Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/C1lTjX9eQ_c_mMLnPdLRDNz1VP8.roa
File:                     C1lTjX9eQ_c_mMLnPdLRDNz1VP8.roa (raw, json)
Hash identifier:          cUp4u0a4Xh3LSWPSBF3BaBPmyNCi0onI3QK8oyAoPqI=
Subject key identifier:   0B:59:53:8D:7F:5E:43:F7:3F:98:C2:E7:3D:D2:D1:0C:DC:F5:54:FF
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       28C5
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/C1lTjX9eQ_c_mMLnPdLRDNz1VP8.roa
Signing time:             Fri 01 Sep 2023 10:05:44 +0000
ROA not before:           Fri 01 Sep 2023 10:05:44 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     38841
IP address blocks:        123.194.204.0/26 maxlen: 26

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10437 (0x28c5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Sep  1 10:05:44 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=0B59538D7F5E43F73F98C2E73DD2D10CDCF554FF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:ae:32:a9:ca:01:9d:65:3d:14:04:6e:ca:c3:
                    23:ba:eb:2c:ae:91:3e:e9:9a:9d:3e:50:2e:8b:ab:
                    ca:ed:9f:15:fa:03:97:5c:a2:f8:c5:00:2b:f4:5c:
                    40:03:14:c1:df:53:30:79:77:86:61:92:ae:52:43:
                    49:d7:43:aa:35:b2:49:12:f8:63:c3:32:b7:34:d7:
                    07:ab:ab:f6:1c:c1:92:ad:ee:4f:6d:8f:ed:5d:e9:
                    41:25:95:63:36:ca:6c:1d:c3:c4:65:56:f3:97:4b:
                    7b:8d:f7:8f:c5:f7:a8:3d:d3:e2:93:ed:04:b3:75:
                    46:6c:86:68:1b:ef:a1:50:ff:31:d0:9a:41:8f:08:
                    6a:4f:6b:08:05:ab:7d:67:b3:5b:6c:03:4f:6e:d0:
                    0c:f7:8b:2c:fc:f2:95:3b:6a:36:f1:43:f5:77:71:
                    b2:b9:fd:30:b1:73:da:6e:b6:3d:1a:92:65:26:95:
                    e5:98:57:cf:68:2a:f0:a1:2c:4f:e2:29:07:93:2e:
                    68:82:6c:3d:20:e8:61:fa:24:b1:60:11:0d:e1:19:
                    4a:a6:d4:8a:cf:2f:ad:a5:7a:42:6a:a9:2f:c1:f9:
                    31:43:e4:c4:b6:bd:c6:fb:90:67:9f:42:69:0a:1f:
                    f6:23:e5:32:6c:20:97:59:d6:18:1a:25:96:e3:f2:
                    68:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:59:53:8D:7F:5E:43:F7:3F:98:C2:E7:3D:D2:D1:0C:DC:F5:54:FF
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/C1lTjX9eQ_c_mMLnPdLRDNz1VP8.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.194.204.0/26

    Signature Algorithm: sha256WithRSAEncryption
         83:72:64:a4:07:9d:b0:18:06:fa:a9:55:b1:0f:c0:0f:ba:fd:
         17:d3:5f:77:76:8a:59:55:15:b5:6d:d9:bc:5c:85:e5:85:c9:
         74:e3:94:77:ac:4c:c7:f7:74:c4:fb:88:fc:ca:d3:0f:b0:9a:
         b8:b0:2e:a1:94:e7:1e:cc:12:11:0d:4c:fd:49:a5:47:ef:8b:
         16:f7:81:16:b4:81:db:f7:08:27:81:83:fd:89:34:a7:f5:f8:
         e6:bc:c9:24:72:4d:4a:0f:79:b3:34:ca:cd:21:f2:9c:b1:3e:
         6a:d5:48:bc:f9:db:46:3e:d4:97:f9:80:1f:20:5c:0d:81:33:
         e1:d4:ac:4a:cd:e8:26:95:cc:02:77:69:d6:69:2f:33:b9:f8:
         90:c5:77:8b:fb:d5:07:b6:d8:31:73:14:18:93:b5:87:6c:3b:
         7a:7c:5f:8e:0c:51:75:1f:ba:bc:9d:0c:6d:fc:4a:72:1d:0a:
         fb:33:d4:05:e4:39:42:96:55:e9:5e:e9:34:23:2f:85:ef:81:
         24:56:f4:5e:9e:12:d1:96:18:57:1a:8e:dd:44:01:fd:e7:f5:
         47:d6:4c:46:5d:f9:58:bb:7b:a3:f5:d1:45:ad:87:5f:2e:e9:
         53:35:d6:2d:1c:b7:07:f1:ba:bb:82:ca:40:c1:de:43:a4:f1:
         d5:ad:0d:ca
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICKMUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMzA5MDEx
MDA1NDRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDBCNTk1MzhEN0Y1RTQz
RjczRjk4QzJFNzNERDJEMTBDRENGNTU0RkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFrjKpygGdZT0UBG7KwyO66yyukT7pmp0+UC6Lq8rtnxX6A5dc
ovjFACv0XEADFMHfUzB5d4Zhkq5SQ0nXQ6o1skkS+GPDMrc01werq/YcwZKt7k9t
j+1d6UEllWM2ymwdw8RlVvOXS3uN94/F96g90+KT7QSzdUZshmgb76FQ/zHQmkGP
CGpPawgFq31ns1tsA09u0Az3iyz88pU7ajbxQ/V3cbK5/TCxc9putj0akmUmleWY
V89oKvChLE/iKQeTLmiCbD0g6GH6JLFgEQ3hGUqm1IrPL62lekJqqS/B+TFD5MS2
vcb7kGefQmkKH/Yj5TJsIJdZ1hgaJZbj8mjXAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUC1lTjX9eQ/c/mMLnPdLRDNz1VP8wHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL0MxbFRqWDllUV9jX21NTG5Q
ZExSRE56MVZQOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgABMAcDBQZ7
wswAMA0GCSqGSIb3DQEBCwUAA4IBAQCDcmSkB52wGAb6qVWxD8APuv0X0193dopZ
VRW1bdm8XIXlhcl045R3rEzH93TE+4j8ytMPsJq4sC6hlOcezBIRDUz9SaVH74sW
94EWtIHb9wgngYP9iTSn9fjmvMkkck1KD3mzNMrNIfKcsT5q1Ui8+dtGPtSX+YAf
IFwNgTPh1KxKzegmlcwCd2nWaS8zufiQxXeL+9UHttgxcxQYk7WHbDt6fF+ODFF1
H7q8nQxt/EpyHQr7M9QF5DlCllXpXuk0Iy+F74EkVvRenhLRlhhXGo7dRAH95/VH
1kxGXflYu3uj9dFFrYdfLulTNdYtHLcH8bq7gspAwd5DpPHVrQ3K
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:17 2024 by rpki-client on console-ams.rpki-client.org