Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/hw9nqVsmVl7hUCdDTnryta-7pKg.roa
File:                     hw9nqVsmVl7hUCdDTnryta-7pKg.roa (raw, json)
Hash identifier:          nWANXMNN8Nlp1NdnQUBiL4WLkvre6kRGorZqTR1tqyk=
Subject key identifier:   87:0F:67:A9:5B:26:56:5E:E1:50:27:43:4E:7A:F2:B5:AF:BB:A4:A8
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       29B5
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/hw9nqVsmVl7hUCdDTnryta-7pKg.roa
Signing time:             Fri 01 Sep 2023 10:06:58 +0000
ROA not before:           Fri 01 Sep 2023 10:06:58 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     38841
IP address blocks:        123.194.176.0/21 maxlen: 21

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10677 (0x29b5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Sep  1 10:06:58 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=870F67A95B26565EE15027434E7AF2B5AFBBA4A8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:0c:c4:38:ea:a0:d0:88:2d:40:04:16:c7:cd:
                    9f:af:3e:f0:43:f6:ca:dc:77:15:b5:f5:ff:dd:38:
                    87:c6:b3:c2:84:0a:df:5f:22:fa:83:18:df:bb:a3:
                    cb:5b:37:5c:40:d1:73:65:b1:8d:ce:5c:89:53:07:
                    4b:6e:58:56:0d:6e:2c:c7:9a:b4:1a:62:74:e7:ef:
                    c4:46:e2:cd:fa:6b:0c:e8:4b:55:a6:2d:e1:a4:56:
                    f8:50:7b:a3:77:c8:ba:97:fc:ba:43:d6:a3:a6:e9:
                    f2:6c:a2:80:34:22:d7:b5:c1:bc:93:eb:cc:0b:64:
                    ef:25:4e:f8:50:a3:51:bb:07:98:1c:94:ae:f4:b4:
                    2a:ef:f6:85:0e:ba:93:ea:ef:06:ac:ba:92:b0:04:
                    3b:fe:92:45:c3:5f:f1:c9:5c:8c:94:f0:1b:a3:b1:
                    65:df:ec:05:22:c4:ff:5f:50:c5:44:63:70:6c:9f:
                    a0:b5:b4:16:8a:03:4c:85:d2:85:bb:6e:17:b4:9c:
                    a9:17:c9:00:03:f4:9d:bd:3a:ca:7d:17:15:4e:d4:
                    1c:c7:80:c9:77:9f:ff:8b:41:63:fd:1e:54:d1:67:
                    7a:34:f8:d2:98:e6:0e:bd:d8:43:2d:5b:74:14:7d:
                    c7:70:58:03:a8:3c:cf:66:63:1c:b7:c2:4b:4b:90:
                    3f:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:0F:67:A9:5B:26:56:5E:E1:50:27:43:4E:7A:F2:B5:AF:BB:A4:A8
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/hw9nqVsmVl7hUCdDTnryta-7pKg.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.194.176.0/21

    Signature Algorithm: sha256WithRSAEncryption
         22:9a:e5:e0:d9:09:72:3e:bb:58:42:e7:41:78:69:4b:54:b6:
         70:9a:1b:32:23:84:9e:c2:d2:17:d8:a3:a3:21:3f:48:26:52:
         0a:02:7a:d7:1f:23:64:db:d1:37:c6:fe:8d:b6:5f:f8:55:3f:
         68:c7:6a:51:38:58:78:22:00:cf:f5:2b:0a:71:6e:b3:9e:2f:
         81:f7:2e:25:25:af:94:0d:69:18:92:ad:33:d9:a3:23:e8:72:
         25:3e:70:76:09:a7:f7:b4:c7:6e:71:2e:28:d4:d9:8a:60:03:
         63:65:76:55:30:d8:98:94:d1:21:0b:19:2f:b2:c6:93:2e:7c:
         2c:ac:e8:76:f9:ea:20:7f:a9:40:83:e1:ef:9a:8f:d0:bf:e5:
         ad:ad:22:a5:36:d2:00:13:31:36:90:49:04:5d:1d:24:58:68:
         d3:1c:d7:07:29:66:cd:46:5b:a1:6e:d5:38:1c:a4:87:72:c6:
         e2:a1:19:d5:c1:a0:a0:1c:a0:e8:b3:6b:58:34:b6:b3:9b:c7:
         5b:e8:20:2b:fb:43:f5:e4:73:0e:87:b3:27:42:02:a9:ca:a0:
         22:29:57:0c:22:bf:45:7b:4d:b4:40:4c:2c:2a:62:f7:ea:b7:
         18:20:58:f0:f0:a7:54:84:a5:92:27:ba:9c:b9:a8:78:e2:a2:
         8c:82:f5:1b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICKbUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMzA5MDEx
MDA2NThaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDg3MEY2N0E5NUIyNjU2
NUVFMTUwMjc0MzRFN0FGMkI1QUZCQkE0QTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChDMQ46qDQiC1ABBbHzZ+vPvBD9srcdxW19f/dOIfGs8KECt9f
IvqDGN+7o8tbN1xA0XNlsY3OXIlTB0tuWFYNbizHmrQaYnTn78RG4s36awzoS1Wm
LeGkVvhQe6N3yLqX/LpD1qOm6fJsooA0Ite1wbyT68wLZO8lTvhQo1G7B5gclK70
tCrv9oUOupPq7wasupKwBDv+kkXDX/HJXIyU8BujsWXf7AUixP9fUMVEY3Bsn6C1
tBaKA0yF0oW7bhe0nKkXyQAD9J29Osp9FxVO1BzHgMl3n/+LQWP9HlTRZ3o0+NKY
5g692EMtW3QUfcdwWAOoPM9mYxy3wktLkD//AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUhw9nqVsmVl7hUCdDTnryta+7pKgwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL2h3OW5xVnNtVmw3aFVDZERU
bnJ5dGEtN3BLZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN7
wrAwDQYJKoZIhvcNAQELBQADggEBACKa5eDZCXI+u1hC50F4aUtUtnCaGzIjhJ7C
0hfYo6MhP0gmUgoCetcfI2Tb0TfG/o22X/hVP2jHalE4WHgiAM/1KwpxbrOeL4H3
LiUlr5QNaRiSrTPZoyPociU+cHYJp/e0x25xLijU2YpgA2NldlUw2JiU0SELGS+y
xpMufCys6Hb56iB/qUCD4e+aj9C/5a2tIqU20gATMTaQSQRdHSRYaNMc1wcpZs1G
W6Fu1TgcpIdyxuKhGdXBoKAcoOiza1g0trObx1voICv7Q/Xkcw6HsydCAqnKoCIp
Vwwiv0V7TbRATCwqYvfqtxggWPDwp1SEpZInupy5qHjiooyC9Rs=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:19 2024 by rpki-client on console-ams.rpki-client.org