Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/bMDl4RoefYabAys4hJA6wTgbmpo.roa
File:                     bMDl4RoefYabAys4hJA6wTgbmpo.roa (raw, json)
Hash identifier:          GwLZdPmzOR1jXrtBwYBHuliN2As17c1JesR8V4s/JVs=
Subject key identifier:   6C:C0:E5:E1:1A:1E:7D:86:9B:03:2B:38:84:90:3A:C1:38:1B:9A:9A
Certificate issuer:       /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial:       0CB0
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/bMDl4RoefYabAys4hJA6wTgbmpo.roa
Signing time:             Fri 01 Sep 2023 09:59:33 +0000
ROA not before:           Fri 01 Sep 2023 09:59:33 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     9916
IP address blocks:        140.129.64.0/20 maxlen: 20

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3248 (0xcb0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
        Validity
            Not Before: Sep  1 09:59:33 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=6CC0E5E11A1E7D869B032B3884903AC1381B9A9A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:e4:ce:11:cb:50:d8:59:5c:88:1d:a5:72:75:
                    f0:4e:cd:2f:2d:ad:2f:8a:a9:59:86:ac:1a:bd:e9:
                    11:45:c8:9d:61:ec:95:c2:ad:82:c7:4b:b9:5f:3d:
                    99:d8:2a:a9:ba:94:a6:60:7e:2e:41:64:6c:b5:e5:
                    97:88:09:b8:30:73:de:03:d5:b7:46:ca:06:29:4f:
                    f3:02:5e:28:3a:e4:ba:03:38:df:55:f2:f5:13:ba:
                    e5:44:b1:b0:68:99:3f:f2:dd:28:89:db:e8:3e:b2:
                    5a:8f:47:ae:60:46:01:a3:06:e4:40:7c:3e:5e:1a:
                    fd:82:7d:ae:20:28:28:48:3a:ae:40:0c:76:29:b8:
                    ff:78:26:6d:72:0a:5b:35:b9:67:89:c6:4c:0a:69:
                    20:b2:b2:9c:7c:77:a3:97:56:b3:d9:5c:b9:2c:df:
                    6d:55:05:33:de:30:37:fd:1a:28:5d:43:29:2d:f2:
                    6c:7d:5f:4e:ab:ad:35:a4:eb:6a:3f:a4:c5:01:79:
                    be:e6:66:f3:b8:43:b4:9e:8c:3d:7a:fb:8e:c0:3e:
                    47:99:5a:77:43:9d:b4:39:e6:84:f9:99:d2:51:39:
                    8d:32:40:d6:ed:c1:2b:f2:9d:a0:2e:a0:8d:31:f6:
                    01:91:71:73:4a:01:2f:04:56:ae:d9:2d:ee:88:33:
                    0e:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:C0:E5:E1:1A:1E:7D:86:9B:03:2B:38:84:90:3A:C1:38:1B:9A:9A
            X509v3 Authority Key Identifier:
                keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/bMDl4RoefYabAys4hJA6wTgbmpo.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  140.129.64.0/20

    Signature Algorithm: sha256WithRSAEncryption
         25:d9:de:ed:08:5f:1f:53:c8:48:d5:7f:7f:3e:24:ac:56:d1:
         4d:f3:83:f3:ba:ce:a4:0c:e8:c4:56:4e:45:03:e7:c2:47:77:
         53:7a:3d:fb:3f:c1:5b:bd:4a:50:06:8a:52:e5:43:98:e5:b2:
         35:e8:08:ba:52:da:f6:ab:d9:a8:85:ac:06:cf:e2:30:a3:62:
         af:ea:c0:5c:7a:82:4b:8c:f6:bc:d0:a3:e1:c7:37:a2:09:0c:
         a4:cc:2b:ee:3b:12:3f:7d:07:fc:bd:89:c5:c6:cb:4d:58:5c:
         38:c3:20:b1:7f:be:85:ea:0a:c4:e1:1f:5d:83:5b:7c:03:72:
         46:92:b8:71:3e:6b:aa:7b:77:64:cc:6a:14:07:25:2f:27:73:
         92:de:f2:73:87:91:f2:c3:cf:fe:f9:23:36:df:39:01:73:57:
         7d:40:c7:32:ef:d9:1a:5f:7a:12:3e:a0:cb:25:d9:31:74:7f:
         60:5c:81:c5:24:78:85:88:45:bd:ef:bb:1b:bf:5c:c4:72:c6:
         93:ee:9b:a1:d9:93:f9:52:32:30:a0:67:3f:4f:bc:98:19:44:
         c3:2c:0e:c6:24:6a:e4:eb:29:61:64:ec:b8:8d:6a:9e:97:31:
         4e:2f:ee:96:8f:34:c1:44:1b:bd:a8:0e:5f:f7:61:bb:79:f2:
         c8:38:b4:45
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDLAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMzA5MDEw
OTU5MzNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDZDQzBFNUUxMUExRTdE
ODY5QjAzMkIzODg0OTAzQUMxMzgxQjlBOUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDY5M4Ry1DYWVyIHaVydfBOzS8trS+KqVmGrBq96RFFyJ1h7JXC
rYLHS7lfPZnYKqm6lKZgfi5BZGy15ZeICbgwc94D1bdGygYpT/MCXig65LoDON9V
8vUTuuVEsbBomT/y3SiJ2+g+slqPR65gRgGjBuRAfD5eGv2Cfa4gKChIOq5ADHYp
uP94Jm1yCls1uWeJxkwKaSCyspx8d6OXVrPZXLks321VBTPeMDf9GihdQykt8mx9
X06rrTWk62o/pMUBeb7mZvO4Q7SejD16+47APkeZWndDnbQ55oT5mdJROY0yQNbt
wSvynaAuoI0x9gGRcXNKAS8EVq7ZLe6IMw7XAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUbMDl4RoefYabAys4hJA6wTgbmpowHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9iTURsNFJvZWZZYWJBeXM0aEpB
NndUZ2JtcG8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEjIFA
MA0GCSqGSIb3DQEBCwUAA4IBAQAl2d7tCF8fU8hI1X9/PiSsVtFN84Pzus6kDOjE
Vk5FA+fCR3dTej37P8FbvUpQBopS5UOY5bI16Ai6Utr2q9mohawGz+Iwo2Kv6sBc
eoJLjPa80KPhxzeiCQykzCvuOxI/fQf8vYnFxstNWFw4wyCxf76F6grE4R9dg1t8
A3JGkrhxPmuqe3dkzGoUByUvJ3OS3vJzh5Hyw8/++SM23zkBc1d9QMcy79kaX3oS
PqDLJdkxdH9gXIHFJHiFiEW977sbv1zEcsaT7puh2ZP5UjIwoGc/T7yYGUTDLA7G
JGrk6ylhZOy4jWqelzFOL+6WjzTBRBu9qA5f92G7efLIOLRF
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:23 2024 by rpki-client on console-fra.rpki-client.org