Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TINP/NwZOPr5Aw4gedUm-a9O_64ZPvtw.roa
File:                     NwZOPr5Aw4gedUm-a9O_64ZPvtw.roa (raw, json)
Hash identifier:          RRZNn9TnPzzV8baaLNudU0fjp5jowtMp+biZ59tz4/U=
Subject key identifier:   37:06:4E:3E:BE:40:C3:88:1E:75:49:BE:6B:D3:BF:EB:86:4F:BE:DC
Certificate issuer:       /CN=E02582B027E57038EA00A3E8484D55DEEA2E1A2A
Certificate serial:       0BAC
Authority key identifier: E0:25:82:B0:27:E5:70:38:EA:00:A3:E8:48:4D:55:DE:EA:2E:1A:2A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/4CWCsCflcDjqAKPoSE1V3uouGio.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TINP/NwZOPr5Aw4gedUm-a9O_64ZPvtw.roa
Signing time:             Fri 01 Sep 2023 10:01:10 +0000
ROA not before:           Fri 01 Sep 2023 10:01:10 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     18049
IP address blocks:        103.180.22.0/23 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2988 (0xbac)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E02582B027E57038EA00A3E8484D55DEEA2E1A2A
        Validity
            Not Before: Sep  1 10:01:10 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=37064E3EBE40C3881E7549BE6BD3BFEB864FBEDC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:e3:de:79:0f:6f:1d:6f:06:26:25:ab:d7:ab:
                    e1:31:5d:7c:17:8d:ac:d8:da:67:47:f0:87:38:67:
                    2f:67:d4:de:ce:74:7c:fb:1c:41:d1:27:bc:4b:d8:
                    f1:02:8c:80:42:94:06:44:38:04:06:b0:9b:76:01:
                    40:ea:13:93:6f:ca:34:88:47:d4:d1:29:6a:93:31:
                    46:09:99:ae:3b:4e:1b:c0:3e:2e:82:3c:de:27:63:
                    9f:33:94:91:df:83:ac:ce:4a:bf:8d:f4:6c:c6:3e:
                    8a:9c:3d:a9:d7:33:38:ba:59:9d:10:d4:e8:8b:8e:
                    57:1d:a6:50:61:68:d0:b9:9a:95:80:9b:09:51:e9:
                    ed:1e:b3:cf:a2:b6:a0:a3:5f:2a:85:33:ba:4b:04:
                    5e:78:52:ef:2b:ca:d6:0a:8f:47:09:4b:ca:03:35:
                    08:aa:7b:b9:45:9e:93:27:bd:bd:e0:10:4b:1f:b7:
                    7a:8b:68:3d:8f:a8:40:28:59:bc:9f:35:78:cd:a1:
                    7d:dd:d0:bf:1b:26:38:8f:7a:ad:a3:06:cb:06:e6:
                    53:6d:83:2d:1d:27:d6:60:65:97:af:b5:46:5e:72:
                    8f:b1:85:07:d4:a5:75:79:27:a6:82:6d:6b:45:dd:
                    38:e0:42:7c:72:70:7b:cf:7a:e4:08:b9:30:d2:75:
                    b5:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:06:4E:3E:BE:40:C3:88:1E:75:49:BE:6B:D3:BF:EB:86:4F:BE:DC
            X509v3 Authority Key Identifier:
                keyid:E0:25:82:B0:27:E5:70:38:EA:00:A3:E8:48:4D:55:DE:EA:2E:1A:2A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TINP/4CWCsCflcDjqAKPoSE1V3uouGio.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4CWCsCflcDjqAKPoSE1V3uouGio.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TINP/NwZOPr5Aw4gedUm-a9O_64ZPvtw.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.180.22.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a5:e8:51:7e:45:4c:70:20:05:df:9f:11:b6:31:ba:a2:fe:23:
         8d:9c:53:4f:50:1b:88:d4:48:80:eb:d2:7f:a5:4b:86:31:6d:
         58:f5:fe:1b:14:ff:53:17:75:e1:8a:3f:b7:43:56:88:d5:84:
         1f:63:6f:73:ef:86:64:5c:9b:aa:e2:f7:29:89:62:08:e1:01:
         d0:cf:ad:68:20:51:1a:4e:37:96:e0:38:b6:3c:06:c4:7e:2f:
         78:26:be:61:c6:f4:08:16:c2:37:97:60:8e:ec:a7:fa:93:ae:
         79:7d:0d:e5:f0:54:05:86:f4:c9:f8:49:59:15:51:4b:2f:a6:
         23:aa:ff:6d:ce:8c:8e:d2:3f:8b:00:89:5e:49:d9:2a:18:a3:
         8b:30:72:40:88:cb:09:6c:e8:82:bb:4d:b5:58:4f:e6:46:ae:
         99:aa:be:17:e7:23:ef:77:28:a3:40:7e:b3:14:4c:57:d4:00:
         44:cb:a3:3a:59:0d:15:34:19:35:9d:ea:eb:21:8b:a7:fb:bf:
         a1:8f:ae:3c:e3:05:fa:59:38:07:6b:03:ec:97:78:10:17:54:
         67:82:15:78:54:ec:db:72:e2:fb:87:0e:3f:31:98:66:1a:d2:
         5a:1c:ea:29:1d:88:91:28:16:39:d5:0b:f5:16:04:7b:64:d1:
         10:bf:75:f1
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC6wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTAy
NTgyQjAyN0U1NzAzOEVBMDBBM0U4NDg0RDU1REVFQTJFMUEyQTAeFw0yMzA5MDEx
MDAxMTBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDM3MDY0RTNFQkU0MEMz
ODgxRTc1NDlCRTZCRDNCRkVCODY0RkJFREMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCq4955D28dbwYmJavXq+ExXXwXjazY2mdH8Ic4Zy9n1N7OdHz7
HEHRJ7xL2PECjIBClAZEOAQGsJt2AUDqE5NvyjSIR9TRKWqTMUYJma47ThvAPi6C
PN4nY58zlJHfg6zOSr+N9GzGPoqcPanXMzi6WZ0Q1OiLjlcdplBhaNC5mpWAmwlR
6e0es8+itqCjXyqFM7pLBF54Uu8rytYKj0cJS8oDNQiqe7lFnpMnvb3gEEsft3qL
aD2PqEAoWbyfNXjNoX3d0L8bJjiPeq2jBssG5lNtgy0dJ9ZgZZevtUZeco+xhQfU
pXV5J6aCbWtF3TjgQnxycHvPeuQIuTDSdbVPAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUNwZOPr5Aw4gedUm+a9O/64ZPvtwwHwYDVR0jBBgwFoAU4CWCsCflcDjqAKPo
SE1V3uouGiowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElOUC80
Q1dDc0NmbGNEanFBS1BvU0UxVjN1b3VHaW8uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
LzRDV0NzQ2ZsY0RqcUFLUG9TRTFWM3VvdUdpby5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RJTlAvTndaT1ByNUF3NGdlZFVtLWE5T182
NFpQdnR3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWe0FjAN
BgkqhkiG9w0BAQsFAAOCAQEApehRfkVMcCAF358RtjG6ov4jjZxTT1AbiNRIgOvS
f6VLhjFtWPX+GxT/Uxd14Yo/t0NWiNWEH2Nvc++GZFybquL3KYliCOEB0M+taCBR
Gk43luA4tjwGxH4veCa+Ycb0CBbCN5dgjuyn+pOueX0N5fBUBYb0yfhJWRVRSy+m
I6r/bc6MjtI/iwCJXknZKhijizByQIjLCWzogrtNtVhP5kaumaq+F+cj73coo0B+
sxRMV9QARMujOlkNFTQZNZ3q6yGLp/u/oY+uPOMF+lk4B2sD7Jd4EBdUZ4IVeFTs
23Li+4cOPzGYZhrSWhzqKR2IkSgWOdUL9RYEe2TREL918Q==
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:17 2024 by rpki-client on console-ams.rpki-client.org