Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/udTsmqKKj4CjKFoqD5YogHHxZL4.roa
File:                     udTsmqKKj4CjKFoqD5YogHHxZL4.roa (raw, json)
Hash identifier:          pR8j9z/za2Ti6EHrLARMr5bZSoU02Yyzy3EkUutqaM4=
Subject key identifier:   B9:D4:EC:9A:A2:8A:8F:80:A3:28:5A:2A:0F:96:28:80:71:F1:64:BE
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0F6F
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/udTsmqKKj4CjKFoqD5YogHHxZL4.roa
Signing time:             Fri 01 Sep 2023 09:36:50 +0000
ROA not before:           Fri 01 Sep 2023 09:36:50 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     24164
IP address blocks:        203.77.64.0/20 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3951 (0xf6f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep  1 09:36:50 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=B9D4EC9AA28A8F80A3285A2A0F96288071F164BE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:57:66:fd:13:15:c1:16:0e:58:04:af:85:da:
                    f7:6c:d0:23:47:56:a1:ee:52:32:10:0c:3a:45:d2:
                    69:c1:00:d9:d7:d3:9f:94:6d:59:6c:fa:c1:ff:92:
                    98:1d:46:1e:21:0d:a1:9d:b2:3d:7d:f5:da:a5:ce:
                    7b:28:53:0a:2c:ee:a9:a6:a9:7b:b5:5c:72:e3:14:
                    24:03:8b:0a:5d:9b:6b:99:71:46:0e:73:36:63:22:
                    0e:00:94:a0:9a:2d:4b:b0:8c:aa:c8:d1:42:90:d1:
                    d6:20:e7:0f:62:7a:d0:53:05:b6:39:fe:c9:3e:68:
                    27:b8:99:18:94:40:a4:de:13:f5:86:d1:2b:f5:1d:
                    aa:37:db:50:c5:23:74:ca:fe:1f:0b:61:a9:28:ce:
                    25:01:ed:69:ae:8b:3a:42:f2:a3:2d:8a:76:3e:11:
                    7e:4d:9a:55:79:80:f8:79:40:87:fb:23:0e:cd:63:
                    d5:34:fd:78:cf:68:b6:c6:55:a3:aa:5e:62:a3:dd:
                    89:b5:da:5e:99:ea:10:20:56:bd:98:4f:27:27:5d:
                    2b:d1:09:12:e7:20:47:97:80:3a:d8:02:78:ae:23:
                    b9:6a:10:9e:9a:38:88:cc:18:b4:37:d3:c3:5d:6e:
                    1c:ec:43:f7:be:90:f5:36:1d:b5:03:09:8a:2c:dd:
                    4b:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:D4:EC:9A:A2:8A:8F:80:A3:28:5A:2A:0F:96:28:80:71:F1:64:BE
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/udTsmqKKj4CjKFoqD5YogHHxZL4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.77.64.0/20

    Signature Algorithm: sha256WithRSAEncryption
         02:1a:46:2c:e0:39:ea:6c:33:d6:92:4b:97:2d:fe:5f:e3:79:
         59:93:86:28:dc:d7:eb:d4:85:1d:85:3d:1e:90:b0:15:c3:87:
         5d:58:fe:7d:4d:56:ac:ec:2c:9a:b4:21:ae:c6:b7:c1:45:7a:
         74:65:47:cd:bb:3c:64:75:e8:af:af:e3:7e:74:30:59:06:6b:
         dd:a6:96:4e:91:b4:50:92:fc:1e:39:0f:08:1d:89:dd:ca:fc:
         0f:fc:64:20:b3:cb:1b:61:c1:47:bd:8d:a2:c1:9d:b6:ff:3e:
         82:80:db:b5:4f:02:b1:5e:d1:27:30:ca:20:b7:af:b5:f2:7a:
         44:46:ca:5a:6f:16:19:26:56:ec:63:b1:46:57:b6:0b:1d:f0:
         91:51:7f:9c:0e:0b:53:58:c2:a7:dd:c6:cb:6a:01:78:f0:53:
         c8:0d:bd:e8:67:88:5d:d9:b5:bf:c7:4f:98:cb:db:0c:36:01:
         40:22:80:bb:02:a6:f4:63:17:22:cb:9a:83:04:48:ed:4d:24:
         33:f3:bd:a4:d4:71:66:f7:3b:1e:d6:9a:d2:ad:87:9d:5c:8b:
         29:46:15:6f:ef:3e:c5:e6:c8:a3:02:07:61:84:34:64:1b:4a:
         a3:70:ca:54:d5:43:19:9e:2e:a2:02:6e:ca:54:d1:d0:e6:5f:
         0e:35:3c:be
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICD28wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMzA5MDEw
OTM2NTBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEI5RDRFQzlBQTI4QThG
ODBBMzI4NUEyQTBGOTYyODgwNzFGMTY0QkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDrV2b9ExXBFg5YBK+F2vds0CNHVqHuUjIQDDpF0mnBANnX05+U
bVls+sH/kpgdRh4hDaGdsj199dqlznsoUwos7qmmqXu1XHLjFCQDiwpdm2uZcUYO
czZjIg4AlKCaLUuwjKrI0UKQ0dYg5w9ietBTBbY5/sk+aCe4mRiUQKTeE/WG0Sv1
Hao321DFI3TK/h8LYakoziUB7WmuizpC8qMtinY+EX5NmlV5gPh5QIf7Iw7NY9U0
/XjPaLbGVaOqXmKj3Ym12l6Z6hAgVr2YTycnXSvRCRLnIEeXgDrYAniuI7lqEJ6a
OIjMGLQ308NdbhzsQ/e+kPU2HbUDCYos3UsVAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUudTsmqKKj4CjKFoqD5YogHHxZL4wHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvdWRUc21xS0tqNENqS0Zv
cUQ1WW9nSEh4Wkw0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
BMtNQDANBgkqhkiG9w0BAQsFAAOCAQEAAhpGLOA56mwz1pJLly3+X+N5WZOGKNzX
69SFHYU9HpCwFcOHXVj+fU1WrOwsmrQhrsa3wUV6dGVHzbs8ZHXor6/jfnQwWQZr
3aaWTpG0UJL8HjkPCB2J3cr8D/xkILPLG2HBR72NosGdtv8+goDbtU8CsV7RJzDK
ILevtfJ6REbKWm8WGSZW7GOxRle2Cx3wkVF/nA4LU1jCp93Gy2oBePBTyA296GeI
Xdm1v8dPmMvbDDYBQCKAuwKm9GMXIsuagwRI7U0kM/O9pNRxZvc7Htaa0q2HnVyL
KUYVb+8+xebIowIHYYQ0ZBtKo3DKVNVDGZ4uogJuylTR0OZfDjU8vg==
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:22 2024 by rpki-client on console-fra.rpki-client.org