Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/7dYShPK2DT-KyFnkCb6fNw6H56E.roa
File:                     7dYShPK2DT-KyFnkCb6fNw6H56E.roa (raw, json)
Hash identifier:          CUwaA2jfWI1R+5p1YV/JxsMTUIz8cCb0WNIXdxzxSjw=
Subject key identifier:   ED:D6:12:84:F2:B6:0D:3F:8A:C8:59:E4:09:BE:9F:37:0E:87:E7:A1
Certificate issuer:       /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial:       0CAD
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/7dYShPK2DT-KyFnkCb6fNw6H56E.roa
Signing time:             Fri 01 Sep 2023 09:59:31 +0000
ROA not before:           Fri 01 Sep 2023 09:59:31 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     1659
IP address blocks:        140.112.0.0/12 maxlen: 12

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3245 (0xcad)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
        Validity
            Not Before: Sep  1 09:59:31 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=EDD61284F2B60D3F8AC859E409BE9F370E87E7A1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:0f:af:6e:4e:62:09:10:f6:c9:80:43:59:df:
                    64:5a:c0:6b:be:5d:49:2b:30:ed:fa:3c:6d:eb:0e:
                    60:7c:51:36:9b:11:27:37:f4:5e:f3:d0:ca:8c:3e:
                    5f:2f:35:3d:38:f6:cc:90:ca:b0:90:45:92:8a:38:
                    82:cb:aa:bd:7c:9d:87:b7:33:1c:f3:32:bf:1d:3f:
                    c4:7d:41:7e:06:ad:87:d8:b9:43:56:b9:97:9f:f6:
                    72:25:0f:a8:65:a3:60:08:e1:d5:0f:b7:63:77:72:
                    db:7f:ce:e3:7b:f1:4c:32:86:c8:60:10:8b:4a:21:
                    26:ec:64:e4:94:33:3f:b7:c7:86:27:17:51:b5:94:
                    c0:0d:88:31:14:a1:3e:92:61:2f:00:8e:a0:94:8d:
                    ec:9c:4b:70:94:2d:b0:23:0f:7a:9f:64:9b:7e:85:
                    b6:5a:41:89:a8:3d:50:1a:c6:9e:ce:c9:3d:6c:af:
                    81:14:a7:d9:3b:e7:8e:2f:f4:4e:20:2b:5f:7d:e6:
                    31:a4:2e:76:ad:dc:5f:4b:06:76:15:1e:ee:62:b4:
                    71:ff:ae:9e:cb:e4:b9:b4:08:a5:c3:ae:e8:96:37:
                    dd:15:a8:2a:16:a9:b1:98:dd:ab:ea:d0:3e:b9:22:
                    14:36:e5:82:5c:0c:51:29:e9:ae:08:41:83:b2:32:
                    e7:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:D6:12:84:F2:B6:0D:3F:8A:C8:59:E4:09:BE:9F:37:0E:87:E7:A1
            X509v3 Authority Key Identifier:
                keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/7dYShPK2DT-KyFnkCb6fNw6H56E.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  140.112.0.0/12

    Signature Algorithm: sha256WithRSAEncryption
         60:81:e8:25:5a:0c:3d:40:88:8b:ae:2d:ea:ea:a9:15:84:ef:
         12:2f:96:e4:cc:1d:26:d5:a0:c8:f2:5e:b3:29:98:73:10:2b:
         fa:f3:ea:f0:56:74:cf:c8:b6:b5:85:b9:cc:86:71:d3:28:e6:
         11:da:ff:c9:c8:52:32:77:f1:ea:f9:a3:a2:6d:be:45:8a:27:
         6d:0b:e7:b3:b2:fe:62:41:10:8c:ca:99:e8:e9:8a:58:d4:83:
         eb:0d:d1:78:ff:86:3a:f6:0d:a9:7d:1c:2d:07:5e:23:b6:5b:
         65:61:87:ac:86:ca:f7:6a:ab:e1:17:8c:91:a7:97:55:71:4e:
         ec:15:7a:cf:a5:73:03:fa:dd:9a:03:0a:29:be:c9:04:22:58:
         de:85:37:d7:6d:41:b4:a7:27:90:4a:2d:ed:81:09:73:cb:ba:
         64:4c:63:f4:59:da:70:2a:65:b8:25:eb:eb:94:be:6b:9f:04:
         7d:27:fe:3d:e0:8a:f1:46:2e:59:23:cb:92:bb:5e:8c:4a:4b:
         dc:1f:1d:13:60:07:dc:40:0b:28:ca:d5:02:ee:e1:d9:69:a3:
         97:25:6d:ef:3e:6d:c1:52:7b:eb:ab:d4:24:04:53:7a:9a:e4:
         23:9b:a4:c8:ff:e6:cd:d4:44:58:45:8e:62:1f:7d:16:7a:e6:
         be:c2:44:6c
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDK0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMzA5MDEw
OTU5MzFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEVERDYxMjg0RjJCNjBE
M0Y4QUM4NTlFNDA5QkU5RjM3MEU4N0U3QTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUD69uTmIJEPbJgENZ32RawGu+XUkrMO36PG3rDmB8UTabESc3
9F7z0MqMPl8vNT049syQyrCQRZKKOILLqr18nYe3MxzzMr8dP8R9QX4GrYfYuUNW
uZef9nIlD6hlo2AI4dUPt2N3ctt/zuN78UwyhshgEItKISbsZOSUMz+3x4YnF1G1
lMANiDEUoT6SYS8AjqCUjeycS3CULbAjD3qfZJt+hbZaQYmoPVAaxp7OyT1sr4EU
p9k7544v9E4gK1995jGkLnat3F9LBnYVHu5itHH/rp7L5Lm0CKXDruiWN90VqCoW
qbGY3avq0D65IhQ25YJcDFEp6a4IQYOyMuf9AgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQU7dYShPK2DT+KyFnkCb6fNw6H56EwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC83ZFlTaFBLMkRULUt5Rm5rQ2I2
Zk53Nkg1NkUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMEjHAw
DQYJKoZIhvcNAQELBQADggEBAGCB6CVaDD1AiIuuLerqqRWE7xIvluTMHSbVoMjy
XrMpmHMQK/rz6vBWdM/ItrWFucyGcdMo5hHa/8nIUjJ38er5o6JtvkWKJ20L57Oy
/mJBEIzKmejpiljUg+sN0Xj/hjr2Dal9HC0HXiO2W2Vhh6yGyvdqq+EXjJGnl1Vx
TuwVes+lcwP63ZoDCim+yQQiWN6FN9dtQbSnJ5BKLe2BCXPLumRMY/RZ2nAqZbgl
6+uUvmufBH0n/j3givFGLlkjy5K7XoxKS9wfHRNgB9xACyjK1QLu4dlpo5clbe8+
bcFSe+ur1CQEU3qa5CObpMj/5s3URFhFjmIffRZ65r7CRGw=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:23 2024 by rpki-client on console-fra.rpki-client.org