Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/kDHKC3sLBQiP0If8fs_flwZgSac.roa
File:                     kDHKC3sLBQiP0If8fs_flwZgSac.roa (raw, json)
Hash identifier:          zrL/R33wFB356o10wyOiGThHr5qNPXlIRKpbavYoCbA=
Subject key identifier:   90:31:CA:0B:7B:0B:05:08:8F:D0:87:FC:7E:CF:DF:97:06:60:49:A7
Certificate issuer:       /CN=993F7280F1F9B65439DD65ADFB68CA0D6C99BEC5
Certificate serial:       0B1D
Authority key identifier: 99:3F:72:80:F1:F9:B6:54:39:DD:65:AD:FB:68:CA:0D:6C:99:BE:C5
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/mT9ygPH5tlQ53WWt-2jKDWyZvsU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/kDHKC3sLBQiP0If8fs_flwZgSac.roa
Signing time:             Sat 07 Oct 2023 08:03:12 +0000
ROA not before:           Sat 07 Oct 2023 08:03:12 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     18464
IP address blocks:        103.122.21.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2845 (0xb1d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=993F7280F1F9B65439DD65ADFB68CA0D6C99BEC5
        Validity
            Not Before: Oct  7 08:03:12 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=9031CA0B7B0B05088FD087FC7ECFDF97066049A7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:25:51:fc:ad:45:88:1e:98:57:83:bd:1f:8f:
                    c6:2c:76:9f:0c:07:b4:fc:67:38:d8:f1:15:df:9a:
                    e1:44:14:c6:4a:1b:33:8f:a4:58:ab:ad:d9:4c:d6:
                    c2:57:08:33:62:fe:7b:67:06:10:d7:18:99:fb:de:
                    31:bc:c2:d7:61:c4:67:bb:91:3e:e8:ea:8f:fd:31:
                    da:c1:b6:6c:8f:f9:9d:70:8d:4b:ec:86:38:e0:70:
                    b9:e9:f4:6c:47:ba:d7:7d:6f:af:b4:92:c2:10:14:
                    5c:f9:30:3d:c8:72:13:46:58:d6:12:d7:66:69:6a:
                    ab:33:b9:fc:6a:e4:46:09:a6:64:f0:b4:99:42:3b:
                    e2:93:61:4f:36:88:20:9f:80:c8:22:83:4a:2a:6a:
                    50:37:1e:ac:a1:66:98:8e:9f:78:74:4c:5d:10:3f:
                    75:24:34:4f:d5:8e:b8:61:c2:81:c5:5e:47:99:26:
                    d5:ed:79:d3:0d:b3:9f:6a:e3:90:3d:49:c3:f0:86:
                    7b:4b:7d:4c:f3:c8:83:c0:c9:a4:09:63:35:d5:71:
                    6c:10:05:f4:87:4f:44:53:22:bd:2d:29:80:b6:06:
                    e0:5c:12:c2:37:d4:08:90:8c:8f:a5:39:5a:54:78:
                    4e:44:e2:ae:29:d4:07:c7:41:88:53:1f:20:8d:0a:
                    ff:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:31:CA:0B:7B:0B:05:08:8F:D0:87:FC:7E:CF:DF:97:06:60:49:A7
            X509v3 Authority Key Identifier:
                keyid:99:3F:72:80:F1:F9:B6:54:39:DD:65:AD:FB:68:CA:0D:6C:99:BE:C5

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/mT9ygPH5tlQ53WWt-2jKDWyZvsU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mT9ygPH5tlQ53WWt-2jKDWyZvsU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/kDHKC3sLBQiP0If8fs_flwZgSac.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.122.21.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:eb:32:01:ad:18:51:6f:dc:21:3b:59:f5:2f:2a:f9:71:01:
         0b:65:dc:74:5d:e4:e4:f0:bb:d8:ff:b4:25:21:b9:df:46:07:
         5c:c3:a5:f1:d6:5c:23:6e:8d:a4:db:f8:5c:c2:c5:58:39:39:
         9e:6b:d7:0d:1c:87:f2:33:97:a2:66:66:b4:17:33:bc:94:0c:
         e7:31:58:94:ae:e3:b4:ee:16:57:87:de:9b:c7:35:f8:0e:2c:
         c0:55:ef:bd:e6:73:65:9f:80:3e:94:d0:be:cd:db:79:39:7d:
         5e:37:36:bf:12:b1:e4:a0:57:a0:06:83:49:b2:cb:50:1e:86:
         c9:09:91:a6:69:ca:00:96:0a:2f:6f:0c:67:f1:fb:e9:f7:56:
         d7:05:bd:26:b4:80:ff:5d:24:d7:d7:a5:9c:1d:16:e0:09:72:
         00:83:44:db:ea:cf:77:2a:8d:4e:f8:91:c3:b2:2c:b1:83:47:
         13:ff:e7:47:26:0a:47:c4:ad:1c:d7:9a:6e:a3:a0:63:a8:4e:
         1c:77:e2:29:78:a1:a1:4c:d5:06:5e:da:fd:d2:55:83:01:a6:
         71:b3:fa:e8:ef:5e:15:f6:f7:91:3c:67:2b:81:6a:dc:02:b2:
         cf:29:82:87:7e:0d:e4:e7:7b:87:10:bb:f1:c8:e6:28:6f:9e:
         71:1e:b6:90
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgICCx0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTkz
RjcyODBGMUY5QjY1NDM5REQ2NUFERkI2OENBMEQ2Qzk5QkVDNTAeFw0yMzEwMDcw
ODAzMTJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDkwMzFDQTBCN0IwQjA1
MDg4RkQwODdGQzdFQ0ZERjk3MDY2MDQ5QTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPJVH8rUWIHphXg70fj8Ysdp8MB7T8ZzjY8RXfmuFEFMZKGzOP
pFirrdlM1sJXCDNi/ntnBhDXGJn73jG8wtdhxGe7kT7o6o/9MdrBtmyP+Z1wjUvs
hjjgcLnp9GxHutd9b6+0ksIQFFz5MD3IchNGWNYS12Zpaqszufxq5EYJpmTwtJlC
O+KTYU82iCCfgMgig0oqalA3HqyhZpiOn3h0TF0QP3UkNE/VjrhhwoHFXkeZJtXt
edMNs59q45A9ScPwhntLfUzzyIPAyaQJYzXVcWwQBfSHT0RTIr0tKYC2BuBcEsI3
1AiQjI+lOVpUeE5E4q4p1AfHQYhTHyCNCv+9AgMBAAGjggH2MIIB8jAdBgNVHQ4E
FgQUkDHKC3sLBQiP0If8fs/flwZgSacwHwYDVR0jBBgwFoAUmT9ygPH5tlQ53WWt
+2jKDWyZvsUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg
U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0FLVVJB
SE9TVC9tVDl5Z1BINXRsUTUzV1d0LTJqS0RXeVp2c1UuY3JsMGAGCCsGAQUFBwEB
BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U
V05JQ0NBL21UOXlnUEg1dGxRNTNXV3QtMmpLRFd5WnZzVS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y
cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL1NBS1VSQUhPU1Qva0RIS0Mzc0xC
UWlQMElmOGZzX2Zsd1pnU2FjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw
LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAGd6FTANBgkqhkiG9w0BAQsFAAOCAQEAcesyAa0YUW/cITtZ9S8q+XEB
C2XcdF3k5PC72P+0JSG530YHXMOl8dZcI26NpNv4XMLFWDk5nmvXDRyH8jOXomZm
tBczvJQM5zFYlK7jtO4WV4fem8c1+A4swFXvveZzZZ+APpTQvs3beTl9Xjc2vxKx
5KBXoAaDSbLLUB6GyQmRpmnKAJYKL28MZ/H76fdW1wW9JrSA/10k19elnB0W4Aly
AINE2+rPdyqNTviRw7IssYNHE//nRyYKR8StHNeabqOgY6hOHHfiKXihoUzVBl7a
/dJVgwGmcbP66O9eFfb3kTxnK4Fq3AKyzymCh34N5Od7hxC78cjmKG+ecR62kA==
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:22 2024 by rpki-client on console-fra.rpki-client.org