1:de:a7:00:32:b9:82:6a:6e:b0:9d:c3:
                    37:07:0b:e8:7d:b3:d3:dd:5c:8c:28:3d:9b:9f:8a:
                    e6:ab:f2:0e:6a:0a:71:7f:37:14:23:05:0e:7b:1c:
                    47:bb:8a:cf:ca:cb:af:61:04:a3:8e:69:b1:0f:9d:
                    73:c3:57:43:a0:49:03:97:95:d3:94:a9:62:f4:28:
                    04:87:48:40:65:b9:53:bf:e0:96:da:1d:1b:14:8a:
                    27:44:e1:db:76:ff:d5:65:91:97:63:8c:5e:ad:d7:
                    e2:ae:1a:f4:64:9d:64:29:94:9e:bb:70:a8:34:6c:
                    c1:44:80:29:eb:28:9e:93:dc:e5:94:be:2c:3f:71:
                    84:e4:60:b2:89:c8:9a:3c:7c:4b:5d:31:69:8c:79:
                    0d:56:f5:5a:3d:47:9a:66:10:4e:91:6d:d4:f2:38:
                    18:1d:64:29:5d:d9:38:d8:fe:5e:21:39:ae:bb:21:
                    54:97:7c:ce:3e:2a:b5:b6:55:8b:32:3c:c0:e5:14:
                    2a:81:cd:e4:d1:97:17:77:22:58:27:d8:b4:e7:b5:
                    22:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:C7:82:9C:DF:AE:F1:16:93:4C:89:95:E7:DA:32:B0:C1:D8:B7:44
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/nseCnN-u8RaTTImV59oysMHYt0Q.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  60.198.153.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:a8:c2:11:49:9f:2d:ce:28:ba:9f:c3:3f:25:e8:39:3b:36:
         e2:56:34:61:98:fe:64:dd:89:05:3d:a1:d6:58:a6:07:3e:d0:
         ed:b8:d4:fd:d6:32:a2:05:6d:c0:d2:a5:4e:c9:fb:e1:66:db:
         7a:05:78:4e:90:bd:56:16:3c:8e:bf:b3:61:3c:30:ef:2d:b3:
         49:1e:6d:ea:36:10:bd:3a:aa:f2:33:70:17:3b:1d:cd:fb:d6:
         64:e8:ef:64:cd:58:c1:cb:cf:3d:04:d1:72:0f:9b:a9:b0:9c:
         d8:58:4d:a0:71:6a:78:5f:f1:9e:ca:41:c3:43:3d:3e:dd:05:
         4f:c5:16:6d:33:74:26:72:e1:66:c9:52:a4:3a:67:78:4b:7e:
         41:4e:6f:0c:16:b8:65:fd:a9:e6:a4:a0:a3:8f:d2:a2:c9:3e:
         24:5f:73:01:46:63:3c:f1:6f:75:30:53:2b:79:dd:11:b3:64:
         8e:cd:cc:7c:8f:a3:3c:aa:e2:d4:d3:27:1e:0d:d2:7d:e5:a1:
         53:fc:fe:b8:3b:b2:a2:a8:1f:95:c3:8d:71:62:8b:43:56:8f:
         e4:6c:df:54:b6:93:28:ae:32:79:3e:11:b4:9f:15:22:fe:a8:
         0f:54:39:01:1c:01:23:0e:63:b7:92:3d:71:16:96:cd:fb:dd:
         4b:79:5a:3b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICD8cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMzA5MDEw
OTM3MTZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDlFQzc4MjlDREZBRUYx
MTY5MzRDODk5NUU3REEzMkIwQzFEOEI3NDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD2Tp4L6PuNpftiTfae9a1yYuJFL6mF3sU+7cvh8rc5S7BQS2hH
lxylDwW2MjqkwdHepwAyuYJqbrCdwzcHC+h9s9PdXIwoPZufiuar8g5qCnF/NxQj
BQ57HEe7is/Ky69hBKOOabEPnXPDV0OgSQOXldOUqWL0KASHSEBluVO/4JbaHRsU
iidE4dt2/9VlkZdjjF6t1+KuGvRknWQplJ67cKg0bMFEgCnrKJ6T3OWUviw/cYTk
YLKJyJo8fEtdMWmMeQ1W9Vo9R5pmEE6RbdTyOBgdZCld2TjY/l4hOa67IVSXfM4+
KrW2VYsyPMDlFCqBzeTRlxd3Ilgn2LTntSKrAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUnseCnN+u8RaTTImV59oysMHYt0QwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvbnNlQ25OLXU4UmFUVElt
VjU5b3lzTUhZdDBRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ADzGmTANBgkqhkiG9w0BAQsFAAOCAQEAIKjCEUmfLc4oup/DPyXoOTs24lY0YZj+
ZN2JBT2h1limBz7Q7bjU/dYyogVtwNKlTsn74WbbegV4TpC9VhY8jr+zYTww7y2z
SR5t6jYQvTqq8jNwFzsdzfvWZOjvZM1YwcvPPQTRcg+bqbCc2FhNoHFqeF/xnspB
w0M9Pt0FT8UWbTN0JnLhZslSpDpneEt+QU5vDBa4Zf2p5qSgo4/Sosk+JF9zAUZj
PPFvdTBTK3ndEbNkjs3MfI+jPKri1NMnHg3SfeWhU/z+uDuyoqgflcONcWKLQ1aP
5GzfVLaTKK4yeT4RtJ8VIv6oD1Q5ARwBIw5jt5I9cRaWzfvdS3laOw==
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:15 2024 by rpki-client on console-ams.rpki-client.org