Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/td-HLjMgcdXtg4JkKhNaao2UNCo.roa
File:                     td-HLjMgcdXtg4JkKhNaao2UNCo.roa (raw, json)
Hash identifier:          Phojs9Eiq5ZkS5Ir82qvV/LLTrq2wemwt/bMG5fl4JE=
Subject key identifier:   B5:DF:87:2E:33:20:71:D5:ED:83:82:64:2A:13:5A:6A:8D:94:34:2A
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       28D9
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/td-HLjMgcdXtg4JkKhNaao2UNCo.roa
Signing time:             Fri 01 Sep 2023 10:05:49 +0000
ROA not before:           Fri 01 Sep 2023 10:05:49 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     38841
IP address blocks:        106.1.47.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10457 (0x28d9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Sep  1 10:05:49 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=B5DF872E332071D5ED8382642A135A6A8D94342A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:c9:3e:57:be:2c:42:4a:72:2e:f2:a9:8e:fb:
                    c7:ed:f5:c3:d2:4d:62:d8:63:33:f4:68:5c:df:06:
                    72:6e:f8:16:11:8d:cf:9f:ac:ad:57:4e:da:cb:f6:
                    5d:46:a4:d3:41:c6:da:49:59:f1:96:bf:75:70:d4:
                    b5:4f:29:b3:b9:d9:89:03:73:af:7c:1c:dc:51:b3:
                    30:36:2a:ae:0e:86:65:e0:9a:bc:94:21:d7:42:2c:
                    d9:b8:7e:30:b1:ca:ed:ce:61:72:62:a9:06:4c:4e:
                    8e:ce:e1:1c:77:57:d7:3b:ec:bd:dc:6c:87:8b:0e:
                    e7:39:86:5f:c5:ca:d1:7f:a6:a7:e8:74:90:df:6e:
                    89:3f:57:01:db:fa:94:3f:cc:f1:df:00:b1:0e:e2:
                    41:6c:ec:1d:a4:ce:43:78:c7:5d:20:f2:6a:a5:7f:
                    88:7a:f0:e6:6e:b6:95:8a:42:5a:96:ef:dd:4f:b2:
                    da:df:ca:42:46:57:d0:75:cc:55:fd:4a:ea:48:79:
                    1a:96:5a:06:7e:d5:9a:7c:b3:81:bf:ed:ee:0b:db:
                    1f:47:1e:3f:3f:ae:91:a6:31:cc:db:71:c1:27:c9:
                    8e:84:01:99:f4:2a:f9:32:1e:af:39:3c:2a:22:f2:
                    04:ea:fe:a7:5a:df:ca:0b:53:6d:95:9d:e0:49:39:
                    72:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:DF:87:2E:33:20:71:D5:ED:83:82:64:2A:13:5A:6A:8D:94:34:2A
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/td-HLjMgcdXtg4JkKhNaao2UNCo.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  106.1.47.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:4e:e5:29:56:b9:41:1a:4d:3f:30:1e:b1:28:f8:80:68:1a:
         01:e7:f4:c1:89:b0:e2:70:d7:45:e5:56:2e:08:d7:d3:08:95:
         37:1e:b8:ef:43:44:47:5b:89:1a:f7:01:3e:82:56:b6:72:17:
         ac:cc:97:fd:44:5b:2b:16:23:c8:6e:f6:e3:29:79:95:8c:9a:
         5e:fa:86:98:87:bd:b6:42:63:c3:55:ac:ba:04:7c:88:74:e4:
         40:1c:b0:10:01:d9:6f:f4:7e:5a:cc:ad:f2:f3:f0:7b:2e:d4:
         b4:8e:b6:62:a9:8b:8c:0b:0c:9c:cf:61:db:23:c7:ea:a1:59:
         68:da:3d:58:8a:be:9a:a5:70:cc:d9:93:2a:7c:7e:71:7a:6b:
         8d:01:73:10:73:41:39:dc:f4:d1:11:a0:31:a0:ef:ec:a9:d7:
         fc:82:0a:11:b1:18:8c:cf:eb:35:a6:e9:55:cf:99:df:9b:6a:
         25:cf:04:cd:ae:5d:96:88:4f:a7:48:3b:f1:52:b1:e5:f1:78:
         57:27:92:1a:ed:d3:4a:05:e7:e4:2a:bf:8d:49:bd:24:80:1a:
         9d:ac:74:f3:1f:6f:4f:7a:99:31:d7:e1:86:13:46:4c:b6:4b:
         00:95:93:6b:5c:a9:6f:5e:62:07:10:50:72:6f:a7:9d:b4:bf:
         55:e9:dd:b4
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICKNkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMzA5MDEx
MDA1NDlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEI1REY4NzJFMzMyMDcx
RDVFRDgzODI2NDJBMTM1QTZBOEQ5NDM0MkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCyT5XvixCSnIu8qmO+8ft9cPSTWLYYzP0aFzfBnJu+BYRjc+f
rK1XTtrL9l1GpNNBxtpJWfGWv3Vw1LVPKbO52YkDc698HNxRszA2Kq4OhmXgmryU
IddCLNm4fjCxyu3OYXJiqQZMTo7O4Rx3V9c77L3cbIeLDuc5hl/FytF/pqfodJDf
bok/VwHb+pQ/zPHfALEO4kFs7B2kzkN4x10g8mqlf4h68OZutpWKQlqW791Pstrf
ykJGV9B1zFX9SupIeRqWWgZ+1Zp8s4G/7e4L2x9HHj8/rpGmMczbccEnyY6EAZn0
KvkyHq85PCoi8gTq/qda38oLU22VneBJOXKJAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUtd+HLjMgcdXtg4JkKhNaao2UNCowHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL3RkLUhMak1nY2RYdGc0SmtL
aE5hYW8yVU5Dby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABq
AS8wDQYJKoZIhvcNAQELBQADggEBAGZO5SlWuUEaTT8wHrEo+IBoGgHn9MGJsOJw
10XlVi4I19MIlTceuO9DREdbiRr3AT6CVrZyF6zMl/1EWysWI8hu9uMpeZWMml76
hpiHvbZCY8NVrLoEfIh05EAcsBAB2W/0flrMrfLz8Hsu1LSOtmKpi4wLDJzPYdsj
x+qhWWjaPViKvpqlcMzZkyp8fnF6a40BcxBzQTnc9NERoDGg7+yp1/yCChGxGIzP
6zWm6VXPmd+baiXPBM2uXZaIT6dIO/FSseXxeFcnkhrt00oF5+Qqv41JvSSAGp2s
dPMfb096mTHX4YYTRky2SwCVk2tcqW9eYgcQUHJvp520v1Xp3bQ=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:26 2024 by rpki-client on console-fra.rpki-client.org