Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/5_p1CsXCAIgP42QZHqubfRg5jak.roa
File:                     5_p1CsXCAIgP42QZHqubfRg5jak.roa (raw, json)
Hash identifier:          Czms+o+m0LJcLQCVPCamWmxqvUpiLcZFtWodz9e/kFU=
Subject key identifier:   E7:FA:75:0A:C5:C2:00:88:0F:E3:64:19:1E:AB:9B:7D:18:39:8D:A9
Certificate issuer:       /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial:       0CFE
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/5_p1CsXCAIgP42QZHqubfRg5jak.roa
Signing time:             Fri 01 Sep 2023 09:59:21 +0000
ROA not before:           Fri 01 Sep 2023 09:59:21 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     1659
IP address blocks:        163.16.0.0/13 maxlen: 19

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3326 (0xcfe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
        Validity
            Not Before: Sep  1 09:59:21 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=E7FA750AC5C200880FE364191EAB9B7D18398DA9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:ac:20:89:9f:7d:52:52:63:fc:33:79:55:a7:
                    cb:f2:4a:1f:19:cf:f9:b5:bb:aa:d3:47:bb:4f:16:
                    f3:0e:e1:95:b1:d4:5b:1c:83:7c:57:3c:8e:a2:a0:
                    08:19:58:63:af:10:6a:ff:c1:7f:8e:9c:48:7e:37:
                    b3:93:02:fb:5b:08:70:8c:2a:67:61:7c:b7:9f:b6:
                    db:ce:c9:7c:10:4e:7d:33:25:03:d3:6a:9d:a9:a9:
                    6f:b1:c1:5a:43:8c:b7:e3:d9:c7:4a:92:b1:dc:8c:
                    05:82:16:32:be:13:3c:3b:03:2c:cd:d6:16:3d:7d:
                    d5:ac:57:ae:e1:63:ff:09:ba:a9:c1:f2:20:d6:b1:
                    1a:51:6f:88:00:b0:65:64:0e:87:a2:e7:1c:55:c7:
                    a4:72:f4:ec:0a:c0:a3:c0:f3:9b:8c:e3:90:b3:6b:
                    01:03:b3:b1:0b:4a:19:8e:c2:2f:32:5b:db:b9:8e:
                    1d:14:2c:d4:00:31:25:3a:b1:9c:cb:0d:51:7b:c9:
                    03:e0:d6:b3:06:d1:ca:d0:f6:0b:95:ef:d7:ca:d8:
                    0e:a6:c8:3a:79:5f:d5:2c:25:20:92:0d:a4:e6:19:
                    f5:38:a9:3d:72:42:12:75:5b:8b:51:06:1c:48:bc:
                    3c:3e:5c:39:fd:64:4e:0b:87:9f:b0:85:2a:74:a1:
                    65:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:FA:75:0A:C5:C2:00:88:0F:E3:64:19:1E:AB:9B:7D:18:39:8D:A9
            X509v3 Authority Key Identifier:
                keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/5_p1CsXCAIgP42QZHqubfRg5jak.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.16.0.0/13

    Signature Algorithm: sha256WithRSAEncryption
         66:fb:a0:43:e8:88:9b:7e:c1:16:b7:10:94:3e:01:29:90:a7:
         4f:bc:87:05:3a:f5:2d:be:db:2b:64:98:bb:83:5b:2e:03:6c:
         86:21:52:af:b6:b4:97:04:1e:7d:ec:dc:92:b6:0f:ad:c6:fe:
         72:f7:fd:8e:1d:31:d2:c9:18:74:6f:8f:1c:a4:f3:10:8a:b1:
         80:fc:e3:bc:13:90:03:bb:7a:27:e5:66:3c:a0:52:16:05:12:
         9b:7e:60:2c:b5:d3:9e:3a:50:94:1b:11:7c:58:a2:48:c7:a8:
         89:49:36:4e:68:a5:22:a0:78:6f:94:bd:18:15:76:01:26:e6:
         3b:19:b9:a5:7e:74:eb:7a:d9:90:73:90:62:2f:02:60:9e:f5:
         40:21:48:5a:cb:a2:77:6c:7f:89:0f:9c:20:41:c6:81:4a:0f:
         0b:bf:1d:b4:14:4c:3d:5f:da:3f:d0:8c:c3:44:ae:4c:08:f6:
         4a:1a:fa:06:03:70:22:11:92:eb:30:51:af:f2:54:fa:aa:a4:
         17:48:97:7d:c6:ee:d2:3a:f0:7c:51:a6:3a:50:90:b3:50:b8:
         cd:1f:95:19:2c:77:e2:53:e1:69:43:2e:84:73:50:10:0e:30:
         e2:21:7a:2c:2a:f7:38:7e:f6:80:26:9c:d3:b9:14:8d:73:b7:
         54:f5:ff:e9
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDP4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMzA5MDEw
OTU5MjFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEU3RkE3NTBBQzVDMjAw
ODgwRkUzNjQxOTFFQUI5QjdEMTgzOThEQTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCorCCJn31SUmP8M3lVp8vySh8Zz/m1u6rTR7tPFvMO4ZWx1Fsc
g3xXPI6ioAgZWGOvEGr/wX+OnEh+N7OTAvtbCHCMKmdhfLefttvOyXwQTn0zJQPT
ap2pqW+xwVpDjLfj2cdKkrHcjAWCFjK+Ezw7AyzN1hY9fdWsV67hY/8JuqnB8iDW
sRpRb4gAsGVkDoei5xxVx6Ry9OwKwKPA85uM45CzawEDs7ELShmOwi8yW9u5jh0U
LNQAMSU6sZzLDVF7yQPg1rMG0crQ9guV79fK2A6myDp5X9UsJSCSDaTmGfU4qT1y
QhJ1W4tRBhxIvDw+XDn9ZE4Lh5+whSp0oWWTAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQU5/p1CsXCAIgP42QZHqubfRg5jakwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC81X3AxQ3NYQ0FJZ1A0MlFaSHF1
YmZSZzVqYWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMDoxAw
DQYJKoZIhvcNAQELBQADggEBAGb7oEPoiJt+wRa3EJQ+ASmQp0+8hwU69S2+2ytk
mLuDWy4DbIYhUq+2tJcEHn3s3JK2D63G/nL3/Y4dMdLJGHRvjxyk8xCKsYD847wT
kAO7eiflZjygUhYFEpt+YCy10546UJQbEXxYokjHqIlJNk5opSKgeG+UvRgVdgEm
5jsZuaV+dOt62ZBzkGIvAmCe9UAhSFrLondsf4kPnCBBxoFKDwu/HbQUTD1f2j/Q
jMNErkwI9koa+gYDcCIRkuswUa/yVPqqpBdIl33G7tI68HxRpjpQkLNQuM0flRks
d+JT4WlDLoRzUBAOMOIheiwq9zh+9oAmnNO5FI1zt1T1/+k=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:23 2024 by rpki-client on console-fra.rpki-client.org