Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/MAsgklt8iE4iSa5WJYz8wd1TV8I.roa
File:                     MAsgklt8iE4iSa5WJYz8wd1TV8I.roa (raw, json)
Hash identifier:          tl19YtyU9+09E1HI+p24UTUYGd2YCyyNY9B3tqvSG1k=
Subject key identifier:   30:0B:20:92:5B:7C:88:4E:22:49:AE:56:25:8C:FC:C1:DD:53:57:C2
Certificate issuer:       /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial:       0D05
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/MAsgklt8iE4iSa5WJYz8wd1TV8I.roa
Signing time:             Fri 01 Sep 2023 09:59:24 +0000
ROA not before:           Fri 01 Sep 2023 09:59:24 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     9916
IP address blocks:        120.126.64.0/19 maxlen: 19

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3333 (0xd05)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
        Validity
            Not Before: Sep  1 09:59:24 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=300B20925B7C884E2249AE56258CFCC1DD5357C2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:cd:a1:6d:90:76:e3:69:ba:33:34:64:a3:a9:
                    6d:ea:e1:0d:72:54:ec:67:49:06:a4:69:e1:d0:0e:
                    72:8e:59:85:2e:7a:6a:33:95:3d:0d:da:e6:a2:e7:
                    85:f3:19:09:5c:90:1d:a6:a7:77:d0:d6:43:44:4e:
                    65:cd:9c:af:eb:85:01:b0:65:eb:67:9e:b0:15:48:
                    f7:a8:09:bb:3c:ac:0a:d1:40:ff:58:85:a6:9a:0d:
                    40:62:5d:a5:80:7f:bb:b2:e3:cc:c7:aa:14:c5:db:
                    56:3c:e4:10:b4:e8:54:40:9e:7b:9e:b1:79:e2:8a:
                    db:dc:3b:9e:f9:34:39:32:6c:9b:78:35:bc:4a:39:
                    43:a3:5d:ac:60:fb:01:67:12:f4:c1:50:30:97:4e:
                    18:23:5c:e1:d9:90:54:21:4d:1a:bc:b1:d1:f4:6a:
                    24:71:ca:09:d9:75:5c:6d:6f:ff:06:25:7e:e8:ce:
                    66:ac:46:49:de:6f:30:73:07:e1:3e:06:c2:99:3b:
                    fd:e4:d2:2d:93:a4:a2:a7:58:7d:aa:95:03:f7:f1:
                    67:05:97:b7:5c:5c:07:b2:f2:01:18:a1:72:f0:ec:
                    1b:b9:c3:4d:37:7f:e3:2d:0c:4f:bf:61:fa:bf:7e:
                    65:37:1e:83:3f:63:4e:5f:8b:07:c8:1d:33:bb:ce:
                    9d:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:0B:20:92:5B:7C:88:4E:22:49:AE:56:25:8C:FC:C1:DD:53:57:C2
            X509v3 Authority Key Identifier:
                keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/MAsgklt8iE4iSa5WJYz8wd1TV8I.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  120.126.64.0/19

    Signature Algorithm: sha256WithRSAEncryption
         19:c8:c5:e0:7e:89:4c:d0:08:70:ce:25:08:74:d7:4e:58:da:
         b6:56:b3:70:99:d9:9f:38:6b:e3:c9:21:12:ac:d0:c9:d7:44:
         ab:ee:4f:62:41:22:fd:54:43:af:13:47:cf:37:08:ab:2c:88:
         74:97:85:58:6f:47:6c:6b:7c:fc:96:a3:81:2f:6d:ad:e1:3d:
         0a:3d:57:40:a9:00:e0:0c:98:d0:06:42:a7:7e:f8:14:c4:6b:
         ff:b2:b7:b8:d4:db:ab:07:9d:9b:d9:f8:de:3f:7a:aa:98:85:
         a5:8d:96:25:a7:27:b5:dc:2a:b4:98:4b:31:af:28:a9:8e:14:
         89:c7:22:5a:8c:d4:08:1a:2e:4a:f0:53:19:fb:7e:0a:d9:83:
         2b:7c:28:c4:3d:80:4a:cb:f0:f0:0c:b4:08:06:89:b2:bd:d8:
         4f:1f:6d:4c:ad:8d:4e:91:48:a6:c7:08:c1:82:85:5c:8e:63:
         5a:5b:41:01:ca:9e:33:bc:a4:ec:d9:e6:79:72:d0:94:58:48:
         8c:bc:de:cc:d7:df:ca:ec:2d:cb:6c:36:26:20:ae:61:2b:f1:
         5b:01:20:8a:00:24:5f:c5:02:5c:28:21:6c:55:84:6a:ab:df:
         52:6c:b3:a4:ce:dd:88:b7:69:cd:6e:02:29:e1:5e:13:df:c2:
         9c:c1:63:11
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDQUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMzA5MDEw
OTU5MjRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDMwMEIyMDkyNUI3Qzg4
NEUyMjQ5QUU1NjI1OENGQ0MxREQ1MzU3QzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCszaFtkHbjabozNGSjqW3q4Q1yVOxnSQakaeHQDnKOWYUuemoz
lT0N2uai54XzGQlckB2mp3fQ1kNETmXNnK/rhQGwZetnnrAVSPeoCbs8rArRQP9Y
haaaDUBiXaWAf7uy48zHqhTF21Y85BC06FRAnnuesXniitvcO575NDkybJt4NbxK
OUOjXaxg+wFnEvTBUDCXThgjXOHZkFQhTRq8sdH0aiRxygnZdVxtb/8GJX7ozmas
RknebzBzB+E+BsKZO/3k0i2TpKKnWH2qlQP38WcFl7dcXAey8gEYoXLw7Bu5w003
f+MtDE+/Yfq/fmU3HoM/Y05fiwfIHTO7zp0NAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUMAsgklt8iE4iSa5WJYz8wd1TV8IwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9NQXNna2x0OGlFNGlTYTVXSll6
OHdkMVRWOEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFeH5A
MA0GCSqGSIb3DQEBCwUAA4IBAQAZyMXgfolM0AhwziUIdNdOWNq2VrNwmdmfOGvj
ySESrNDJ10Sr7k9iQSL9VEOvE0fPNwirLIh0l4VYb0dsa3z8lqOBL22t4T0KPVdA
qQDgDJjQBkKnfvgUxGv/sre41NurB52b2fjeP3qqmIWljZYlpye13Cq0mEsxryip
jhSJxyJajNQIGi5K8FMZ+34K2YMrfCjEPYBKy/DwDLQIBomyvdhPH21MrY1OkUim
xwjBgoVcjmNaW0EByp4zvKTs2eZ5ctCUWEiMvN7M19/K7C3LbDYmIK5hK/FbASCK
ACRfxQJcKCFsVYRqq99SbLOkzt2It2nNbgIp4V4T38KcwWMR
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:23 2024 by rpki-client on console-fra.rpki-client.org