Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/xi_DzFoS581fwJs7OVWTi6fliyY.roa
File:                     xi_DzFoS581fwJs7OVWTi6fliyY.roa (raw, json)
Hash identifier:          mmRCkYTaeetq9YA1hPummXbOp9sFTGU3RI1Cc7s0Lbs=
Subject key identifier:   C6:2F:C3:CC:5A:12:E7:CD:5F:C0:9B:3B:39:55:93:8B:A7:E5:8B:26
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       0F6D
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/xi_DzFoS581fwJs7OVWTi6fliyY.roa
Signing time:             Fri 01 Sep 2023 09:36:49 +0000
ROA not before:           Fri 01 Sep 2023 09:36:49 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     9924
IP address blocks:        210.67.160.0/19 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3949 (0xf6d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Sep  1 09:36:49 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=C62FC3CC5A12E7CD5FC09B3B3955938BA7E58B26
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:82:48:9a:e9:81:cb:af:8c:8c:cf:a4:b4:bc:
                    94:9e:16:07:c8:60:02:98:c3:e3:26:89:13:ea:f4:
                    de:1e:86:c5:6f:68:cf:fc:c6:8c:94:47:17:b7:5e:
                    7b:bb:fb:2d:43:c8:93:3c:55:c6:64:20:04:45:f5:
                    f7:6a:28:ff:21:01:f6:6d:dd:21:3d:6f:60:d3:85:
                    0c:19:09:cf:f0:b7:a2:bd:b1:6d:b3:c4:59:cf:69:
                    ac:16:8a:a7:66:c0:85:df:da:6f:42:1e:59:f2:87:
                    13:7d:04:10:90:fb:b1:ef:67:3f:dc:15:e6:1c:53:
                    ec:1c:41:d8:5c:46:ba:21:5f:4a:69:e9:70:8f:04:
                    cf:6e:c2:27:51:7c:ec:16:94:01:ff:65:f5:20:19:
                    45:ea:9b:69:bb:7b:13:b5:60:b6:2f:e9:b5:cb:d2:
                    b6:ab:6d:18:db:ef:c6:bf:5a:3e:ed:15:ce:38:8e:
                    bf:0e:50:f5:53:38:88:c8:66:8f:44:3d:d5:05:eb:
                    7d:84:ef:8c:17:e2:5a:98:c4:57:a9:44:aa:cb:26:
                    4e:73:d4:ac:4c:f8:3d:22:8d:f7:0d:f1:87:01:a8:
                    87:cb:79:c9:af:03:bc:52:b5:69:c3:a1:95:fa:bb:
                    c6:85:9c:0d:19:1a:05:02:8b:8f:93:a0:e0:b3:08:
                    c7:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:2F:C3:CC:5A:12:E7:CD:5F:C0:9B:3B:39:55:93:8B:A7:E5:8B:26
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/xi_DzFoS581fwJs7OVWTi6fliyY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.67.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         16:5d:1a:a4:ee:ea:1c:36:f4:50:67:cc:b3:01:62:29:72:86:
         31:a1:ea:7d:46:cd:11:c5:35:46:74:32:60:77:fa:0d:8a:a4:
         f9:7d:e6:9a:07:4f:32:15:56:fc:0e:bf:a2:6e:88:b7:f9:90:
         48:7a:c9:6c:bd:68:27:ea:3d:86:a0:61:c8:48:c8:d0:e0:78:
         10:e4:88:52:17:1b:08:c1:0a:ff:1a:84:4a:73:b6:9b:66:71:
         20:17:47:d3:c7:6f:cf:b8:49:56:ca:18:f4:a9:11:aa:8b:9f:
         aa:56:0c:7a:99:75:f1:f7:88:75:14:94:f4:ca:48:fa:fb:b2:
         0b:05:e1:48:03:ba:1b:d9:98:b4:c1:34:08:5f:16:07:35:78:
         24:d1:ba:66:a8:5f:ee:89:d4:bd:04:5d:28:58:0a:c7:33:4e:
         50:f1:03:2b:d7:33:4e:a0:b4:d9:1a:ca:94:4d:6f:91:33:77:
         23:2f:3a:3c:a2:02:8f:1e:38:78:86:44:df:40:c2:ad:19:8d:
         ad:74:2d:c2:f2:99:2c:5a:a1:e4:fc:9c:7f:1a:59:ba:19:bc:
         86:fb:e1:80:15:fc:1a:ba:e6:96:f7:a1:e1:94:b6:70:d6:39:
         38:5f:c1:a8:7f:c7:d9:11:f4:18:6c:a4:b3:7b:8c:e8:e8:e1:
         18:29:6b:e3
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICD20wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMzA5MDEw
OTM2NDlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEM2MkZDM0NDNUExMkU3
Q0Q1RkMwOUIzQjM5NTU5MzhCQTdFNThCMjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEgkia6YHLr4yMz6S0vJSeFgfIYAKYw+MmiRPq9N4ehsVvaM/8
xoyURxe3Xnu7+y1DyJM8VcZkIARF9fdqKP8hAfZt3SE9b2DThQwZCc/wt6K9sW2z
xFnPaawWiqdmwIXf2m9CHlnyhxN9BBCQ+7HvZz/cFeYcU+wcQdhcRrohX0pp6XCP
BM9uwidRfOwWlAH/ZfUgGUXqm2m7exO1YLYv6bXL0rarbRjb78a/Wj7tFc44jr8O
UPVTOIjIZo9EPdUF632E74wX4lqYxFepRKrLJk5z1KxM+D0ijfcN8YcBqIfLecmv
A7xStWnDoZX6u8aFnA0ZGgUCi4+ToOCzCMdhAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUxi/DzFoS581fwJs7OVWTi6fliyYwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQveGlfRHpGb1M1ODFmd0pz
N09WV1RpNmZsaXlZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
BdJDoDANBgkqhkiG9w0BAQsFAAOCAQEAFl0apO7qHDb0UGfMswFiKXKGMaHqfUbN
EcU1RnQyYHf6DYqk+X3mmgdPMhVW/A6/om6It/mQSHrJbL1oJ+o9hqBhyEjI0OB4
EOSIUhcbCMEK/xqESnO2m2ZxIBdH08dvz7hJVsoY9KkRqoufqlYMepl18feIdRSU
9MpI+vuyCwXhSAO6G9mYtME0CF8WBzV4JNG6Zqhf7onUvQRdKFgKxzNOUPEDK9cz
TqC02RrKlE1vkTN3Iy86PKICjx44eIZE30DCrRmNrXQtwvKZLFqh5PycfxpZuhm8
hvvhgBX8Grrmlveh4ZS2cNY5OF/BqH/H2RH0GGyks3uM6OjhGClr4w==
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:22 2024 by rpki-client on console-fra.rpki-client.org