Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SCNET/EbxwCjP3IfBw8VUUj8UQ1CSY8f4.roa
File:                     EbxwCjP3IfBw8VUUj8UQ1CSY8f4.roa (raw, json)
Hash identifier:          oqPVSdxncOyFGbWO4RnUez0J2w/RoP3niureEFViA64=
Subject key identifier:   11:BC:70:0A:33:F7:21:F0:70:F1:55:14:8F:C5:10:D4:24:98:F1:FE
Certificate issuer:       /CN=349B9CE90AE03DAD19BC54DFF63AE8C41E223948
Certificate serial:       12E3
Authority key identifier: 34:9B:9C:E9:0A:E0:3D:AD:19:BC:54:DF:F6:3A:E8:C4:1E:22:39:48
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/NJuc6QrgPa0ZvFTf9jroxB4iOUg.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/EbxwCjP3IfBw8VUUj8UQ1CSY8f4.roa
Signing time:             Tue 30 Apr 2024 12:49:07 +0000
ROA not before:           Tue 30 Apr 2024 12:49:07 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     215913
IP address blocks:        103.123.219.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4835 (0x12e3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=349B9CE90AE03DAD19BC54DFF63AE8C41E223948
        Validity
            Not Before: Apr 30 12:49:07 2024 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=11BC700A33F721F070F155148FC510D42498F1FE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:3d:cb:ce:ff:ac:fc:a5:28:eb:cd:7f:6c:20:
                    69:d3:4d:53:fe:fa:d7:5a:5c:ba:4d:b2:97:27:0f:
                    15:cf:92:14:27:29:c8:18:1a:f0:a7:c1:7c:be:74:
                    96:13:95:ac:cf:86:e0:ca:96:71:bc:05:46:c0:e0:
                    ca:65:ac:86:70:b2:df:c8:dc:d9:e6:4d:9e:e8:f9:
                    85:0e:48:28:e3:20:d8:cf:4a:f6:15:de:9a:8f:09:
                    d2:cc:c7:ca:08:59:77:37:f7:ab:cd:2d:31:6a:7a:
                    0e:60:73:91:be:9f:8b:86:f4:41:e0:1b:e3:f6:f8:
                    f0:8f:e2:62:6c:94:a4:bc:ed:d1:78:fc:c3:fb:dd:
                    fb:24:d3:9c:76:59:3f:31:0d:ca:40:45:6b:4c:44:
                    39:32:ed:d3:52:f8:a8:e5:cd:ec:f5:8e:0b:c1:84:
                    db:8b:13:05:83:ca:5d:d4:e4:fa:5d:21:a1:9c:a3:
                    81:69:cb:05:a2:8f:67:03:50:bb:5b:96:90:ea:11:
                    53:2d:19:c2:20:a6:86:b9:5a:3c:33:6f:a9:da:33:
                    a5:86:fa:32:61:b1:08:8a:27:b4:61:92:55:4c:7d:
                    70:18:44:47:a2:85:e9:1c:fa:05:9a:c8:a7:39:ff:
                    f1:da:2a:44:e6:fc:76:79:4b:2e:dc:06:b6:b3:f4:
                    cd:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:BC:70:0A:33:F7:21:F0:70:F1:55:14:8F:C5:10:D4:24:98:F1:FE
            X509v3 Authority Key Identifier:
                keyid:34:9B:9C:E9:0A:E0:3D:AD:19:BC:54:DF:F6:3A:E8:C4:1E:22:39:48

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/NJuc6QrgPa0ZvFTf9jroxB4iOUg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NJuc6QrgPa0ZvFTf9jroxB4iOUg.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/EbxwCjP3IfBw8VUUj8UQ1CSY8f4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.123.219.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:bc:28:80:87:07:e3:64:27:15:de:6f:80:42:5e:d7:c1:32:
         5f:02:9d:c3:10:66:1e:eb:a7:d2:e4:8b:f1:e1:78:8b:df:3e:
         18:d6:24:a9:31:be:99:83:ea:75:b0:8a:1a:06:04:99:13:e6:
         48:92:c2:f9:a0:48:ae:d8:4c:1b:5d:3a:9b:63:5b:0e:df:e0:
         26:24:1b:e3:7f:84:1c:df:68:ed:0b:d1:51:d9:16:43:02:32:
         55:cb:43:c8:7c:23:10:7b:ed:66:e7:96:92:7e:ff:70:68:b1:
         73:4a:61:34:d3:6a:16:d6:ae:ab:44:77:39:44:57:aa:12:c7:
         ed:77:18:6f:40:e7:2e:9d:e7:3b:b3:21:f8:14:96:68:e2:48:
         6b:23:7c:5d:15:a0:39:8a:e4:55:7a:08:71:07:c0:d7:30:07:
         3e:fd:40:a4:26:03:9b:47:20:30:4e:3c:ed:d4:26:c0:b7:96:
         83:6c:a1:f1:36:d1:94:da:cf:d9:5f:2e:6e:3e:16:cc:e8:cc:
         6f:9a:4f:9f:e6:1c:5e:00:15:95:30:c6:1b:ec:98:43:fa:f4:
         09:4c:1d:26:b7:e3:78:a3:a8:a0:6e:4a:d3:34:a8:8a:a4:a7:
         b1:f3:e2:e9:4b:be:b8:34:86:97:01:f2:2b:8e:6e:a1:94:20:
         ae:e3:18:eb
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICEuMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzQ5
QjlDRTkwQUUwM0RBRDE5QkM1NERGRjYzQUU4QzQxRTIyMzk0ODAeFw0yNDA0MzAx
MjQ5MDdaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDExQkM3MDBBMzNGNzIx
RjA3MEYxNTUxNDhGQzUxMEQ0MjQ5OEYxRkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDePcvO/6z8pSjrzX9sIGnTTVP++tdaXLpNspcnDxXPkhQnKcgY
GvCnwXy+dJYTlazPhuDKlnG8BUbA4MplrIZwst/I3NnmTZ7o+YUOSCjjINjPSvYV
3pqPCdLMx8oIWXc396vNLTFqeg5gc5G+n4uG9EHgG+P2+PCP4mJslKS87dF4/MP7
3fsk05x2WT8xDcpARWtMRDky7dNS+Kjlzez1jgvBhNuLEwWDyl3U5PpdIaGco4Fp
ywWij2cDULtblpDqEVMtGcIgpoa5Wjwzb6naM6WG+jJhsQiKJ7RhklVMfXAYREei
hekc+gWayKc5//HaKkTm/HZ5Sy7cBraz9M2lAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUEbxwCjP3IfBw8VUUj8UQ1CSY8f4wHwYDVR0jBBgwFoAUNJuc6QrgPa0ZvFTf
9jroxB4iOUgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0NORVQv
Tkp1YzZRcmdQYTBadkZUZjlqcm94QjRpT1VnLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9OSnVjNlFyZ1BhMFp2RlRmOWpyb3hCNGlPVWcuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TQ05FVC9FYnh3Q2pQM0lmQnc4VlVVajhV
UTFDU1k4ZjQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ3vb
MA0GCSqGSIb3DQEBCwUAA4IBAQByvCiAhwfjZCcV3m+AQl7XwTJfAp3DEGYe66fS
5Ivx4XiL3z4Y1iSpMb6Zg+p1sIoaBgSZE+ZIksL5oEiu2EwbXTqbY1sO3+AmJBvj
f4Qc32jtC9FR2RZDAjJVy0PIfCMQe+1m55aSfv9waLFzSmE002oW1q6rRHc5RFeq
EsftdxhvQOcunec7syH4FJZo4khrI3xdFaA5iuRVeghxB8DXMAc+/UCkJgObRyAw
Tjzt1CbAt5aDbKHxNtGU2s/ZXy5uPhbM6Mxvmk+f5hxeABWVMMYb7JhD+vQJTB0m
t+N4o6igbkrTNKiKpKex8+LpS764NIaXAfIrjm6hlCCu4xjr
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:16 2024 by rpki-client on console-ams.rpki-client.org