Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/KVSZJI5JetPJnKf9DIvafnmrXnc.roa
File:                     KVSZJI5JetPJnKf9DIvafnmrXnc.roa (raw, json)
Hash identifier:          8Cv4NidfpoLYTCus1L9bd2SB0+V8rT8P5VOQR95GFKM=
Subject key identifier:   29:54:99:24:8E:49:7A:D3:C9:9C:A7:FD:0C:8B:DA:7E:79:AB:5E:77
Certificate issuer:       /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial:       0CAB
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/KVSZJI5JetPJnKf9DIvafnmrXnc.roa
Signing time:             Fri 01 Sep 2023 09:59:30 +0000
ROA not before:           Fri 01 Sep 2023 09:59:30 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     9264
IP address blocks:        140.109.0.0/16 maxlen: 16

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3243 (0xcab)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
        Validity
            Not Before: Sep  1 09:59:30 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=295499248E497AD3C99CA7FD0C8BDA7E79AB5E77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:ef:86:7d:c6:4f:c2:04:ae:87:32:d4:d5:5a:
                    9c:1c:8d:87:49:9f:68:7b:3a:99:5f:84:0c:96:16:
                    94:b1:29:93:22:77:7b:15:04:69:1d:ae:3f:ce:82:
                    2b:a5:2e:55:5f:3b:e4:24:ab:76:e9:18:dc:a5:bc:
                    9c:e9:00:34:27:ae:d9:e4:d7:8c:cc:16:6b:10:ad:
                    5e:bd:9c:76:c8:2b:e7:9a:00:ec:08:dc:53:43:8f:
                    c2:03:43:b8:0c:7c:6a:e0:63:b7:a9:d4:6a:87:32:
                    6a:86:32:85:c2:92:c0:aa:92:e9:e5:46:91:fe:a3:
                    98:04:21:a5:e8:78:85:7e:3b:17:62:28:05:7c:a2:
                    f3:ea:7a:0e:9b:c2:24:bb:2d:e4:1e:9b:25:0a:fa:
                    6c:ab:78:86:08:43:5d:c1:46:1e:1b:bb:08:27:fb:
                    b7:67:be:af:21:57:94:6e:84:66:c2:c4:64:1c:c8:
                    1b:41:88:a3:7f:0f:26:28:59:3e:f0:80:c8:08:7e:
                    db:ce:b9:f0:c2:54:2c:38:aa:ac:26:da:5a:82:42:
                    60:c9:af:ea:1a:5f:1f:f2:cd:cf:2a:58:2e:e3:db:
                    d6:0d:4d:b5:38:3d:63:e9:86:9d:37:e6:15:8c:7b:
                    7b:19:a3:fb:78:41:77:4d:df:f4:e5:af:b2:08:e8:
                    c4:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:54:99:24:8E:49:7A:D3:C9:9C:A7:FD:0C:8B:DA:7E:79:AB:5E:77
            X509v3 Authority Key Identifier:
                keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/KVSZJI5JetPJnKf9DIvafnmrXnc.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  140.109.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         a2:11:b8:21:c8:75:24:18:04:7d:76:0b:80:fa:17:7c:2c:19:
         03:76:79:f1:2b:4c:da:9f:53:bf:b3:48:83:0c:33:91:f1:a7:
         41:7e:b4:87:d6:0b:8d:e7:9c:13:1d:ed:d2:df:90:6b:0f:7b:
         ac:4a:1e:c7:66:b5:58:7b:7d:5b:39:e2:1d:99:de:3c:fe:e1:
         f8:96:8a:87:7d:a7:09:c6:71:6d:1c:9f:19:c6:77:0d:a0:a5:
         6c:87:7c:98:eb:1c:7f:da:98:a3:43:f2:68:36:86:1e:a6:0d:
         6c:bb:70:b8:30:be:7c:e4:a0:4c:47:f7:4c:09:31:74:67:12:
         bc:91:50:48:f4:d5:84:77:c2:e1:20:9f:62:e7:d8:df:9f:05:
         47:11:97:d1:ed:4d:a7:46:e7:88:0f:d9:45:24:91:c9:82:4f:
         ef:d0:61:27:9f:8f:8f:f7:76:16:a5:05:c9:73:41:8e:45:69:
         3b:12:67:fd:79:71:99:07:42:30:8a:83:c9:4e:6f:36:cf:96:
         e8:0c:5c:e9:f8:73:2c:62:4d:b1:17:e0:39:e8:4d:19:37:a9:
         a0:5a:c7:da:c8:9e:93:aa:ad:3b:b9:68:2b:93:74:b9:06:41:
         17:9e:25:2b:5c:4d:af:02:72:67:60:e9:60:a2:6f:a1:1d:c6:
         56:3d:97:99
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDKswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMzA5MDEw
OTU5MzBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDI5NTQ5OTI0OEU0OTdB
RDNDOTlDQTdGRDBDOEJEQTdFNzlBQjVFNzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCs74Z9xk/CBK6HMtTVWpwcjYdJn2h7OplfhAyWFpSxKZMid3sV
BGkdrj/OgiulLlVfO+Qkq3bpGNylvJzpADQnrtnk14zMFmsQrV69nHbIK+eaAOwI
3FNDj8IDQ7gMfGrgY7ep1GqHMmqGMoXCksCqkunlRpH+o5gEIaXoeIV+OxdiKAV8
ovPqeg6bwiS7LeQemyUK+myreIYIQ13BRh4buwgn+7dnvq8hV5RuhGbCxGQcyBtB
iKN/DyYoWT7wgMgIftvOufDCVCw4qqwm2lqCQmDJr+oaXx/yzc8qWC7j29YNTbU4
PWPphp035hWMe3sZo/t4QXdN3/Tlr7II6MT7AgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUKVSZJI5JetPJnKf9DIvafnmrXncwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9LVlNaSkk1SmV0UEpuS2Y5REl2
YWZubXJYbmMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjG0w
DQYJKoZIhvcNAQELBQADggEBAKIRuCHIdSQYBH12C4D6F3wsGQN2efErTNqfU7+z
SIMMM5Hxp0F+tIfWC43nnBMd7dLfkGsPe6xKHsdmtVh7fVs54h2Z3jz+4fiWiod9
pwnGcW0cnxnGdw2gpWyHfJjrHH/amKND8mg2hh6mDWy7cLgwvnzkoExH90wJMXRn
EryRUEj01YR3wuEgn2Ln2N+fBUcRl9HtTadG54gP2UUkkcmCT+/QYSefj4/3dhal
BclzQY5FaTsSZ/15cZkHQjCKg8lObzbPlugMXOn4cyxiTbEX4DnoTRk3qaBax9rI
npOqrTu5aCuTdLkGQReeJStcTa8Ccmdg6WCib6EdxlY9l5k=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:16 2024 by rpki-client on console-ams.rpki-client.org