Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/qbIzXggCjdQS9scq9hMt3RDGsqA.roa
File:                     qbIzXggCjdQS9scq9hMt3RDGsqA.roa (raw, json)
Hash identifier:          oWMGlKHQHwTWc/YJ2JCOj0OWSp62Kp8GOVC0W3WaPIE=
Subject key identifier:   A9:B2:33:5E:08:02:8D:D4:12:F6:C7:2A:F6:13:2D:DD:10:C6:B2:A0
Certificate issuer:       /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial:       0CA5
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/qbIzXggCjdQS9scq9hMt3RDGsqA.roa
Signing time:             Fri 01 Sep 2023 09:59:27 +0000
ROA not before:           Fri 01 Sep 2023 09:59:27 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     17713
IP address blocks:        140.117.0.0/16 maxlen: 16

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3237 (0xca5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
        Validity
            Not Before: Sep  1 09:59:27 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=A9B2335E08028DD412F6C72AF6132DDD10C6B2A0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:c1:4e:c0:6a:2b:26:3d:75:bb:95:d3:d6:41:
                    3c:37:10:7f:e1:d5:16:59:ab:19:85:28:0a:46:2a:
                    9b:37:af:90:e4:71:4e:6e:91:3d:28:a6:d2:7e:d1:
                    37:d9:40:e7:cf:3e:65:00:33:e1:50:65:1e:19:aa:
                    c4:ee:87:6c:3f:1d:75:f5:c2:1a:a7:83:b4:a7:d4:
                    ba:79:8e:10:92:1e:24:0f:ec:61:e9:c3:97:f5:8e:
                    6c:a3:eb:f9:bb:7b:72:cf:66:d0:a4:b8:fc:2a:4d:
                    75:c7:a9:7a:9e:86:b5:33:89:34:ef:fb:ab:b0:b2:
                    e2:16:02:2c:40:a3:f8:0b:b4:22:3e:82:c4:18:da:
                    10:b7:ad:ec:75:27:4e:02:f7:bf:19:b3:59:14:dc:
                    c4:8f:73:3b:75:8a:96:b1:ac:ed:dd:d9:a9:4b:ef:
                    d6:79:cd:02:f7:19:25:aa:48:05:b3:8b:d3:88:d4:
                    97:62:a4:19:9a:28:ef:43:d0:98:db:72:74:1d:58:
                    6e:88:c1:78:01:71:14:91:c8:e2:ec:6f:03:91:11:
                    a6:45:d3:fb:2b:27:b7:2d:58:20:65:50:25:2b:29:
                    aa:7b:4a:00:4f:93:c1:ef:12:38:54:40:54:9b:14:
                    62:f3:61:9c:3b:10:57:b3:a3:19:a8:b3:30:1e:d3:
                    60:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:B2:33:5E:08:02:8D:D4:12:F6:C7:2A:F6:13:2D:DD:10:C6:B2:A0
            X509v3 Authority Key Identifier:
                keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/qbIzXggCjdQS9scq9hMt3RDGsqA.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  140.117.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         9d:db:fb:fc:84:a5:51:e8:02:9b:e6:24:cd:28:a7:77:f2:a3:
         62:41:0f:8b:09:6c:2a:bd:80:51:d7:66:16:0a:1c:63:1b:3e:
         9a:de:4e:de:19:49:8a:2b:42:3e:2a:f8:32:5e:d7:f2:60:f9:
         97:72:16:d0:12:be:52:ee:37:fd:d2:57:24:20:4d:6a:90:82:
         e0:5c:34:4f:fc:79:33:55:f5:3e:bd:d7:c4:f0:90:58:da:24:
         f6:44:32:31:bd:c8:b2:3c:de:0b:3f:d1:a4:93:68:c0:3a:bf:
         09:21:a6:79:d8:e9:90:10:97:e6:31:0e:0e:26:ee:c8:1f:f9:
         e7:06:24:32:f9:e2:05:f0:8b:f3:41:56:19:88:bb:f7:a7:d9:
         d4:4d:18:d0:71:d2:40:77:17:2c:66:55:3f:3a:e2:d0:c0:33:
         5c:c0:72:8e:11:a9:6b:ab:a6:67:99:dd:36:a6:cf:d4:b2:52:
         73:60:a6:ca:61:3c:e3:2a:35:51:e5:c4:c6:ab:a1:c5:13:43:
         52:96:97:2f:ac:fe:28:c9:65:80:93:d0:dc:57:00:72:61:c9:
         b6:29:56:57:54:1b:f0:cb:17:02:26:3e:99:28:71:ae:91:59:
         36:9e:e5:fd:06:d7:88:97:e4:d7:e1:14:4b:79:a4:26:be:21:
         57:43:0b:e9
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDKUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMzA5MDEw
OTU5MjdaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEE5QjIzMzVFMDgwMjhE
RDQxMkY2QzcyQUY2MTMyREREMTBDNkIyQTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8wU7AaismPXW7ldPWQTw3EH/h1RZZqxmFKApGKps3r5DkcU5u
kT0optJ+0TfZQOfPPmUAM+FQZR4ZqsTuh2w/HXX1whqng7Sn1Lp5jhCSHiQP7GHp
w5f1jmyj6/m7e3LPZtCkuPwqTXXHqXqehrUziTTv+6uwsuIWAixAo/gLtCI+gsQY
2hC3rex1J04C978Zs1kU3MSPczt1ipaxrO3d2alL79Z5zQL3GSWqSAWzi9OI1Jdi
pBmaKO9D0JjbcnQdWG6IwXgBcRSRyOLsbwOREaZF0/srJ7ctWCBlUCUrKap7SgBP
k8HvEjhUQFSbFGLzYZw7EFezoxmoszAe02DrAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUqbIzXggCjdQS9scq9hMt3RDGsqAwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9xYkl6WGdnQ2pkUVM5c2NxOWhN
dDNSREdzcUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjHUw
DQYJKoZIhvcNAQELBQADggEBAJ3b+/yEpVHoApvmJM0op3fyo2JBD4sJbCq9gFHX
ZhYKHGMbPpreTt4ZSYorQj4q+DJe1/Jg+ZdyFtASvlLuN/3SVyQgTWqQguBcNE/8
eTNV9T6918TwkFjaJPZEMjG9yLI83gs/0aSTaMA6vwkhpnnY6ZAQl+YxDg4m7sgf
+ecGJDL54gXwi/NBVhmIu/en2dRNGNBx0kB3FyxmVT864tDAM1zAco4RqWurpmeZ
3Tamz9SyUnNgpsphPOMqNVHlxMarocUTQ1KWly+s/ijJZYCT0NxXAHJhybYpVldU
G/DLFwImPpkoca6RWTae5f0G14iX5NfhFEt5pCa+IVdDC+k=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:16 2024 by rpki-client on console-ams.rpki-client.org