Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/YQvAWktT-b5VdMOV0TE10wtcQkg.roa
File:                     YQvAWktT-b5VdMOV0TE10wtcQkg.roa (raw, json)
Hash identifier:          4QBTePFJP+IilAMyTvxwLekdWD8SrV6sGntLq921YzQ=
Subject key identifier:   61:0B:C0:5A:4B:53:F9:BE:55:74:C3:95:D1:31:35:D3:0B:5C:42:48
Certificate issuer:       /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial:       0CFC
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/YQvAWktT-b5VdMOV0TE10wtcQkg.roa
Signing time:             Fri 01 Sep 2023 09:59:19 +0000
ROA not before:           Fri 01 Sep 2023 09:59:19 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     17716
IP address blocks:        120.96.248.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3324 (0xcfc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
        Validity
            Not Before: Sep  1 09:59:19 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=610BC05A4B53F9BE5574C395D13135D30B5C4248
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:18:52:c2:e4:7a:8e:b7:b4:94:62:fb:c3:3b:
                    35:20:76:5d:5d:35:31:24:ce:e6:42:47:02:4a:76:
                    43:49:81:c5:30:32:fe:1f:67:bb:d5:bd:fe:ea:a5:
                    6d:34:9e:ac:52:87:5f:e6:e8:0c:89:08:83:14:c6:
                    d9:70:a5:45:da:ad:7f:1a:61:7b:10:6e:77:6c:1a:
                    1e:d9:5a:e2:e2:7b:b5:16:f1:39:3b:19:9c:c6:01:
                    61:18:4c:84:32:9e:02:a8:4b:82:ac:d1:53:be:28:
                    1f:ec:34:0d:d5:0c:60:24:0b:39:5e:b5:42:df:1e:
                    c7:dc:f7:a7:47:8c:f6:b3:cc:13:ad:98:4b:00:ed:
                    a9:7f:96:83:41:38:e2:fc:93:5d:dc:94:66:c7:ec:
                    da:ae:3a:0b:58:2f:41:2a:86:ae:0f:ef:f1:84:9a:
                    cd:f7:4f:1b:01:98:34:4a:4a:3f:3f:32:9c:22:fd:
                    52:d0:0a:a4:2b:a5:42:22:1f:08:db:82:c2:6e:bb:
                    e2:65:51:95:8d:fb:67:92:7f:8b:ed:12:6f:2a:71:
                    e5:f9:17:f0:6e:38:85:69:c3:f5:28:8c:d7:30:10:
                    41:1c:25:2a:f6:ad:16:46:34:03:8a:1d:e8:4e:1d:
                    a9:5a:2e:78:a4:d4:1c:eb:dc:0b:5b:dd:13:50:16:
                    1a:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:0B:C0:5A:4B:53:F9:BE:55:74:C3:95:D1:31:35:D3:0B:5C:42:48
            X509v3 Authority Key Identifier:
                keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/YQvAWktT-b5VdMOV0TE10wtcQkg.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  120.96.248.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4f:eb:8f:19:0a:64:0c:64:32:4e:3d:32:95:8a:37:5f:24:63:
         ee:d2:10:cc:e9:0d:3a:cc:b4:1a:a2:62:4a:49:cf:8a:ea:7a:
         a9:4f:45:46:e6:fb:cb:df:7c:e3:c7:7d:11:d2:ee:cd:7c:03:
         0f:be:fc:0c:5d:93:e8:34:5c:b4:1b:dc:2a:c6:10:98:2b:94:
         c3:8b:5d:86:a0:ee:05:d9:85:56:69:73:86:31:73:ab:74:f3:
         9a:cc:31:8e:ca:43:4f:66:26:b4:d9:7b:61:99:b3:44:d6:6c:
         17:1f:89:a7:69:e2:1f:11:ea:05:3a:29:c5:8d:aa:08:58:9f:
         c0:87:85:b4:98:8e:ac:d7:da:cc:b2:5e:4d:df:20:b5:82:06:
         29:7e:89:d2:a7:b9:57:14:2f:a0:5c:a8:f9:0b:eb:53:69:80:
         87:f5:34:54:1a:d4:40:9b:5e:63:c1:6f:23:af:c3:e2:6b:97:
         4b:84:80:5f:9e:ee:e0:a5:c9:cb:49:27:20:8f:ee:2f:e4:69:
         fb:45:05:56:92:0e:91:2f:b6:c1:3d:63:73:fd:0c:3f:b8:0f:
         3b:f4:81:35:84:42:e0:3b:da:8a:4e:3d:a4:9b:2b:0a:cf:e4:
         32:e1:3a:e7:78:b6:31:98:bf:10:71:44:ba:12:ba:f9:48:99:
         5c:ac:22:b3
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDPwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMzA5MDEw
OTU5MTlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDYxMEJDMDVBNEI1M0Y5
QkU1NTc0QzM5NUQxMzEzNUQzMEI1QzQyNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKGFLC5HqOt7SUYvvDOzUgdl1dNTEkzuZCRwJKdkNJgcUwMv4f
Z7vVvf7qpW00nqxSh1/m6AyJCIMUxtlwpUXarX8aYXsQbndsGh7ZWuLie7UW8Tk7
GZzGAWEYTIQyngKoS4Ks0VO+KB/sNA3VDGAkCzletULfHsfc96dHjPazzBOtmEsA
7al/loNBOOL8k13clGbH7NquOgtYL0Eqhq4P7/GEms33TxsBmDRKSj8/Mpwi/VLQ
CqQrpUIiHwjbgsJuu+JlUZWN+2eSf4vtEm8qceX5F/BuOIVpw/UojNcwEEEcJSr2
rRZGNAOKHehOHalaLnik1Bzr3Atb3RNQFhrbAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUYQvAWktT+b5VdMOV0TE10wtcQkgwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9ZUXZBV2t0VC1iNVZkTU9WMFRF
MTB3dGNRa2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCeGD4
MA0GCSqGSIb3DQEBCwUAA4IBAQBP648ZCmQMZDJOPTKVijdfJGPu0hDM6Q06zLQa
omJKSc+K6nqpT0VG5vvL33zjx30R0u7NfAMPvvwMXZPoNFy0G9wqxhCYK5TDi12G
oO4F2YVWaXOGMXOrdPOazDGOykNPZia02XthmbNE1mwXH4mnaeIfEeoFOinFjaoI
WJ/Ah4W0mI6s19rMsl5N3yC1ggYpfonSp7lXFC+gXKj5C+tTaYCH9TRUGtRAm15j
wW8jr8Pia5dLhIBfnu7gpcnLSScgj+4v5Gn7RQVWkg6RL7bBPWNz/Qw/uA879IE1
hELgO9qKTj2kmysKz+Qy4TrneLYxmL8QcUS6Err5SJlcrCKz
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:16 2024 by rpki-client on console-ams.rpki-client.org